Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
File: 48202432-610c-42b2-9763-e895c6cbe70d.roa (raw, json)
Hash identifier: l1E/IEqd5THOsmGGmoxg0Yf8BP70x1dD5U0bHH2rOgI=
Subject key identifier: 41:9F:83:9F:B4:45:D3:42:A9:3A:99:45:D3:A1:7B:2E:27:59:F0:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FE3B1B5090B5E5C9935D4231701038F1D7CA7D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
Signing time: Fri 18 Apr 2025 18:30:31 +0000
ROA not before: Fri 18 Apr 2025 18:30:31 +0000
ROA not after: Fri 23 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:e3:b1:b5:09:0b:5e:5c:99:35:d4:23:17:01:03:8f:1d:7c:a7:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 18 18:30:31 2025 GMT
Not After : May 23 23:59:59 2025 GMT
Subject: serialNumber=5dbc89949b7bb2f45c2383f17fc5964349b4837682994fd9631ad6555b75a800, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ef:a7:72:94:9a:67:87:13:36:bb:da:88:4f:
8f:00:73:5c:97:0e:fc:4c:43:e4:fa:e1:78:0e:6b:
87:a1:9c:e9:d7:81:f0:09:78:89:01:9f:6f:27:91:
09:b9:6e:c3:04:93:51:af:2b:4f:8b:e9:7a:e3:bd:
b3:13:f3:9f:cd:20:a3:4b:8b:f1:68:0f:f2:8f:00:
6b:68:ec:72:28:9f:c1:9c:3e:bf:e1:d0:eb:5b:64:
97:08:ca:07:c0:37:11:83:24:5c:78:c7:8a:3a:a6:
7c:86:5a:27:f7:bf:09:99:bc:6e:1c:8e:48:8a:2c:
ca:8f:2f:06:54:f5:79:b9:25:d2:a2:b8:ef:29:58:
c7:d1:76:66:09:18:52:00:80:e2:42:f0:d0:b3:37:
ce:a3:a9:38:9b:a0:55:7e:3f:92:72:44:23:3d:2f:
83:dd:24:97:5b:38:cf:95:93:1d:f2:bb:b9:75:d9:
bb:91:9e:62:74:f6:e7:42:95:89:d6:c7:b6:09:cd:
cb:bd:fa:84:81:b7:88:4f:d1:3c:fd:0f:9f:bc:ac:
b6:e4:cc:5c:fd:41:4b:2c:ab:94:ee:af:f1:01:7e:
4d:eb:8f:5f:33:4f:c1:b2:74:b8:ca:23:b9:30:3d:
c8:ac:4e:b2:4b:a6:a8:95:8d:f9:ca:10:c7:42:1d:
a3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9F:83:9F:B4:45:D3:42:A9:3A:99:45:D3:A1:7B:2E:27:59:F0:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/48
Signature Algorithm: sha256WithRSAEncryption
1f:86:0e:4e:a6:f6:f8:8e:e8:ad:0d:d3:ae:bf:fb:26:d7:96:
1f:50:3d:85:c5:e0:c7:2b:5f:51:a5:12:5c:66:7e:34:41:10:
db:82:c7:f7:4f:ba:2b:86:14:ce:64:e1:d9:28:5a:7e:ab:16:
7a:60:10:66:fd:df:b1:a7:ca:93:d0:1c:47:6f:3d:9c:7d:3b:
ad:c2:37:2c:82:9e:55:b7:38:1f:37:ad:70:7f:0b:05:1a:a7:
83:f9:85:96:d0:6b:b6:17:8a:e5:75:2b:23:51:9e:4d:4a:c5:
eb:f2:ec:a4:d4:0d:cb:87:20:26:b7:6c:c0:76:d5:a1:c0:35:
c2:9f:79:05:c8:94:1b:87:d2:82:a8:6d:90:bb:8b:9f:45:69:
ae:30:5b:f6:b6:25:8b:79:00:22:6e:d3:6d:a1:f7:c2:fa:78:
7b:7f:0d:5b:e1:d5:61:ce:28:b4:14:db:3b:93:fc:56:c0:93:
8c:6e:3e:70:a9:f4:d2:ff:d0:73:1e:e6:29:51:a9:94:fb:45:
57:71:7f:f8:cf:f4:a2:91:57:cf:05:2e:71:1d:26:4a:5a:a3:
15:1d:7b:c2:a3:46:04:8f:ed:47:68:b8:8d:a3:7f:f1:97:62:
52:cf:d9:5f:9c:57:6d:16:4b:4e:54:b1:04:f1:66:a6:7a:ed:
5c:a8:fb:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX+OxtQkLXlyZNdQjFwEDjx18p9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTgxODMwMzFaFw0yNTA1MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkYmM4OTk0OWI3YmIyZjQ1YzIzODNmMTdmYzU5NjQzNDliNDgzNzY4Mjk5
NGZkOTYzMWFkNjU1NWI3NWE4MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbvp3KUmmeHEza72ohPjwBzXJcO/ExD5PrheA5rh6Gc6deB8Al4iQGfbyeR
CbluwwSTUa8rT4vpeuO9sxPzn80go0uL8WgP8o8Aa2jsciifwZw+v+HQ61tklwjK
B8A3EYMkXHjHijqmfIZaJ/e/CZm8bhyOSIosyo8vBlT1ebkl0qK47ylYx9F2ZgkY
UgCA4kLw0LM3zqOpOJugVX4/knJEIz0vg90kl1s4z5WTHfK7uXXZu5GeYnT250KV
idbHtgnNy736hIG3iE/RPP0Pn7ystuTMXP1BSyyrlO6v8QF+TeuPXzNPwbJ0uMoj
uTA9yKxOskumqJWN+coQx0Ido1kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRBn4Of
tEXTQqk6mUXToXsuJ1nwmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDgyMDI0MzItNjEwYy00MmIyLTk3NjMtZTg5NWM2Y2JlNzBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAH4YOTqb2+I7orQ3Trr/7JteWH1A9hcXgxytf
UaUSXGZ+NEEQ24LH90+6K4YUzmTh2ShafqsWemAQZv3fsafKk9AcR289nH07rcI3
LIKeVbc4HzetcH8LBRqng/mFltBrtheK5XUrI1GeTUrF6/LspNQNy4cgJrdswHbV
ocA1wp95BciUG4fSgqhtkLuLn0VprjBb9rYli3kAIm7TbaH3wvp4e38NW+HVYc4o
tBTbO5P8VsCTjG4+cKn00v/Qcx7mKVGplPtFV3F/+M/0opFXzwUucR0mSlqjFR17
wqNGBI/tR2i4jaN/8ZdiUs/ZX5xXbRZLTlSxBPFmpnrtXKj7Lg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:12 2025 by rpki-client