Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
File: 4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa (raw, json)
Hash identifier: Sh6s8t3GzRxyRmeqk4mdiw16leAk/NETDtDZO85hqo0=
Subject key identifier: C2:79:CE:EA:C7:2E:DD:42:D8:D6:35:AD:0B:95:07:65:02:FB:2B:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2834CEDE3FB9B04394F4CFA68BF5A65E6F9F2048
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
Signing time: Fri 25 Apr 2025 20:20:49 +0000
ROA not before: Fri 25 Apr 2025 20:20:49 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:34:ce:de:3f:b9:b0:43:94:f4:cf:a6:8b:f5:a6:5e:6f:9f:20:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:49 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d7277c2fba8f62f1748363a42930ede56c7fcc953cc5c67c18c65fcd3d9c5fbd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:14:ba:5d:ce:b7:62:b6:b8:bd:ee:e3:a3:d0:
3c:11:53:32:ed:a9:92:83:48:0f:f4:76:94:10:46:
d4:e8:55:a7:0f:5e:8c:ae:6e:ad:85:a5:96:79:54:
75:9d:76:bd:e9:77:d7:79:71:34:93:41:e7:1b:40:
41:b6:29:42:f2:6a:3c:87:02:d6:46:5e:58:02:5f:
66:48:bc:31:5d:37:b5:dd:d6:24:1d:75:4e:91:d7:
78:e8:13:88:3d:bc:26:d9:05:14:87:b1:96:d5:d4:
58:8b:aa:53:9e:13:a7:ac:60:4a:3a:5b:a7:fd:cd:
43:d1:cb:66:1a:70:50:04:5c:ad:e1:67:77:7a:36:
7f:c6:7e:bf:a9:e1:6b:c6:b8:c7:f7:d7:9e:9b:cd:
ed:06:81:d5:96:21:dd:51:8b:18:ae:a8:ec:67:c1:
2f:c8:31:78:d9:1d:3a:cb:29:60:c8:04:69:46:ea:
57:e4:c2:02:68:e7:c8:56:33:86:61:b7:cf:0c:b5:
40:fe:99:bf:b5:0e:ca:4a:4c:70:16:7a:06:07:0d:
af:96:0f:45:d2:b1:9c:db:61:50:72:0a:8d:a9:52:
86:5b:21:56:8b:4d:2e:c3:93:7f:5e:52:7c:23:73:
cc:d7:97:ce:cc:92:67:f3:d9:73:64:da:72:e0:86:
8f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:79:CE:EA:C7:2E:DD:42:D8:D6:35:AD:0B:95:07:65:02:FB:2B:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:400::/38
Signature Algorithm: sha256WithRSAEncryption
45:d0:9d:27:97:3d:ad:ef:70:61:66:2c:82:2d:cb:32:80:06:
1b:a0:10:a8:45:f5:ca:77:70:31:95:42:38:60:74:2c:18:d1:
a4:0a:78:51:3a:62:64:51:23:a6:ba:8d:78:85:3a:a0:5b:97:
d6:91:2d:2c:82:70:d6:e0:8e:1c:fb:43:40:95:bf:ca:a8:6d:
a6:4b:25:b6:bb:f5:10:57:20:a6:93:26:ad:94:0e:00:60:35:
b0:40:d4:52:0d:25:8d:77:1d:19:38:53:f1:b4:8a:7b:99:09:
4d:16:43:a5:2e:8f:1d:db:f2:a5:54:6f:d8:4d:3c:32:6e:8c:
6d:92:d5:bf:44:b8:3d:de:8c:8a:17:04:c1:b8:3f:4f:9e:3e:
ae:31:dd:0c:b4:8b:ec:9d:42:24:e6:86:8f:7c:7f:6b:11:e7:
ca:c8:c3:2c:3e:7a:79:76:80:34:3b:42:ce:52:02:04:2b:eb:
5e:8f:8c:4d:c8:3e:87:e2:9e:d5:cf:9d:c8:43:27:13:e5:ef:
1d:17:0c:19:ca:cd:66:de:8a:e8:f6:04:04:a2:77:81:fb:16:
63:bf:06:12:da:8f:00:9e:6c:bc:6a:45:99:13:3f:18:fe:0f:
6e:5b:21:5e:cc:0d:32:8b:53:fe:41:76:9a:ee:a8:82:ac:f8:
95:fb:ab:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKDTO3j+5sEOU9M+mi/WmXm+fIEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwNDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3Mjc3YzJmYmE4ZjYyZjE3NDgzNjNhNDI5MzBlZGU1NmM3ZmNjOTUzY2M1
YzY3YzE4YzY1ZmNkM2Q5YzVmYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8Uul3Ot2K2uL3u46PQPBFTMu2pkoNID/R2lBBG1OhVpw9ejK5urYWllnlU
dZ12vel313lxNJNB5xtAQbYpQvJqPIcC1kZeWAJfZki8MV03td3WJB11TpHXeOgT
iD28JtkFFIexltXUWIuqU54Tp6xgSjpbp/3NQ9HLZhpwUARcreFnd3o2f8Z+v6nh
a8a4x/fXnpvN7QaB1ZYh3VGLGK6o7GfBL8gxeNkdOsspYMgEaUbqV+TCAmjnyFYz
hmG3zwy1QP6Zv7UOykpMcBZ6BgcNr5YPRdKxnNthUHIKjalShlshVotNLsOTf15S
fCNzzNeXzsySZ/PZc2TacuCGj9UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTCec7q
xy7dQtjWNa0LlQdlAvsrDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEwNzc2OTktNDhjYi00MmExLTlmMWItMWU3YzlhM2FlODA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQE
MA0GCSqGSIb3DQEBCwUAA4IBAQBF0J0nlz2t73BhZiyCLcsygAYboBCoRfXKd3Ax
lUI4YHQsGNGkCnhROmJkUSOmuo14hTqgW5fWkS0sgnDW4I4c+0NAlb/KqG2mSyW2
u/UQVyCmkyatlA4AYDWwQNRSDSWNdx0ZOFPxtIp7mQlNFkOlLo8d2/KlVG/YTTwy
boxtktW/RLg93oyKFwTBuD9Pnj6uMd0MtIvsnUIk5oaPfH9rEefKyMMsPnp5doA0
O0LOUgIEK+tej4xNyD6H4p7Vz53IQycT5e8dFwwZys1m3oro9gQEoneB+xZjvwYS
2o8Anmy8akWZEz8Y/g9uWyFezA0yi1P+QXaa7qiCrPiV+6tp
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:07 2025 by rpki-client