Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
File: 288fb7c1-6c49-475a-9dd0-2637b4e09492.roa (raw, json)
Hash identifier: VE32UtrlYr3cLBkzhtgIUBOFW+dYvPR8i1KSS8hgZrE=
Subject key identifier: 23:97:65:F3:E7:97:6C:27:46:83:6E:44:64:6F:D2:37:45:5F:82:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22EC0922C0B0159EB23B0A345B1778655E2A186A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
Signing time: Fri 25 Apr 2025 20:10:20 +0000
ROA not before: Fri 25 Apr 2025 20:10:20 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:ec:09:22:c0:b0:15:9e:b2:3b:0a:34:5b:17:78:65:5e:2a:18:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:20 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=662317c5ee20ee4654e5c571ea1b6fa1470cb8ae984e59930f2bfc8a8f8f1289, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7e:8d:39:66:79:fd:6b:da:54:f7:f8:b7:50:
e8:d9:91:0d:fc:5e:03:53:32:c8:f4:d7:9f:6c:7b:
4b:b3:9b:a1:c7:13:29:7b:62:41:97:ff:fa:ac:7b:
2e:f4:7b:f1:dc:97:07:56:ba:f8:b1:fb:d0:04:0b:
13:06:5c:aa:2f:b9:ef:6f:45:68:e5:39:f0:dd:c6:
65:af:38:bf:fc:64:c1:0a:37:89:87:70:62:32:b8:
6b:d7:62:d9:df:1f:d2:84:70:92:e1:e2:95:14:4f:
b4:29:b7:d2:54:75:81:3f:1c:a3:aa:25:19:02:ef:
65:66:51:3c:0b:1d:59:6c:e3:10:97:2e:41:91:b1:
f2:0b:be:d0:a6:dc:eb:7f:d3:c5:78:d3:78:2f:63:
49:f9:f7:eb:a3:fb:24:91:db:fb:6a:0a:43:55:dc:
14:a4:bf:82:a6:6f:cd:bf:ec:b1:68:90:0f:36:a9:
77:ad:74:82:c0:91:24:71:e4:70:08:ab:20:1d:cd:
61:29:54:3a:2c:d2:c3:9b:e0:8a:32:ed:ca:7d:ca:
a5:b9:98:40:ca:98:89:b8:bc:37:ac:67:36:2e:91:
86:8d:2a:e2:57:1f:9d:bd:5b:05:0c:19:13:d2:ca:
4f:c9:af:45:87:96:1d:8b:09:c7:d1:82:89:e4:42:
56:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:97:65:F3:E7:97:6C:27:46:83:6E:44:64:6F:D2:37:45:5F:82:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:400::/38
Signature Algorithm: sha256WithRSAEncryption
4c:0e:67:7e:c6:43:7c:c9:3f:a2:d5:c9:65:5d:21:a8:da:2f:
8d:e4:d0:ad:ab:33:6e:36:cd:64:59:9e:75:3b:99:05:23:17:
50:da:8c:da:7b:e3:22:f9:e3:b9:07:9d:52:9b:f5:db:fd:6e:
0b:f7:17:c8:9f:d4:30:d9:b3:07:3a:5e:b0:b8:14:f6:8a:c6:
2d:da:57:54:19:f7:00:4f:3c:20:51:81:7f:2e:79:65:4d:84:
d3:bd:f1:f9:04:15:5b:72:56:7b:ed:c7:50:c5:fb:12:4e:c1:
f3:be:d9:ba:16:35:a8:e4:76:03:d0:73:bb:97:ec:6e:92:ae:
1f:58:ee:cc:c6:42:79:fb:6f:fe:d0:e4:bf:90:c4:49:78:7b:
a8:cd:71:ce:5a:d5:e1:53:a6:5d:62:38:dd:4d:2c:50:88:07:
d8:a5:fb:ee:1a:99:5d:15:39:10:5f:ff:9f:4b:c6:cb:fd:fa:
96:b7:d6:7d:e5:39:3d:80:3a:c2:48:3f:e4:e4:a2:5e:97:94:
57:6c:b3:d6:96:13:37:a3:8f:31:59:6f:62:24:8f:06:31:76:
33:0c:cc:34:33:88:3a:f3:a6:55:c4:03:a3:ca:24:29:dc:ca:
a0:fb:62:0d:94:79:ab:67:57:84:01:91:b1:bf:f2:cc:91:52:
47:56:c6:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIuwJIsCwFZ6yOwo0Wxd4ZV4qGGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwMjBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2MjMxN2M1ZWUyMGVlNDY1NGU1YzU3MWVhMWI2ZmExNDcwY2I4YWU5ODRl
NTk5MzBmMmJmYzhhOGY4ZjEyODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI9+jTlmef1r2lT3+LdQ6NmRDfxeA1MyyPTXn2x7S7OboccTKXtiQZf/+qx7
LvR78dyXB1a6+LH70AQLEwZcqi+5729FaOU58N3GZa84v/xkwQo3iYdwYjK4a9di
2d8f0oRwkuHilRRPtCm30lR1gT8co6olGQLvZWZRPAsdWWzjEJcuQZGx8gu+0Kbc
63/TxXjTeC9jSfn366P7JJHb+2oKQ1XcFKS/gqZvzb/ssWiQDzapd610gsCRJHHk
cAirIB3NYSlUOizSw5vgijLtyn3KpbmYQMqYibi8N6xnNi6Rho0q4lcfnb1bBQwZ
E9LKT8mvRYeWHYsJx9GCieRCVv8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQjl2Xz
55dsJ0aDbkRkb9I3RV+C5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg4ZmI3YzEtNmM0OS00NzVhLTlkZDAtMjYzN2I0ZTA5NDkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4E
MA0GCSqGSIb3DQEBCwUAA4IBAQBMDmd+xkN8yT+i1cllXSGo2i+N5NCtqzNuNs1k
WZ51O5kFIxdQ2ozae+Mi+eO5B51Sm/Xb/W4L9xfIn9Qw2bMHOl6wuBT2isYt2ldU
GfcATzwgUYF/LnllTYTTvfH5BBVbclZ77cdQxfsSTsHzvtm6FjWo5HYD0HO7l+xu
kq4fWO7MxkJ5+2/+0OS/kMRJeHuozXHOWtXhU6ZdYjjdTSxQiAfYpfvuGpldFTkQ
X/+fS8bL/fqWt9Z95Tk9gDrCSD/k5KJel5RXbLPWlhM3o48xWW9iJI8GMXYzDMw0
M4g686ZVxAOjyiQp3Mqg+2INlHmrZ1eEAZGxv/LMkVJHVsZG
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:17 2025 by rpki-client