Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
File: 3bde61a2-7506-48c2-8365-3447411d858e.roa (raw, json)
Hash identifier: E3TC15fa21841A9h2klc5d7FeiSkxChSADFIStrfLZE=
Subject key identifier: 1A:B4:E4:4F:15:42:B9:C5:4B:2D:EC:20:D6:21:5E:2F:3F:EF:CE:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 321E65EA3D7CF44C163F0EE8EB3DD3234D04F340
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
Signing time: Fri 25 Apr 2025 20:00:18 +0000
ROA not before: Fri 25 Apr 2025 20:00:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:1e:65:ea:3d:7c:f4:4c:16:3f:0e:e8:eb:3d:d3:23:4d:04:f3:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:00:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7b7e432edb45acbd6d90023ef8f023553b1f6ed93ec1b41e1953f82e056ab728, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3a:ef:ca:15:ea:79:46:0b:ed:8d:e8:fb:6d:
a5:c3:7f:c9:78:4f:25:27:29:eb:33:51:66:8c:1d:
6b:a1:f5:7e:3b:0c:e4:66:86:76:66:1d:c0:35:f1:
b7:d8:52:35:3d:e6:d7:0d:af:39:f8:0e:30:1e:82:
de:ed:5e:2a:31:3f:df:40:74:8e:4b:c4:8d:a4:86:
0f:e9:20:9f:ec:41:58:80:90:10:2b:40:5c:25:0c:
a1:36:d9:7c:3f:6f:e7:ab:4b:2f:29:a5:a9:f9:cd:
bc:0f:0c:04:63:47:46:3c:98:e1:d8:95:27:59:71:
9a:af:73:b0:55:c0:1e:31:7c:a4:c3:2c:18:b9:37:
5e:e4:69:a7:c2:d1:c6:bc:a5:3e:c6:80:a7:41:b2:
ed:3d:bd:1c:24:8d:20:d7:ae:16:5b:12:66:7d:b9:
49:1e:bc:6b:41:18:9b:d0:f8:e7:84:90:cb:d4:9b:
56:35:a3:31:5b:1c:7c:a2:df:d1:20:34:75:dc:a8:
40:e0:c4:31:53:2e:79:b7:77:48:1a:70:cc:bc:ce:
71:df:94:c6:dd:03:0a:bd:7a:c5:3f:42:c4:23:ab:
e8:7c:89:a5:57:bf:ef:f3:e0:49:e0:00:f4:7f:f0:
90:35:4b:34:e7:2c:b6:60:ed:0b:f0:2a:8b:b5:92:
a4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B4:E4:4F:15:42:B9:C5:4B:2D:EC:20:D6:21:5E:2F:3F:EF:CE:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:5000::/40
Signature Algorithm: sha256WithRSAEncryption
8d:e5:35:69:90:0f:b8:b0:13:41:53:c0:d6:ca:6d:c9:59:2f:
ec:3e:bc:f5:92:72:c3:58:a0:83:a1:92:be:fc:32:56:58:c9:
c7:ce:c4:e7:d3:3c:16:29:7c:3c:fa:63:39:5d:2a:6a:98:71:
60:19:14:a7:ee:bc:79:16:99:d3:14:7d:20:f0:fc:7f:32:e1:
1c:f1:b4:f3:ea:d4:40:3a:cc:de:6f:02:12:2e:1a:58:20:62:
59:94:9d:00:8f:00:44:df:1c:79:a4:99:8c:d3:0b:4f:40:5d:
8e:4b:72:45:c0:1d:ec:40:32:ca:e0:35:f3:fe:c8:5d:c6:18:
b5:0d:46:94:7f:03:16:cb:d1:0d:bb:59:ed:50:63:1e:64:93:
e1:e4:33:66:0d:ce:f7:7a:cb:98:56:32:01:32:50:35:f2:94:
70:61:78:42:f4:84:f2:13:85:c6:39:25:d1:fe:6c:c8:ea:1d:
64:2c:cf:b6:6f:76:0c:1d:50:16:c7:8a:92:3e:4d:4b:e1:66:
86:2f:02:14:7f:b7:45:76:5b:8a:eb:79:97:41:3a:3d:0e:9c:
98:da:ac:99:57:0d:9b:23:14:8a:2d:18:2b:15:0c:f0:a3:00:
7f:43:ae:3d:c6:5d:dc:27:72:ae:4c:a9:68:cf:c8:fd:c0:37:
f1:89:1f:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMh5l6j189EwWPw7o6z3TI00E80AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAwMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiN2U0MzJlZGI0NWFjYmQ2ZDkwMDIzZWY4ZjAyMzU1M2IxZjZlZDkzZWMx
YjQxZTE5NTNmODJlMDU2YWI3MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANk678oV6nlGC+2N6PttpcN/yXhPJScp6zNRZowda6H1fjsM5GaGdmYdwDXx
t9hSNT3m1w2vOfgOMB6C3u1eKjE/30B0jkvEjaSGD+kgn+xBWICQECtAXCUMoTbZ
fD9v56tLLymlqfnNvA8MBGNHRjyY4diVJ1lxmq9zsFXAHjF8pMMsGLk3XuRpp8LR
xrylPsaAp0Gy7T29HCSNINeuFlsSZn25SR68a0EYm9D454SQy9SbVjWjMVscfKLf
0SA0ddyoQODEMVMuebd3SBpwzLzOcd+Uxt0DCr16xT9CxCOr6HyJpVe/7/PgSeAA
9H/wkDVLNOcstmDtC/Aqi7WSpMMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQatORP
FUK5xUst7CDWIV4vP+/O1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JkZTYxYTItNzUwNi00OGMyLTgzNjUtMzQ0NzQxMWQ4NThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCN5TVpkA+4sBNBU8DWym3JWS/sPrz1knLDWKCD
oZK+/DJWWMnHzsTn0zwWKXw8+mM5XSpqmHFgGRSn7rx5FpnTFH0g8Px/MuEc8bTz
6tRAOszebwISLhpYIGJZlJ0AjwBE3xx5pJmM0wtPQF2OS3JFwB3sQDLK4DXz/shd
xhi1DUaUfwMWy9ENu1ntUGMeZJPh5DNmDc73esuYVjIBMlA18pRwYXhC9ITyE4XG
OSXR/mzI6h1kLM+2b3YMHVAWx4qSPk1L4WaGLwIUf7dFdluK63mXQTo9DpyY2qyZ
Vw2bIxSKLRgrFQzwowB/Q649xl3cJ3KuTKloz8j9wDfxiR/K
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:09 2025 by rpki-client