Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: LOjAqRHHml2KWtM3H5eM6NHqD3S1GDMKUipraS5DjyQ=
Subject key identifier: 2C:15:94:21:BE:A9:E4:6C:D0:AD:B9:BA:B0:3C:A4:D5:71:D1:DC:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 439D5CCD92F4B37855411511C4CA2010589B15D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Fri 25 Apr 2025 19:00:54 +0000
ROA not before: Fri 25 Apr 2025 19:00:54 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:9d:5c:cd:92:f4:b3:78:55:41:15:11:c4:ca:20:10:58:9b:15:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:54 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=5b2f928e968c49e34f18bae5b2a5db84f9f3d3fc850c97decdc3d1cb1f2caef0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c8:03:cc:b2:04:66:ec:8b:5d:b4:28:bf:c2:
57:a3:ca:eb:7f:f6:a5:3d:85:3e:57:68:da:a6:29:
23:70:17:22:29:21:ec:55:f9:2f:92:02:55:79:88:
af:58:fe:61:b4:21:c7:c8:ea:43:e0:34:3d:5f:b4:
73:4b:61:b5:a8:54:b5:c4:b4:dc:ba:12:e5:40:b0:
b9:31:9c:67:4f:f0:34:a0:33:3c:e1:3e:8d:36:28:
2d:10:f2:7e:16:90:ac:f0:0c:e7:04:e1:33:93:88:
07:58:36:02:c3:2b:67:7e:22:9c:08:43:d7:b2:83:
24:dc:24:ae:76:fa:e6:cf:37:8c:63:04:f7:0f:05:
a4:fc:99:e7:51:80:d4:7a:b1:26:51:cb:f9:3f:19:
1b:c7:fa:cc:9a:08:ab:80:a2:50:39:b6:93:ca:60:
05:90:ed:fc:a6:96:96:9b:46:b4:79:56:fa:ce:41:
8b:f3:19:80:e6:10:02:fd:2d:ba:8d:39:2d:b1:84:
71:9c:29:ba:c7:27:59:7a:bb:5b:1b:49:f9:82:f9:
6c:75:2f:5d:7b:93:a9:36:b5:76:a9:99:53:05:d0:
81:00:b4:0f:59:d2:e8:33:1a:82:e4:99:07:5e:6e:
45:bc:55:5c:23:ef:d4:61:d7:65:e6:3a:cd:65:fe:
0b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:15:94:21:BE:A9:E4:6C:D0:AD:B9:BA:B0:3C:A4:D5:71:D1:DC:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
97:08:2f:5a:89:06:d8:3c:4f:61:45:63:bf:f5:cd:a1:7d:08:
b3:15:4d:8e:05:2b:de:ad:e0:1e:17:7c:f7:8a:5f:df:0a:09:
6b:69:a2:85:41:38:f3:a9:e6:1a:f2:3f:9c:13:f4:ce:5c:79:
c0:aa:38:74:79:be:2a:cd:49:35:ee:77:bc:c5:48:61:fc:7f:
bd:35:03:54:21:ac:19:c4:3c:54:86:6f:52:67:f6:3a:3b:a6:
e7:97:e3:ec:0e:de:e7:cc:3c:51:d8:37:b2:6f:3b:e0:0c:89:
ac:2d:a4:17:ff:66:81:55:45:46:d2:dc:76:2d:b5:bc:e5:af:
a8:ac:94:ec:c5:6b:3a:18:56:f7:08:0e:cd:18:83:05:1f:40:
68:31:a9:c9:09:91:32:40:48:91:f8:f1:3b:83:e8:8e:1a:28:
22:57:b0:fd:dc:2f:5d:fc:53:6e:1d:ac:12:c3:f1:20:bc:20:
14:f1:30:1b:37:36:19:b7:e4:5b:75:7d:5a:b1:2b:d1:9f:71:
d0:a4:e7:e5:6c:13:d1:1f:74:0b:b2:1c:3a:03:b8:d0:ad:7f:
6f:12:09:d7:74:14:a1:11:a9:83:51:eb:6a:ad:64:96:1b:29:
4c:50:b0:35:13:31:ab:0b:65:6d:9d:ed:6c:db:ef:4f:e3:72:
68:48:ba:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ51czZL0s3hVQRURxMogEFibFdUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAwNTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMmY5MjhlOTY4YzQ5ZTM0ZjE4YmFlNWIyYTVkYjg0ZjlmM2QzZmM4NTBj
OTdkZWNkYzNkMWNiMWYyY2FlZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLIA8yyBGbsi120KL/CV6PK63/2pT2FPldo2qYpI3AXIikh7FX5L5ICVXmI
r1j+YbQhx8jqQ+A0PV+0c0thtahUtcS03LoS5UCwuTGcZ0/wNKAzPOE+jTYoLRDy
fhaQrPAM5wThM5OIB1g2AsMrZ34inAhD17KDJNwkrnb65s83jGME9w8FpPyZ51GA
1HqxJlHL+T8ZG8f6zJoIq4CiUDm2k8pgBZDt/KaWlptGtHlW+s5Bi/MZgOYQAv0t
uo05LbGEcZwpuscnWXq7WxtJ+YL5bHUvXXuTqTa1dqmZUwXQgQC0D1nS6DMaguSZ
B15uRbxVXCPv1GHXZeY6zWX+C/MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQsFZQh
vqnkbNCtubqwPKTVcdHcADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAlwgvWokG2DxPYUVjv/XNoX0IsxVNjgUr3q3g
Hhd894pf3woJa2mihUE486nmGvI/nBP0zlx5wKo4dHm+Ks1JNe53vMVIYfx/vTUD
VCGsGcQ8VIZvUmf2Ojum55fj7A7e58w8Udg3sm874AyJrC2kF/9mgVVFRtLcdi21
vOWvqKyU7MVrOhhW9wgOzRiDBR9AaDGpyQmRMkBIkfjxO4PojhooIlew/dwvXfxT
bh2sEsPxILwgFPEwGzc2GbfkW3V9WrEr0Z9x0KTn5WwT0R90C7IcOgO40K1/bxIJ
13QUoRGpg1Hraq1klhspTFCwNRMxqwtlbZ3tbNvvT+NyaEi6Ag==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:39 2025 by rpki-client