Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: Nyu1qqsnx1myn92YP9EzjamKzAztR8cf8u5D8ddLUWc=
Subject key identifier: F2:C1:5E:98:05:F6:A4:DB:EB:35:CB:6B:EA:0C:D1:0F:A4:80:5C:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 208867113C6A6B3F034AAAF29E447FA2CCA90E93
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Fri 25 Apr 2025 19:51:38 +0000
ROA not before: Fri 25 Apr 2025 19:51:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:88:67:11:3c:6a:6b:3f:03:4a:aa:f2:9e:44:7f:a2:cc:a9:0e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=73b696cf653191deb247ce584529bcfa59369af30cfa2938a0ad27fa75b2d5a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b0:0e:d6:05:76:78:73:f6:30:3f:aa:42:d0:
c9:33:1e:c9:9f:ff:95:9e:6c:63:9a:0e:ec:94:bd:
da:08:a7:4b:16:35:30:7e:31:c3:2c:a1:c3:06:09:
84:03:48:20:58:95:97:d3:b2:a4:2e:67:65:dc:fc:
e5:40:4d:2d:d6:12:83:7a:fb:4f:80:c1:97:7b:4b:
68:5b:90:2f:30:b0:e5:11:dc:bd:68:8e:5d:57:93:
5c:4b:95:07:a0:67:47:47:d2:da:d3:ce:e6:43:35:
81:d1:80:27:fe:1f:56:bc:2b:2d:b3:1a:1f:62:f4:
c9:76:e4:93:b9:fc:40:d1:8a:f6:d7:b6:0f:80:3a:
d1:a4:ef:37:57:91:1f:ee:e8:9b:2c:f8:50:74:6f:
f5:ba:70:e8:08:6c:c5:bb:e2:79:b5:cf:9e:39:c5:
c2:63:16:d8:67:a6:0e:71:6b:9b:78:0b:53:c1:e4:
8e:77:4f:ff:65:2f:f3:37:0d:c6:bf:c6:32:e5:21:
74:50:a0:ce:ca:f0:cb:05:b9:57:e5:70:3d:ba:63:
95:01:6b:e1:81:a8:14:1e:d6:60:8f:75:ee:70:75:
21:42:8f:20:35:12:65:e5:c3:62:d7:69:ab:4e:fa:
2c:b1:7c:78:f5:4e:2a:ad:18:81:10:9f:06:50:50:
d7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C1:5E:98:05:F6:A4:DB:EB:35:CB:6B:EA:0C:D1:0F:A4:80:5C:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
57:33:68:95:b4:7d:4f:4d:63:71:07:e5:59:bf:f2:95:ec:1e:
c2:2b:ea:6c:bc:3d:d5:fb:60:81:21:c5:56:6c:5e:44:d0:83:
1b:65:eb:0c:90:7a:5e:2f:13:b2:85:e3:f4:24:28:eb:a4:e3:
5f:5b:c7:cb:97:e6:49:94:76:0b:14:78:a5:82:99:77:08:3d:
7c:3d:0a:66:d4:7b:a7:1d:79:7f:d1:4f:37:95:56:eb:19:9d:
8a:4f:4b:e2:07:2f:a7:bf:a9:c6:2d:f0:8e:b9:c6:ec:21:4a:
6d:ff:3f:d6:e1:73:28:a3:cd:a2:da:aa:a7:6b:17:47:04:b8:
97:bc:7f:1d:30:37:c7:a7:ef:da:9e:75:41:f5:be:68:c7:8d:
db:e7:ce:f0:85:27:dd:b3:9d:b8:0e:d2:2b:11:b8:8c:5a:bb:
d3:43:af:dd:86:a1:e0:24:bb:51:71:18:8e:53:c6:c6:81:0f:
e4:56:b3:95:d0:50:42:d5:76:45:98:19:fc:7f:c6:6d:9f:ab:
e1:7d:c8:30:1f:f0:4a:ad:12:d9:e4:f4:bb:ad:c7:1e:64:d1:
38:d7:f9:ef:11:2a:90:78:0e:19:2b:fa:e2:c2:b9:aa:f6:2e:
66:0f:81:5f:5d:87:83:50:35:eb:fe:c8:33:ce:98:73:b0:54:
33:00:64:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIIhnETxqaz8DSqrynkR/osypDpMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDczYjY5NmNmNjUzMTkxZGViMjQ3Y2U1ODQ1MjliY2ZhNTkzNjlhZjMwY2Zh
MjkzOGEwYWQyN2ZhNzViMmQ1YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2wDtYFdnhz9jA/qkLQyTMeyZ//lZ5sY5oO7JS92ginSxY1MH4xwyyhwwYJ
hANIIFiVl9OypC5nZdz85UBNLdYSg3r7T4DBl3tLaFuQLzCw5RHcvWiOXVeTXEuV
B6BnR0fS2tPO5kM1gdGAJ/4fVrwrLbMaH2L0yXbkk7n8QNGK9te2D4A60aTvN1eR
H+7omyz4UHRv9bpw6AhsxbviebXPnjnFwmMW2GemDnFrm3gLU8HkjndP/2Uv8zcN
xr/GMuUhdFCgzsrwywW5V+VwPbpjlQFr4YGoFB7WYI917nB1IUKPIDUSZeXDYtdp
q076LLF8ePVOKq0YgRCfBlBQ14UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTywV6Y
Bfak2+s1y2vqDNEPpIBc5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXM2iVtH1PTWNxB+VZv/KV7B7CK+psvD3V+2CB
IcVWbF5E0IMbZesMkHpeLxOyheP0JCjrpONfW8fLl+ZJlHYLFHilgpl3CD18PQpm
1HunHXl/0U83lVbrGZ2KT0viBy+nv6nGLfCOucbsIUpt/z/W4XMoo82i2qqnaxdH
BLiXvH8dMDfHp+/annVB9b5ox43b587whSfds524DtIrEbiMWrvTQ6/dhqHgJLtR
cRiOU8bGgQ/kVrOV0FBC1XZFmBn8f8Ztn6vhfcgwH/BKrRLZ5PS7rcceZNE41/nv
ESqQeA4ZK/riwrmq9i5mD4FfXYeDUDXr/sgzzphzsFQzAGQP
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:46 2025 by rpki-client