Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: M/nvQuZdn7Jm6ENc8aQMVTYZ/YaFHuaeRQJo7HWVn30=
Subject key identifier: B6:91:27:2A:95:0B:CF:A7:55:61:CA:54:26:98:56:83:18:A3:BB:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A852CF5194E72200F779812402B85FCD3F592E3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Fri 25 Apr 2025 19:50:50 +0000
ROA not before: Fri 25 Apr 2025 19:50:50 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:85:2c:f5:19:4e:72:20:0f:77:98:12:40:2b:85:fc:d3:f5:92:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:50 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d543d5452e1d59653f443f215c5980ea792a9de679ab9c5361624e1a5b04a294, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6c:3d:e5:6d:fd:38:93:26:53:f8:a5:5a:41:
1c:80:4c:7f:21:4a:99:2b:2d:98:c1:e7:1b:31:bd:
1a:46:5b:dc:6a:9f:f2:b1:2f:96:8e:56:91:2b:7d:
5b:60:a4:01:9f:c9:02:b8:c3:47:e8:8e:de:40:51:
af:c3:89:34:79:48:f1:03:e7:0c:71:9b:03:24:e4:
da:2e:29:18:e0:f9:2e:b9:c1:ff:0f:ee:f2:42:50:
ec:05:48:12:8b:00:6f:1b:a8:cc:aa:8b:96:fa:be:
41:ed:bf:61:c0:18:51:cb:69:47:0b:52:e1:43:71:
38:6b:3e:eb:26:0b:05:08:37:97:4a:ab:7a:47:ce:
62:42:d9:96:f5:44:09:a2:0d:4c:f3:74:9d:58:6c:
5c:b5:7c:3d:ba:c3:02:07:c9:b0:39:01:c2:9c:44:
e9:fb:f3:9e:ef:ee:80:8c:5e:fe:5d:e0:78:81:f3:
48:d9:a0:88:9c:28:b3:f0:c7:45:3f:2a:e5:a6:73:
ee:d7:2a:0d:82:50:83:08:e1:37:77:ac:7c:0f:1c:
ae:72:36:04:24:db:05:47:64:d5:26:9c:e0:dc:2a:
bc:c6:fe:d7:4a:2e:9b:dd:dd:2c:30:be:b6:be:a2:
5c:98:e4:1d:3c:78:48:2f:07:39:e2:32:cf:15:2c:
3f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:91:27:2A:95:0B:CF:A7:55:61:CA:54:26:98:56:83:18:A3:BB:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:52:ac:9a:47:68:57:32:c5:0c:96:b5:ee:d6:0f:ad:b4:96:
f1:26:e8:67:04:b5:2a:da:5b:e4:fe:4b:bf:30:a1:0b:99:54:
f8:84:a9:e7:1b:f1:8f:fd:73:33:6b:30:a2:be:31:d7:fe:b6:
c3:3f:8b:7c:ff:64:cd:9d:08:30:57:2c:ed:e7:f9:d1:ae:8a:
dd:9b:07:ce:4e:9e:af:e7:61:f0:bd:18:b3:51:dd:29:d3:1e:
a4:25:44:1d:09:68:f3:45:47:5c:c3:29:c1:28:84:10:5a:35:
eb:95:82:19:f9:94:73:32:33:0d:dc:7f:70:21:79:e4:cc:11:
76:ad:01:7c:f3:b4:29:be:62:1e:f3:a3:a5:01:a8:77:6b:fb:
69:3e:a3:2c:b1:00:fb:8a:53:9d:9d:91:a9:fa:ca:04:12:7a:
b9:0b:64:91:f9:31:ce:45:fe:e0:ff:06:b4:e0:36:98:df:28:
fa:23:ec:94:e7:4a:6b:a7:d9:d5:be:73:a1:8d:f4:0a:ec:28:
71:ea:1e:6a:53:4c:f3:7b:15:fd:b2:2e:0d:16:a8:96:0b:f7:
6d:7e:9f:20:a5:32:61:33:ac:0a:4c:cc:93:6a:ce:6f:9b:1f:
e9:0f:aa:35:47:19:c5:c6:7d:98:ba:6d:68:44:14:02:53:57:
27:ae:c7:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWoUs9RlOciAPd5gSQCuF/NP1kuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwNTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1NDNkNTQ1MmUxZDU5NjUzZjQ0M2YyMTVjNTk4MGVhNzkyYTlkZTY3OWFi
OWM1MzYxNjI0ZTFhNWIwNGEyOTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBsPeVt/TiTJlP4pVpBHIBMfyFKmSstmMHnGzG9GkZb3Gqf8rEvlo5WkSt9
W2CkAZ/JArjDR+iO3kBRr8OJNHlI8QPnDHGbAyTk2i4pGOD5LrnB/w/u8kJQ7AVI
EosAbxuozKqLlvq+Qe2/YcAYUctpRwtS4UNxOGs+6yYLBQg3l0qrekfOYkLZlvVE
CaINTPN0nVhsXLV8PbrDAgfJsDkBwpxE6fvznu/ugIxe/l3geIHzSNmgiJwos/DH
RT8q5aZz7tcqDYJQgwjhN3esfA8crnI2BCTbBUdk1Sac4NwqvMb+10oum93dLDC+
tr6iXJjkHTx4SC8HOeIyzxUsP90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2kScq
lQvPp1VhylQmmFaDGKO7FzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQAeUqyaR2hXMsUMlrXu1g+ttJbxJuhnBLUq2lvk
/ku/MKELmVT4hKnnG/GP/XMzazCivjHX/rbDP4t8/2TNnQgwVyzt5/nRrordmwfO
Tp6v52HwvRizUd0p0x6kJUQdCWjzRUdcwynBKIQQWjXrlYIZ+ZRzMjMN3H9wIXnk
zBF2rQF887QpvmIe86OlAah3a/tpPqMssQD7ilOdnZGp+soEEnq5C2SR+THORf7g
/wa04DaY3yj6I+yU50prp9nVvnOhjfQK7Chx6h5qU0zzexX9si4NFqiWC/dtfp8g
pTJhM6wKTMyTas5vmx/pD6o1RxnFxn2Yum1oRBQCU1cnrseM
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:19 2025 by rpki-client