Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/238151b8-1527-4e3f-a1d3-da02d03534a8.roa
File: 238151b8-1527-4e3f-a1d3-da02d03534a8.roa (raw, json)
Hash identifier: dbt4B2NhFSoTHIM+u0uZ+L9nXtEOqzbhnvEf5ZeUlM0=
Subject key identifier: 05:57:4F:6F:8C:16:F3:6F:A4:2D:96:B4:A9:2B:8A:6B:F7:AF:60:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CD13AE680D892985729A426E42B0221217516FA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/238151b8-1527-4e3f-a1d3-da02d03534a8.roa
Signing time: Fri 25 Apr 2025 18:50:46 +0000
ROA not before: Fri 25 Apr 2025 18:50:46 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:d1:3a:e6:80:d8:92:98:57:29:a4:26:e4:2b:02:21:21:75:16:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:46 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=861c7add8b26a204636a319ef33d6913063ea4456b16ca6a7ec24581b47a347e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6b:0c:0c:3b:07:73:cc:e7:ea:32:90:d9:df:
7f:e4:43:36:25:f0:05:bb:84:c3:01:4e:97:35:c5:
eb:69:9f:79:39:28:eb:1a:b5:ed:5f:f5:e2:19:29:
ce:8d:a7:b0:99:39:8d:a8:ff:d5:7d:31:b5:6e:00:
cd:47:fb:9a:42:52:b2:cc:2a:b8:eb:76:57:2b:60:
0b:15:1e:69:21:6b:30:70:57:5c:ed:21:c7:8d:67:
c4:f8:c9:e0:ee:6f:d4:1a:0a:4c:c8:32:8b:22:78:
4e:83:05:fa:b3:55:6b:40:4f:50:03:52:cd:2b:4a:
1a:13:57:f2:b9:8d:c8:5e:93:e0:d6:cf:4d:9b:d1:
d2:45:bd:ab:6a:79:9f:84:b1:92:1e:62:2d:63:ec:
57:05:d8:28:5b:73:67:ce:fb:fc:be:64:90:c9:76:
0c:c2:e7:3a:40:85:ab:6d:af:81:ec:84:0e:4a:27:
b5:ce:48:0d:de:ed:0a:e7:28:2e:c1:f6:6f:e0:d8:
5f:33:a2:7d:e9:c2:96:00:74:a5:80:79:6d:34:37:
50:c9:8b:44:4a:1f:3f:a4:ed:3b:dd:9c:89:6d:f9:
98:7f:a9:e0:18:4a:81:e8:b1:d7:cc:0f:9f:82:39:
d2:2c:83:2c:e8:b4:a4:b5:6f:a0:44:9d:d5:3b:1c:
9d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:57:4F:6F:8C:16:F3:6F:A4:2D:96:B4:A9:2B:8A:6B:F7:AF:60:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/238151b8-1527-4e3f-a1d3-da02d03534a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
c0:a6:8b:e6:34:18:a0:4f:af:14:78:a7:6e:4a:2f:42:2d:0b:
ca:79:82:88:69:0c:6e:8f:36:00:16:83:84:38:51:c1:8f:17:
fa:f4:f6:8f:e7:cd:8d:84:d6:99:bd:aa:bc:fc:37:1e:43:eb:
e8:82:80:6a:bd:d4:c3:19:0d:cb:6b:c7:fd:9f:01:f7:b4:e8:
16:88:14:18:ae:c0:de:0c:a0:22:3a:72:90:5e:2a:59:34:74:
c5:85:e7:a2:81:16:bb:cc:79:95:b4:b6:fe:07:b2:05:05:1e:
ee:d8:37:12:de:81:9f:0b:e0:84:eb:06:a8:68:6d:26:1f:78:
25:6f:26:3d:fa:d9:7a:58:c4:2f:91:34:a3:ff:21:79:83:5e:
e6:d1:51:c2:c3:cd:3d:da:eb:f7:0c:42:46:f8:76:48:85:7f:
e2:86:34:c4:8c:7b:d2:e4:1d:1f:cd:fe:a8:be:e0:86:db:7d:
5f:93:4c:7e:c5:c8:d4:54:bd:40:13:34:53:5f:ef:1b:ca:86:
c4:d5:fa:c7:fb:ef:43:ac:0c:b0:77:48:01:9d:91:c0:a1:70:
bf:9e:d6:7d:65:5b:07:ff:27:52:e5:bb:59:03:bf:2d:91:c5:
a1:1e:ce:13:6b:4c:88:3d:73:4a:a0:12:f5:3d:73:89:ed:37:
f2:e1:36:72
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfNE65oDYkphXKaQm5CsCISF1FvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwNDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MWM3YWRkOGIyNmEyMDQ2MzZhMzE5ZWYzM2Q2OTEzMDYzZWE0NDU2YjE2
Y2E2YTdlYzI0NTgxYjQ3YTM0N2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALprDAw7B3PM5+oykNnff+RDNiXwBbuEwwFOlzXF62mfeTko6xq17V/14hkp
zo2nsJk5jaj/1X0xtW4AzUf7mkJSsswquOt2VytgCxUeaSFrMHBXXO0hx41nxPjJ
4O5v1BoKTMgyiyJ4ToMF+rNVa0BPUANSzStKGhNX8rmNyF6T4NbPTZvR0kW9q2p5
n4Sxkh5iLWPsVwXYKFtzZ877/L5kkMl2DMLnOkCFq22vgeyEDkontc5IDd7tCuco
LsH2b+DYXzOifenClgB0pYB5bTQ3UMmLREofP6TtO92ciW35mH+p4BhKgeix18wP
n4I50iyDLOi0pLVvoESd1TscnZsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQFV09v
jBbzb6QtlrSpK4pr969g5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjM4MTUxYjgtMTUyNy00ZTNmLWExZDMtZGEwMmQwMzUzNGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAwKaL5jQYoE+vFHinbkovQi0LynmCiGkMbo82
ABaDhDhRwY8X+vT2j+fNjYTWmb2qvPw3HkPr6IKAar3UwxkNy2vH/Z8B97ToFogU
GK7A3gygIjpykF4qWTR0xYXnooEWu8x5lbS2/geyBQUe7tg3Et6BnwvghOsGqGht
Jh94JW8mPfrZeljEL5E0o/8heYNe5tFRwsPNPdrr9wxCRvh2SIV/4oY0xIx70uQd
H83+qL7ghtt9X5NMfsXI1FS9QBM0U1/vG8qGxNX6x/vvQ6wMsHdIAZ2RwKFwv57W
fWVbB/8nUuW7WQO/LZHFoR7OE2tMiD1zSqAS9T1zie038uE2cg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:17 2025 by rpki-client