Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
File: 4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa (raw, json)
Hash identifier: xDRZl9WVgVdEVGMs6vh6HZD0Ihc+g4IlENYH7mkCszo=
Subject key identifier: B7:2F:54:CA:A0:97:95:A4:CD:C6:D7:EB:DA:47:15:60:2E:5D:81:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11A18D8FC4BAB43C31E8E3B87F6ED97EC1E5EDF0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
Signing time: Fri 25 Apr 2025 19:50:51 +0000
ROA not before: Fri 25 Apr 2025 19:50:51 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:a1:8d:8f:c4:ba:b4:3c:31:e8:e3:b8:7f:6e:d9:7e:c1:e5:ed:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:51 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=6295579b36aeeef3bb252e1a7b5ff3c6fa439b32fd94528dba0d415808549d0d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:5e:83:f7:91:77:bb:44:aa:67:34:e2:08:16:
1c:4f:a3:d9:c3:a4:65:ef:57:d2:51:43:ef:19:57:
7c:80:b3:8b:55:a5:79:fa:7e:46:7d:bd:56:38:a0:
af:f2:da:d8:f5:f7:09:30:93:f0:6f:9f:70:09:90:
e4:c5:6e:bf:01:df:a5:e3:8b:79:ff:54:b9:a6:b8:
eb:e8:d0:98:13:e7:4f:0b:b0:4c:e2:fb:d2:66:1e:
ba:fa:86:39:60:49:b6:82:ce:42:03:13:fa:9d:c1:
33:8b:64:5b:6f:94:e8:ba:23:6d:af:f0:00:d7:55:
dd:d2:b4:59:e3:f7:34:ef:23:47:08:51:4d:27:2e:
95:36:42:6f:b6:d9:94:ed:31:3f:6a:da:43:0c:d8:
d3:3d:43:81:86:bd:63:e5:82:d4:ef:6c:03:09:07:
e4:ba:64:b3:bd:5c:02:62:7e:cb:c1:43:c6:4d:e3:
a9:8a:ee:9d:a6:ff:30:1f:c1:98:28:55:1a:40:e4:
d9:08:27:a7:89:a7:38:39:2d:c5:88:4d:57:72:38:
cb:61:5d:b2:6e:c9:d3:5c:7f:22:c6:99:0b:cc:3f:
14:fd:32:3c:98:dd:b5:41:a6:cf:10:b4:f0:6a:4c:
15:59:c5:b5:20:fa:01:67:05:d6:8a:b6:3d:fb:8f:
65:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2F:54:CA:A0:97:95:A4:CD:C6:D7:EB:DA:47:15:60:2E:5D:81:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:4000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:fc:4a:53:71:46:9c:b8:44:e8:24:d1:2d:dd:f2:7a:2d:b0:
88:0e:77:8d:4f:a3:03:fe:a8:26:d3:5e:13:ae:cd:ba:ea:c8:
02:14:51:e0:6f:06:e1:d0:8e:3d:8b:b9:86:c3:5c:cc:ed:ec:
66:ef:14:79:0c:b1:22:99:1b:50:99:20:ee:71:f7:f0:5d:b7:
81:0f:41:87:0c:38:3b:ee:d1:1b:60:79:8f:a8:25:55:62:f9:
9b:da:0e:f8:4e:a2:af:7e:1b:47:14:c3:7f:13:ce:97:68:02:
5c:0e:7a:01:24:41:3c:85:2c:c5:b7:ff:7f:c2:40:21:5c:4b:
bb:29:c6:54:74:1c:17:85:8f:80:b3:b5:e0:7a:3c:90:50:f9:
6d:9d:7c:55:ed:ea:0d:aa:47:cb:81:6b:14:d8:c1:9f:40:c8:
12:2a:58:57:ba:16:c7:3f:2f:60:1a:f9:b7:90:20:3c:ab:a6:
a7:b9:82:5c:66:46:a5:b0:d0:df:e6:92:5e:ca:2c:da:f2:bc:
c5:42:60:9a:2e:b2:0c:fa:5c:1d:20:56:c7:f4:47:91:d8:df:
de:a7:56:1c:78:6d:d6:0a:c2:70:03:23:6e:ec:60:5e:dd:fc:
0b:97:6b:cd:61:d8:4c:20:64:a3:3f:c2:b6:3d:5f:b5:fc:e7:
14:db:f8:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEaGNj8S6tDwx6OO4f27ZfsHl7fAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwNTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyOTU1NzliMzZhZWVlZjNiYjI1MmUxYTdiNWZmM2M2ZmE0MzliMzJmZDk0
NTI4ZGJhMGQ0MTU4MDg1NDlkMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPNeg/eRd7tEqmc04ggWHE+j2cOkZe9X0lFD7xlXfICzi1Wlefp+Rn29Vjig
r/La2PX3CTCT8G+fcAmQ5MVuvwHfpeOLef9Uuaa46+jQmBPnTwuwTOL70mYeuvqG
OWBJtoLOQgMT+p3BM4tkW2+U6Lojba/wANdV3dK0WeP3NO8jRwhRTSculTZCb7bZ
lO0xP2raQwzY0z1DgYa9Y+WC1O9sAwkH5Lpks71cAmJ+y8FDxk3jqYrunab/MB/B
mChVGkDk2Qgnp4mnODktxYhNV3I4y2Fdsm7J01x/IsaZC8w/FP0yPJjdtUGmzxC0
8GpMFVnFtSD6AWcF1oq2PfuPZbsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3L1TK
oJeVpM3G1+vaRxVgLl2BtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2ZGRjYTctMTcyZi00ZjBlLTlhODMtOWEzNTlmNjJjNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVA
MA0GCSqGSIb3DQEBCwUAA4IBAQCu/EpTcUacuEToJNEt3fJ6LbCIDneNT6MD/qgm
014Trs266sgCFFHgbwbh0I49i7mGw1zM7exm7xR5DLEimRtQmSDucffwXbeBD0GH
DDg77tEbYHmPqCVVYvmb2g74TqKvfhtHFMN/E86XaAJcDnoBJEE8hSzFt/9/wkAh
XEu7KcZUdBwXhY+As7XgejyQUPltnXxV7eoNqkfLgWsU2MGfQMgSKlhXuhbHPy9g
Gvm3kCA8q6anuYJcZkalsNDf5pJeyiza8rzFQmCaLrIM+lwdIFbH9EeR2N/ep1Yc
eG3WCsJwAyNu7GBe3fwLl2vNYdhMIGSjP8K2PV+1/OcU2/hM
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:01 2025 by rpki-client