Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json)
Hash identifier: akP4X9q1GBcRupneVhNWwNg+9/JdI7g4xmGTE4qyAKs=
Subject key identifier: DD:F5:C7:E4:25:B7:D5:2A:0D:3A:18:D3:69:8C:23:DE:71:DC:FF:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FDC0F017CAA94B8DD8DEA5969502416FB150A80
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
Signing time: Fri 25 Apr 2025 19:40:08 +0000
ROA not before: Fri 25 Apr 2025 19:40:08 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:dc:0f:01:7c:aa:94:b8:dd:8d:ea:59:69:50:24:16:fb:15:0a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:08 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=15261c50a57ac483aff8afbf9de306bc904e5954a48da1d644a26c1bb0c8809d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3a:cd:32:49:c9:92:b6:20:01:e0:67:18:e8:
3d:1e:9a:ec:2b:98:9e:0b:86:e6:d1:dc:38:cf:37:
88:cb:bc:9e:06:a6:af:ec:72:c5:f1:44:ed:43:9a:
cf:75:18:d9:ea:c3:69:62:fe:c3:a2:f8:be:74:d6:
ab:a2:24:89:4a:cd:81:00:74:00:ac:ab:ec:ad:90:
b8:b6:af:ba:ba:cf:85:30:b4:a1:f1:d6:34:dc:ba:
21:a0:c6:ad:04:51:e5:bf:32:d9:08:1e:79:e5:f9:
c2:82:1e:2b:36:25:cd:4f:01:04:ed:f4:bb:69:3d:
12:e4:f2:ba:c5:fb:f3:a9:af:04:4c:4d:a1:3c:5c:
72:8e:90:f4:38:3f:7c:d7:7f:31:ba:81:25:8e:6d:
b1:ff:a0:ad:21:63:04:66:6e:65:d0:a3:a5:c5:f9:
e2:1b:01:ed:74:87:90:9b:c1:9f:dd:79:48:94:65:
c6:ba:4e:c8:10:2a:71:29:21:2a:5f:3b:ef:bc:f9:
24:b8:07:64:d9:fd:01:fc:bf:ca:d5:07:92:d8:42:
dc:ee:a6:6c:b2:4d:4f:df:9d:dd:cf:b5:73:64:b6:
67:a0:29:b2:c2:9e:d8:45:97:50:e1:29:6a:27:06:
c2:d6:74:8c:b6:d3:1a:2b:0a:8e:06:73:1e:3a:63:
85:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F5:C7:E4:25:B7:D5:2A:0D:3A:18:D3:69:8C:23:DE:71:DC:FF:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:e000::/40
Signature Algorithm: sha256WithRSAEncryption
59:c3:02:02:60:0d:f9:89:3e:b3:60:04:5c:94:df:3b:ad:cd:
1b:7d:86:d8:90:bb:f8:7b:5d:19:80:11:14:57:04:c1:c1:e7:
bb:45:8a:25:26:71:e5:c2:5f:e2:ba:7f:e9:4a:81:f2:bc:25:
5a:ac:94:f6:6a:40:45:37:c7:b6:89:59:88:01:ca:c1:e8:25:
8c:f0:73:6d:c9:06:f7:ee:7a:c9:33:03:2d:9a:03:ba:e9:98:
eb:b8:c8:cf:a5:2e:0b:0b:4d:4c:ef:21:c0:2d:8f:87:f2:09:
b2:46:54:77:7e:4d:3a:28:a2:5f:c3:8a:62:22:56:86:fa:e5:
03:5b:c3:9f:58:b4:ef:5d:a5:17:dd:83:9f:a1:83:7e:a6:88:
5d:90:d6:7e:1f:f1:14:a9:40:8b:b1:9c:24:66:79:96:da:ba:
f5:f0:3a:b3:ef:1e:17:03:47:2a:f9:78:99:08:16:c2:53:69:
ac:bf:b0:f1:63:6d:a6:52:7d:4e:11:57:db:9d:d8:16:53:21:
c9:65:80:26:69:a6:46:2e:11:e2:04:5c:a8:55:47:c7:71:eb:
f2:b0:44:c0:da:e6:da:91:bc:72:b3:a6:8a:bc:22:d9:e9:ee:
f1:f9:fe:bb:7c:7f:cd:2e:a8:80:e9:cd:59:2e:0e:f5:fe:c1:
55:9b:8c:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH9wPAXyqlLjdjepZaVAkFvsVCoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwMDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MjYxYzUwYTU3YWM0ODNhZmY4YWZiZjlkZTMwNmJjOTA0ZTU5NTRhNDhk
YTFkNjQ0YTI2YzFiYjBjODgwOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL46zTJJyZK2IAHgZxjoPR6a7CuYnguG5tHcOM83iMu8ngamr+xyxfFE7UOa
z3UY2erDaWL+w6L4vnTWq6IkiUrNgQB0AKyr7K2QuLavurrPhTC0ofHWNNy6IaDG
rQRR5b8y2QgeeeX5woIeKzYlzU8BBO30u2k9EuTyusX786mvBExNoTxcco6Q9Dg/
fNd/MbqBJY5tsf+grSFjBGZuZdCjpcX54hsB7XSHkJvBn915SJRlxrpOyBAqcSkh
Kl8777z5JLgHZNn9Afy/ytUHkthC3O6mbLJNT9+d3c+1c2S2Z6ApssKe2EWXUOEp
aicGwtZ0jLbTGisKjgZzHjpjhR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTd9cfk
JbfVKg06GNNpjCPecdz/ezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg
MA0GCSqGSIb3DQEBCwUAA4IBAQBZwwICYA35iT6zYARclN87rc0bfYbYkLv4e10Z
gBEUVwTBwee7RYolJnHlwl/iun/pSoHyvCVarJT2akBFN8e2iVmIAcrB6CWM8HNt
yQb37nrJMwMtmgO66ZjruMjPpS4LC01M7yHALY+H8gmyRlR3fk06KKJfw4piIlaG
+uUDW8OfWLTvXaUX3YOfoYN+pohdkNZ+H/EUqUCLsZwkZnmW2rr18Dqz7x4XA0cq
+XiZCBbCU2msv7DxY22mUn1OEVfbndgWUyHJZYAmaaZGLhHiBFyoVUfHcevysETA
2ubakbxys6aKvCLZ6e7x+f67fH/NLqiA6c1ZLg71/sFVm4zq
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:25 2025 by rpki-client