Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa
File: 42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa (raw, json)
Hash identifier: bxJBbALgrdMtQBokG5BU3V0AoZXQAoUlvewv0/Kq7eo=
Subject key identifier: 35:17:76:5A:F2:5E:FC:68:F7:CC:3B:07:AE:93:CD:AF:0E:97:D3:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58340A95ABD43215EDB33658FA495E6EAB771551
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa
Signing time: Fri 18 Apr 2025 18:30:10 +0000
ROA not before: Fri 18 Apr 2025 18:30:10 +0000
ROA not after: Fri 23 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:34:0a:95:ab:d4:32:15:ed:b3:36:58:fa:49:5e:6e:ab:77:15:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 18 18:30:10 2025 GMT
Not After : May 23 23:59:59 2025 GMT
Subject: serialNumber=c149b0e288e1b140a269b64c19ff693c51eb2dfd431ee4b1f9dc39c42a6178ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:62:57:43:26:ef:67:77:5d:52:51:be:e6:a3:
10:fd:25:a4:15:fc:be:d5:5b:09:3d:2e:57:cf:8b:
cd:3d:51:22:fb:ca:ff:1f:62:92:d3:2e:27:d3:ee:
be:9d:d6:63:4f:c1:58:5f:0d:07:be:aa:53:6b:b3:
87:50:ab:bf:ea:36:78:11:b7:5c:86:5d:a4:c6:8a:
10:17:09:b4:82:3e:56:20:47:3f:2d:da:99:cb:03:
7d:4e:32:ea:56:4f:0c:65:36:1b:05:08:14:55:f8:
07:8e:61:ce:54:7b:6c:12:52:e7:d6:b7:58:77:bf:
76:68:a2:47:df:3c:ac:91:b0:3a:60:9c:9c:57:3c:
30:56:78:f1:6c:a2:52:51:3c:d4:50:9d:82:34:a3:
fe:fc:f7:5f:6a:bb:2c:d8:cc:24:e1:51:ca:f4:ba:
fb:15:a9:39:16:8e:a6:12:25:e9:a5:8c:33:c2:54:
d4:76:83:e9:86:04:47:3f:1a:d3:53:a7:e2:59:19:
e6:ad:83:d7:20:4a:2e:a0:6b:38:30:99:15:e8:49:
55:0c:9a:b0:04:df:1c:db:be:dc:ff:51:92:1f:66:
6b:89:14:fb:61:ae:6c:19:37:5d:5e:f4:3a:f1:ad:
d3:d9:87:f9:16:f6:26:fe:79:e6:37:6b:c1:0f:26:
48:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:17:76:5A:F2:5E:FC:68:F7:CC:3B:07:AE:93:CD:AF:0E:97:D3:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/48
Signature Algorithm: sha256WithRSAEncryption
21:43:47:d0:92:eb:07:06:05:bc:29:e2:cc:8d:a1:7f:a7:32:
f0:12:e7:cb:a0:5e:e9:48:33:a5:32:f3:86:f7:2d:bd:5a:98:
28:ec:c5:00:9a:ff:bc:81:de:09:fe:86:36:72:c0:b2:88:5e:
33:6d:4c:a0:07:77:70:2e:13:fa:5f:88:9b:ba:d4:ac:54:be:
52:ad:fd:7b:22:f6:ed:33:41:3c:1f:a3:99:f9:b0:3e:58:b1:
9e:2a:c4:96:6d:04:9b:53:77:ef:56:5e:b4:a3:49:04:db:ca:
e4:0e:22:e5:a8:87:c4:7e:02:a4:21:5f:d3:71:31:0e:2e:2b:
83:07:05:12:60:0a:a7:b1:8b:c0:a3:1b:d4:c0:af:7c:f4:fe:
39:b5:da:97:93:c2:7a:99:3f:6a:8c:e6:31:2d:82:2b:2a:2e:
03:12:e3:f4:13:c7:85:76:13:16:cc:8b:f0:3d:6f:a1:7b:79:
19:d2:bf:f9:47:b2:34:22:9b:19:16:16:3b:10:26:71:50:7b:
0f:be:ac:f1:95:e7:b7:05:47:b9:03:e0:6b:ea:1f:f6:93:cc:
60:3a:45:cd:6d:a6:72:1c:28:5b:54:84:5c:6f:68:1b:d1:f0:
a3:fd:e5:a6:07:84:c9:69:e9:0c:6f:02:93:44:be:82:ee:0e:
29:60:e9:26
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWDQKlavUMhXtszZY+klebqt3FVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTgxODMwMTBaFw0yNTA1MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxNDliMGUyODhlMWIxNDBhMjY5YjY0YzE5ZmY2OTNjNTFlYjJkZmQ0MzFl
ZTRiMWY5ZGMzOWM0MmE2MTc4Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5iV0Mm72d3XVJRvuajEP0lpBX8vtVbCT0uV8+LzT1RIvvK/x9iktMuJ9Pu
vp3WY0/BWF8NB76qU2uzh1Crv+o2eBG3XIZdpMaKEBcJtII+ViBHPy3amcsDfU4y
6lZPDGU2GwUIFFX4B45hzlR7bBJS59a3WHe/dmiiR988rJGwOmCcnFc8MFZ48Wyi
UlE81FCdgjSj/vz3X2q7LNjMJOFRyvS6+xWpORaOphIl6aWMM8JU1HaD6YYERz8a
01On4lkZ5q2D1yBKLqBrODCZFehJVQyasATfHNu+3P9Rkh9ma4kU+2GubBk3XV70
OvGt09mH+Rb2Jv555jdrwQ8mSBkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ1F3Za
8l78aPfMOweuk82vDpfTzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJhMmJiYmMtNGJmZC00MTcyLTgwMDQtYjkwYmY5ZDJkZTcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HaQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAIUNH0JLrBwYFvCnizI2hf6cy8BLny6Be6Ugz
pTLzhvctvVqYKOzFAJr/vIHeCf6GNnLAsoheM21MoAd3cC4T+l+Im7rUrFS+Uq39
eyL27TNBPB+jmfmwPlixnirElm0Em1N371ZetKNJBNvK5A4i5aiHxH4CpCFf03Ex
Di4rgwcFEmAKp7GLwKMb1MCvfPT+ObXal5PCepk/aozmMS2CKyouAxLj9BPHhXYT
FsyL8D1voXt5GdK/+UeyNCKbGRYWOxAmcVB7D76s8ZXntwVHuQPga+of9pPMYDpF
zW2mchwoW1SEXG9oG9Hwo/3lpgeEyWnpDG8Ck0S+gu4OKWDpJg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:03 2025 by rpki-client