Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
File: 35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa (raw, json)
Hash identifier: yuM3tnBxTtYoLhh2tBHAZlf2drK8Gcr5tXuAL4hv9xM=
Subject key identifier: 82:D9:63:C1:51:2D:71:5F:CB:EC:B1:BC:67:50:A2:48:9E:DE:02:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49790E859821F3202DE25BD4EAA43BEE06B5C6C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
Signing time: Fri 25 Apr 2025 18:21:09 +0000
ROA not before: Fri 25 Apr 2025 18:21:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:79:0e:85:98:21:f3:20:2d:e2:5b:d4:ea:a4:3b:ee:06:b5:c6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:21:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9449fb4d884d2ac7641d88a638ce50bffbed1f56386cbc918e987fd1f7968ad6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:18:64:99:3b:53:16:9f:6a:c0:3f:59:fa:bd:
1a:57:69:2e:7c:2e:0e:75:fe:1d:ff:0e:a0:20:2a:
25:aa:ea:19:16:ee:6b:d8:03:c7:ae:ff:c3:33:a0:
f5:8b:57:00:f4:56:90:5b:5e:e5:5f:e6:f6:63:1b:
c6:66:9e:de:7c:0c:76:ec:b6:16:a3:93:8e:50:79:
92:c9:d8:ea:d8:aa:a0:e9:d5:3f:6b:45:c0:ea:dc:
7a:0d:98:24:eb:e0:f5:ee:e6:f3:b0:3a:95:b2:ff:
f7:fc:2e:b7:26:fe:fa:7b:36:84:96:f7:68:a6:ef:
f6:fb:8d:24:3c:04:2b:b1:5c:ab:3d:a4:f5:eb:61:
13:62:88:2c:b5:1e:ed:8e:db:9e:85:02:d2:0a:fc:
9d:14:73:b2:a4:34:77:0f:43:68:8f:2b:9b:e0:ec:
be:69:74:8c:ae:88:48:be:7e:f2:db:96:ab:a8:af:
be:2b:37:68:70:2c:93:34:2f:27:54:a8:0c:28:78:
3f:85:00:e8:af:64:00:ba:0b:9c:bc:cf:43:5c:48:
ba:f4:59:34:fb:3d:90:70:f0:7c:79:76:fa:3c:42:
59:4f:3e:95:8d:82:00:59:f6:6d:9b:c8:29:10:6d:
7c:3a:50:55:79:0c:d0:a0:8d:2e:6a:fb:31:8a:91:
e4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D9:63:C1:51:2D:71:5F:CB:EC:B1:BC:67:50:A2:48:9E:DE:02:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
75:1d:cb:a2:b7:5c:80:d6:25:fb:f2:1e:7a:1f:d3:06:b8:1f:
34:ae:23:a5:63:04:b0:c4:9d:8f:29:ac:ed:c8:5b:db:1d:32:
ad:77:5d:29:85:2f:a4:70:b2:37:9c:15:ff:ad:94:2e:8a:4c:
c5:34:73:9d:b4:53:88:98:77:9e:56:36:df:a9:30:a5:f9:83:
3c:9d:f1:83:58:89:6a:5f:c2:75:c9:04:90:09:37:02:35:37:
32:05:8a:9b:2d:1b:3f:4f:9a:dc:46:3c:4a:13:86:e4:43:29:
2e:9c:de:4f:e6:60:61:2e:df:f2:a9:47:74:65:7d:0b:d6:20:
29:7d:8b:f7:86:32:bd:8a:f2:b3:31:d6:98:bf:cb:6e:f7:54:
24:7f:a3:68:c4:5f:33:93:55:9c:d4:b1:e5:c4:72:0a:95:0d:
77:ea:25:93:24:10:ed:73:a4:0a:14:15:14:e1:15:b5:93:1c:
ac:13:07:0a:02:b7:f6:cd:e8:d3:e5:df:07:7e:e9:27:a9:05:
9b:e8:45:09:e1:ab:cf:6f:70:e5:a0:87:b8:f3:0d:f4:90:dd:
22:d9:7d:41:10:a1:5b:e1:1b:00:fc:6c:f1:a8:5c:b5:59:f8:
8d:6f:d3:46:0c:37:1b:d4:31:3e:7b:d6:a4:4d:3a:6b:38:ae:
8b:c7:c5:d0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSXkOhZgh8yAt4lvU6qQ77ga1xsEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIxMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0NDlmYjRkODg0ZDJhYzc2NDFkODhhNjM4Y2U1MGJmZmJlZDFmNTYzODZj
YmM5MThlOTg3ZmQxZjc5NjhhZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwYZJk7UxafasA/Wfq9GldpLnwuDnX+Hf8OoCAqJarqGRbua9gDx67/wzOg
9YtXAPRWkFte5V/m9mMbxmae3nwMduy2FqOTjlB5ksnY6tiqoOnVP2tFwOrceg2Y
JOvg9e7m87A6lbL/9/wutyb++ns2hJb3aKbv9vuNJDwEK7Fcqz2k9ethE2KILLUe
7Y7bnoUC0gr8nRRzsqQ0dw9DaI8rm+Dsvml0jK6ISL5+8tuWq6ivvis3aHAskzQv
J1SoDCh4P4UA6K9kALoLnLzPQ1xIuvRZNPs9kHDwfHl2+jxCWU8+lY2CAFn2bZvI
KRBtfDpQVXkM0KCNLmr7MYqR5DECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSC2WPB
US1xX8vssbxnUKJInt4CDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhZTBhYTEtYmI0Zi00OGQzLTk5MjYtMWU1ODUyZDU0YzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
oDANBgkqhkiG9w0BAQsFAAOCAQEAdR3LordcgNYl+/Ieeh/TBrgfNK4jpWMEsMSd
jyms7chb2x0yrXddKYUvpHCyN5wV/62ULopMxTRznbRTiJh3nlY236kwpfmDPJ3x
g1iJal/CdckEkAk3AjU3MgWKmy0bP0+a3EY8ShOG5EMpLpzeT+ZgYS7f8qlHdGV9
C9YgKX2L94YyvYryszHWmL/LbvdUJH+jaMRfM5NVnNSx5cRyCpUNd+olkyQQ7XOk
ChQVFOEVtZMcrBMHCgK39s3o0+XfB37pJ6kFm+hFCeGrz29w5aCHuPMN9JDdItl9
QRChW+EbAPxs8ahctVn4jW/TRgw3G9QxPnvWpE06aziui8fF0A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:16 2025 by rpki-client