Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json)
Hash identifier: QRRYAEBaWigEUWaRfb4szKpH/HqRF567ZDBbtE+TJHw=
Subject key identifier: 73:17:24:56:92:D1:53:5D:1C:BE:43:7F:0E:39:42:3D:A8:17:CD:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E2BE301DEDB61562498CB5A1F36EB9455E91C46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
Signing time: Fri 25 Apr 2025 20:10:04 +0000
ROA not before: Fri 25 Apr 2025 20:10:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:2b:e3:01:de:db:61:56:24:98:cb:5a:1f:36:eb:94:55:e9:1c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c47246a7499bcae1164840e5563b03a5b353ce6b3aed1253f2aaa49d6fd1f9b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:47:52:e9:ea:02:08:17:4d:c5:d1:d2:6c:c8:
09:d2:11:44:06:a1:49:5c:f6:e1:b5:80:93:a8:43:
47:3f:d5:01:f4:81:f8:d1:c2:ac:9a:18:32:c1:3a:
d1:1c:5b:cc:3a:47:2a:5c:5e:b3:8e:0d:06:9a:a3:
cd:1b:9a:65:88:16:2c:14:1f:cd:53:71:ca:9b:6a:
32:f6:b8:8a:aa:b5:17:20:0f:b7:34:9f:4f:23:fa:
85:96:40:90:05:84:fe:3b:0d:13:8e:82:78:ad:da:
ea:6b:09:c4:49:a0:b5:52:60:91:f8:57:61:57:97:
3c:a1:68:2c:2a:80:b4:b9:28:4c:53:2d:3d:5d:92:
ac:dd:e6:19:3b:fb:9e:93:1e:22:59:c4:e7:81:bc:
dc:85:ec:96:cb:50:e7:df:b9:d1:25:54:88:91:df:
2a:f0:4c:3c:d3:24:9d:c0:49:28:cc:d3:a4:a5:5c:
30:24:80:b4:e7:cd:fa:b7:e3:ce:a5:07:06:dd:cd:
a8:07:d6:10:b4:e3:98:3c:d5:0b:02:a7:ac:ce:9e:
79:d3:5d:06:05:a0:78:cc:3e:87:3f:d4:e1:33:19:
1d:bc:9f:1c:a0:30:d9:79:2a:a9:07:17:49:d5:b9:
67:f8:6f:76:b4:a4:a6:09:03:d6:4c:f8:aa:22:46:
3f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:17:24:56:92:D1:53:5D:1C:BE:43:7F:0E:39:42:3D:A8:17:CD:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:c00::/38
Signature Algorithm: sha256WithRSAEncryption
c7:48:68:e4:40:be:47:bf:96:ea:16:9b:b0:91:6d:bb:5b:a1:
3f:91:aa:46:b9:8b:9e:ba:3d:32:0e:45:f6:76:c7:ae:6f:52:
d5:5d:d5:00:de:04:f6:d0:6b:70:cb:b1:11:28:78:bf:72:f9:
03:97:1d:33:72:74:b7:4b:ab:11:0d:03:dd:5b:97:9a:fd:8f:
1d:ca:b5:62:d7:88:ee:6d:8a:f8:3d:d0:fc:d4:74:62:31:15:
91:b2:16:b3:b0:5b:83:5d:fe:db:23:4e:b5:d1:41:55:d5:26:
cc:a7:6e:4f:ba:5e:0e:6f:34:64:3d:62:fe:58:ab:a8:a5:ed:
74:1f:a8:ef:cf:eb:fe:7f:d8:a4:7a:72:c7:c3:45:28:05:39:
5e:f1:53:0a:d1:e3:c5:2f:b5:91:67:49:9b:e8:ea:34:6a:3d:
a5:2b:3a:74:31:6c:83:49:bb:2b:50:93:6e:7f:49:f3:7f:e9:
c5:79:b5:db:37:6e:a3:0b:9c:25:5a:72:35:6d:b3:4d:63:88:
99:42:93:89:73:50:33:b9:67:33:1f:4a:f6:73:24:59:50:a6:
9b:19:33:84:50:ac:e6:76:67:b0:ce:d0:f0:31:6e:2c:28:aa:
ed:d3:0d:32:8e:53:5e:46:af:35:54:ac:f0:02:2f:57:c0:58:
e8:fb:67:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDivjAd7bYVYkmMtaHzbrlFXpHEYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0NzI0NmE3NDk5YmNhZTExNjQ4NDBlNTU2M2IwM2E1YjM1M2NlNmIzYWVk
MTI1M2YyYWFhNDlkNmZkMWY5YjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRHUunqAggXTcXR0mzICdIRRAahSVz24bWAk6hDRz/VAfSB+NHCrJoYMsE6
0RxbzDpHKlxes44NBpqjzRuaZYgWLBQfzVNxyptqMva4iqq1FyAPtzSfTyP6hZZA
kAWE/jsNE46CeK3a6msJxEmgtVJgkfhXYVeXPKFoLCqAtLkoTFMtPV2SrN3mGTv7
npMeIlnE54G83IXslstQ59+50SVUiJHfKvBMPNMkncBJKMzTpKVcMCSAtOfN+rfj
zqUHBt3NqAfWELTjmDzVCwKnrM6eedNdBgWgeMw+hz/U4TMZHbyfHKAw2XkqqQcX
SdW5Z/hvdrSkpgkD1kz4qiJGPyECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRzFyRW
ktFTXRy+Q38OOUI9qBfNuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M
MA0GCSqGSIb3DQEBCwUAA4IBAQDHSGjkQL5Hv5bqFpuwkW27W6E/kapGuYueuj0y
DkX2dseub1LVXdUA3gT20Gtwy7ERKHi/cvkDlx0zcnS3S6sRDQPdW5ea/Y8dyrVi
14jubYr4PdD81HRiMRWRshazsFuDXf7bI0610UFV1SbMp25Pul4ObzRkPWL+WKuo
pe10H6jvz+v+f9ikenLHw0UoBTle8VMK0ePFL7WRZ0mb6Oo0aj2lKzp0MWyDSbsr
UJNuf0nzf+nFebXbN26jC5wlWnI1bbNNY4iZQpOJc1AzuWczH0r2cyRZUKabGTOE
UKzmdmewztDwMW4sKKrt0w0yjlNeRq81VKzwAi9XwFjo+2eD
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:19 2025 by rpki-client