Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
File: 2f449809-abd8-4202-adc3-ce8dd1767b62.roa (raw, json)
Hash identifier: yv9DVG18VzHCmte3UB81RSGUAY0mx5zdBaxw1YqsRcU=
Subject key identifier: 28:A8:BB:4A:7D:1B:32:D0:27:10:E3:A5:BE:C1:8C:AF:DF:24:31:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3339F92994CDDDAC3937948BA10BA7627D40EB7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
Signing time: Tue 01 Apr 2025 15:01:07 +0000
ROA not before: Tue 01 Apr 2025 15:01:07 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:39:f9:29:94:cd:dd:ac:39:37:94:8b:a1:0b:a7:62:7d:40:eb:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:01:07 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=c0bb770245f887e168ee769b92bca45ebec553ba8224a766870f5cb7e2209705, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7d:a2:5a:aa:66:34:60:92:e0:a0:0b:4d:86:
08:22:7f:31:43:58:6f:fd:d0:4a:9a:91:19:9f:a5:
06:d7:e8:41:f6:c8:20:d4:ba:9a:57:85:4d:54:5a:
d7:78:c5:07:d1:cf:b7:86:03:d9:29:51:b6:8f:44:
07:e7:f4:73:13:1c:7c:5e:d8:5a:d8:3e:f5:a7:8d:
e4:5d:e3:16:29:67:ca:84:2b:eb:c9:cb:c8:53:5c:
ab:50:9e:12:93:5d:d7:8a:06:62:62:d0:6d:12:c4:
2b:10:93:93:82:ef:b5:f3:93:f9:29:76:42:90:6c:
42:08:2d:f8:a3:22:18:f6:d6:44:d7:c2:ad:96:05:
b6:3d:67:f5:dc:73:23:3d:d0:a0:1e:b0:66:e4:f5:
14:a3:a5:46:46:b5:1a:9a:7f:a4:1e:56:a3:41:ad:
2f:e1:4e:c3:b8:35:77:9f:6a:ae:a7:d9:f4:f0:e7:
89:2c:cd:d2:c0:cf:76:d8:a0:18:cb:18:47:22:99:
b9:c8:b3:1e:b7:20:e3:4d:47:07:b1:b7:4e:f4:48:
fd:49:5b:0d:9f:9b:40:33:1a:7f:6f:7c:ed:e7:f0:
df:7c:24:30:42:39:18:05:a9:40:a0:a1:a3:6f:58:
f0:d7:82:01:16:70:62:6b:09:b4:a8:39:4c:08:54:
39:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A8:BB:4A:7D:1B:32:D0:27:10:E3:A5:BE:C1:8C:AF:DF:24:31:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2b:99:9c:00:f9:f1:07:7a:06:be:4e:8e:ae:d4:26:ca:2c:86:
3a:2c:82:58:00:be:f7:99:d1:be:d1:76:c8:2a:11:94:40:96:
d1:74:93:bb:28:9c:6d:a6:aa:72:00:8c:64:97:66:a3:3e:84:
24:24:ef:a7:49:44:16:3f:f3:22:09:94:21:10:84:79:64:07:
34:f7:27:41:d1:8d:31:08:5a:d3:b0:9e:c3:27:b5:94:59:1f:
15:bb:21:30:56:dd:63:be:c1:af:3f:c4:12:95:85:b9:4a:d4:
1e:c7:d5:07:fd:e2:d9:45:c2:2c:96:31:32:96:10:56:4d:9b:
09:b3:04:e6:71:6d:ad:b6:e6:b6:be:3d:a8:da:62:27:e6:67:
a6:01:65:75:ff:a4:4c:eb:11:e1:76:66:22:f8:4c:7b:c4:94:
69:f0:61:20:01:49:2d:4b:9e:02:f5:37:10:8c:3f:f7:3c:f5:
3d:a2:ce:53:f9:19:b9:74:75:27:7d:85:4c:5b:8f:59:56:02:
55:e6:b5:dc:7b:92:22:0d:61:c1:0a:a0:c3:d8:63:33:2b:7f:
7d:30:97:27:76:54:82:f3:53:1f:38:82:a9:29:8b:fb:99:40:
7d:a9:e2:3e:7c:eb:b7:2b:55:78:15:e8:64:4a:25:f0:d5:b6:
8e:16:95:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMzn5KZTN3aw5N5SLoQunYn1A63wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAxMDdaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwYmI3NzAyNDVmODg3ZTE2OGVlNzY5YjkyYmNhNDVlYmVjNTUzYmE4MjI0
YTc2Njg3MGY1Y2I3ZTIyMDk3MDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMN9olqqZjRgkuCgC02GCCJ/MUNYb/3QSpqRGZ+lBtfoQfbIINS6mleFTVRa
13jFB9HPt4YD2SlRto9EB+f0cxMcfF7YWtg+9aeN5F3jFilnyoQr68nLyFNcq1Ce
EpNd14oGYmLQbRLEKxCTk4LvtfOT+Sl2QpBsQggt+KMiGPbWRNfCrZYFtj1n9dxz
Iz3QoB6wZuT1FKOlRka1Gpp/pB5Wo0GtL+FOw7g1d59qrqfZ9PDniSzN0sDPdtig
GMsYRyKZucizHrcg401HB7G3TvRI/UlbDZ+bQDMaf2987efw33wkMEI5GAWpQKCh
o29Y8NeCARZwYmsJtKg5TAhUOTcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoqLtK
fRsy0CcQ46W+wYyv3yQxQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmY0NDk4MDktYWJkOC00MjAyLWFkYzMtY2U4ZGQxNzY3YjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQArmZwA+fEHega+To6u1CbKLIY6LIJYAL73mdG+
0XbIKhGUQJbRdJO7KJxtpqpyAIxkl2ajPoQkJO+nSUQWP/MiCZQhEIR5ZAc09ydB
0Y0xCFrTsJ7DJ7WUWR8VuyEwVt1jvsGvP8QSlYW5StQex9UH/eLZRcIsljEylhBW
TZsJswTmcW2ttua2vj2o2mIn5memAWV1/6RM6xHhdmYi+Ex7xJRp8GEgAUktS54C
9TcQjD/3PPU9os5T+Rm5dHUnfYVMW49ZVgJV5rXce5IiDWHBCqDD2GMzK399MJcn
dlSC81MfOIKpKYv7mUB9qeI+fOu3K1V4FehkSiXw1baOFpVE
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:17 2025 by rpki-client