Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
File: 48b510e0-0d59-48d3-96c5-ddb87c118e43.roa (raw, json)
Hash identifier: SzZwdYc8ClrU7qKKg9MYVJD1o7ASlOurNLimCCMYcvI=
Subject key identifier: 5D:94:37:52:FC:67:98:A1:21:94:CA:A6:51:A2:D9:2C:88:B2:85:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D2EC69CDFE2C0BB7F228B495CA7039E10FD625C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
Signing time: Fri 25 Apr 2025 18:20:51 +0000
ROA not before: Fri 25 Apr 2025 18:20:51 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:2e:c6:9c:df:e2:c0:bb:7f:22:8b:49:5c:a7:03:9e:10:fd:62:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:20:51 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=964d640130aba392ed097bb9fab4a8621e7c719d0a8af2a138bd2e90af6bdc9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f7:46:da:db:93:db:3a:e6:84:f0:6d:ab:3f:
12:5a:1e:fe:25:e3:fd:95:31:36:fd:60:b8:9e:03:
56:d9:de:83:c9:57:23:a1:cc:6a:83:29:4e:d7:a7:
f5:1f:34:d8:7a:d5:2e:22:69:80:ae:af:1f:e4:66:
9f:16:99:2c:93:30:e9:d6:f5:32:92:ba:69:d4:48:
27:ae:9f:21:1d:0b:f9:22:d9:95:54:c1:61:57:8c:
09:eb:9b:f7:b2:3f:ed:fa:be:84:36:b1:45:e7:ba:
eb:b0:e6:70:bf:25:63:ab:32:9f:73:08:f9:9b:8f:
98:d6:d4:f0:a2:46:c2:14:b9:d6:f5:25:02:b1:f1:
11:a8:9e:73:b3:00:ee:c5:50:03:4e:6f:5d:85:ec:
1e:df:75:1d:39:a5:d6:63:f3:ca:40:c6:cf:58:3f:
f4:8b:6c:de:32:7e:cb:a8:de:4b:67:7e:21:9c:f8:
c1:aa:02:eb:3c:7a:8d:d1:e4:15:95:21:ff:91:27:
23:cc:f2:89:36:be:b9:70:5a:af:00:d2:32:6e:f6:
3b:b8:43:c5:df:49:d2:61:67:14:86:d6:44:c3:88:
cd:68:ef:53:21:a0:14:7b:2b:c8:e3:0f:a5:c8:8a:
57:23:29:61:2a:32:da:c4:a3:82:6c:53:4c:1e:9b:
bf:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:94:37:52:FC:67:98:A1:21:94:CA:A6:51:A2:D9:2C:88:B2:85:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4020::/48
Signature Algorithm: sha256WithRSAEncryption
ba:31:25:1e:c3:15:e2:af:8c:d5:b2:db:e0:e8:71:d4:a1:01:
e8:b1:d1:53:bf:8d:fc:83:d8:7e:47:8b:02:aa:cd:08:d7:1d:
8f:c8:17:72:1c:a2:e0:84:f1:3c:b7:be:9d:e4:ba:c1:17:55:
9b:42:62:d2:e2:ed:e5:78:77:d0:28:d9:11:8c:91:c7:33:21:
4d:93:74:65:3a:3d:45:c1:a3:e9:49:e2:11:be:5e:4e:3f:f0:
4b:89:0d:84:19:e6:98:8c:02:14:c8:65:86:0f:db:90:e8:27:
e3:fc:3b:62:7a:a6:88:ae:bb:40:e2:cf:11:32:32:d3:71:a8:
c8:d3:92:af:de:a9:ba:7d:49:1a:53:2e:c4:82:77:93:6a:c0:
a1:c4:44:fb:42:3d:81:e3:89:86:95:74:8d:f8:7f:22:87:07:
5e:76:2e:d2:0e:1a:d7:6c:6c:8f:a1:74:4e:28:1a:0b:c7:19:
4b:4d:54:be:b4:ee:04:af:52:62:61:e4:b4:a6:8a:a8:38:5e:
0b:c7:4f:f9:58:2c:25:d3:66:84:04:5c:d0:99:31:b5:47:51:
24:10:c8:1e:c2:fa:2e:89:13:3d:80:72:9d:01:a0:20:b4:8f:
44:2c:cb:c6:86:cc:98:6b:c7:df:8a:87:f9:8c:95:b4:6c:f3:
7f:73:4d:e8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHS7GnN/iwLt/IotJXKcDnhD9YlwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIwNTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2NGQ2NDAxMzBhYmEzOTJlZDA5N2JiOWZhYjRhODYyMWU3YzcxOWQwYThh
ZjJhMTM4YmQyZTkwYWY2YmRjOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMv3Rtrbk9s65oTwbas/Eloe/iXj/ZUxNv1guJ4DVtneg8lXI6HMaoMpTten
9R802HrVLiJpgK6vH+RmnxaZLJMw6db1MpK6adRIJ66fIR0L+SLZlVTBYVeMCeub
97I/7fq+hDaxRee667DmcL8lY6syn3MI+ZuPmNbU8KJGwhS51vUlArHxEaiec7MA
7sVQA05vXYXsHt91HTml1mPzykDGz1g/9Its3jJ+y6jeS2d+IZz4waoC6zx6jdHk
FZUh/5EnI8zyiTa+uXBarwDSMm72O7hDxd9J0mFnFIbWRMOIzWjvUyGgFHsryOMP
pciKVyMpYSoy2sSjgmxTTB6bv8kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRdlDdS
/GeYoSGUyqZRotksiLKFEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhiNTEwZTAtMGQ1OS00OGQzLTk2YzUtZGRiODdjMTE4ZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
IDANBgkqhkiG9w0BAQsFAAOCAQEAujElHsMV4q+M1bLb4Ohx1KEB6LHRU7+N/IPY
fkeLAqrNCNcdj8gXchyi4ITxPLe+neS6wRdVm0Ji0uLt5Xh30CjZEYyRxzMhTZN0
ZTo9RcGj6UniEb5eTj/wS4kNhBnmmIwCFMhlhg/bkOgn4/w7YnqmiK67QOLPETIy
03GoyNOSr96pun1JGlMuxIJ3k2rAocRE+0I9geOJhpV0jfh/IocHXnYu0g4a12xs
j6F0TigaC8cZS01UvrTuBK9SYmHktKaKqDheC8dP+VgsJdNmhARc0JkxtUdRJBDI
HsL6LokTPYBynQGgILSPRCzLxobMmGvH34qH+YyVtGzzf3NN6A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:43 2025 by rpki-client