Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
File: 4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa (raw, json)
Hash identifier: XQja4twsLdu4gi6HdtKWJc9VNOieg4t86/P+1pYj1wk=
Subject key identifier: 37:18:CB:AE:EF:5C:AF:08:A0:3F:14:B6:26:3E:9E:A4:D9:83:53:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5918BDC3D8278D1B3873BA5615739653A1202C91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
Signing time: Fri 25 Apr 2025 18:21:18 +0000
ROA not before: Fri 25 Apr 2025 18:21:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:18:bd:c3:d8:27:8d:1b:38:73:ba:56:15:73:96:53:a1:20:2c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:21:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=bf109d9d3f8416930b8d7d568e363a01f493cdd4dd0ef0cfe4f35321e60bea79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a6:74:4e:22:50:4a:20:53:43:e2:22:81:0f:
69:f3:c4:bc:84:a0:de:23:4a:11:2f:4b:56:4a:b2:
54:f0:40:de:4b:9f:df:b7:77:4e:8b:10:19:91:3e:
38:c0:7b:b2:f3:91:5e:c9:c9:6f:97:d1:9e:5f:fb:
1e:d1:86:7f:43:e4:2c:a7:83:27:2d:65:dc:0f:4d:
28:80:50:c5:8c:5d:06:89:3b:05:7e:76:5c:05:58:
78:4c:36:9c:0b:66:7d:86:7b:85:b9:95:a7:bd:34:
84:ff:0a:34:a4:ae:c3:67:e4:df:e7:f5:b9:34:05:
9c:02:5e:92:24:18:c1:c1:cd:2f:8e:c5:48:47:76:
51:da:41:1b:05:1b:d5:cc:a1:da:f4:5c:80:0a:71:
be:8d:d8:77:05:f9:c5:c2:ec:cc:33:18:dc:1f:2a:
26:9e:fa:b1:f4:2c:70:ac:ba:24:31:72:e8:e3:22:
ee:2f:34:c7:18:1e:bb:34:9d:ce:85:84:5c:48:06:
91:af:4e:5c:d0:ea:36:ba:fd:63:02:a8:5c:ef:74:
52:30:cd:6c:0f:2c:24:f0:74:66:d2:7f:23:47:5f:
4f:18:0a:35:ab:5d:7e:e7:f0:04:db:b9:ac:63:de:
0a:d7:82:4c:7d:b3:87:2f:07:6a:42:69:93:ba:9b:
da:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:18:CB:AE:EF:5C:AF:08:A0:3F:14:B6:26:3E:9E:A4:D9:83:53:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
1c:f8:58:32:6a:0c:71:41:fc:9f:14:a7:90:a5:9a:85:bf:7c:
2b:d1:39:a8:35:bf:07:f3:b0:b0:7c:f9:dc:71:ce:86:70:8c:
3d:20:72:fe:bf:94:f3:07:ef:d5:5c:12:29:f2:b4:c4:35:b2:
ca:03:5c:fe:d5:2a:dd:d8:e0:f5:8e:b9:cf:0c:b2:75:53:6c:
7f:62:9c:67:de:04:9e:a5:7f:45:be:99:9e:fd:e0:53:9b:4f:
c5:f1:5a:b6:98:6f:cc:ff:6f:d2:76:07:4d:ec:6b:da:95:11:
32:af:5b:5e:d6:48:24:14:58:99:90:d0:f9:82:29:b4:b0:75:
92:5f:48:9c:2e:65:d9:1e:28:22:9c:44:29:4b:f3:dd:85:72:
49:eb:d6:f7:15:1a:50:5c:89:07:ca:e9:e4:e7:a2:49:ea:15:
1d:03:e0:50:4d:67:73:da:0b:62:b4:1a:5a:5e:ac:b5:39:51:
bc:58:b7:21:48:e9:a7:6f:f7:46:75:65:e2:ff:e9:d2:7a:6c:
3a:92:72:ee:93:82:f7:de:bd:8e:3d:08:a2:36:fe:5f:55:20:
6c:df:c3:8d:d2:12:03:79:f6:57:bd:47:fb:f3:48:15:03:a9:
92:6b:fe:e3:41:8a:dc:48:c4:b2:dc:62:9e:6a:92:89:1d:d4:
db:ca:68:27
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWRi9w9gnjRs4c7pWFXOWU6EgLJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIxMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmMTA5ZDlkM2Y4NDE2OTMwYjhkN2Q1NjhlMzYzYTAxZjQ5M2NkZDRkZDBl
ZjBjZmU0ZjM1MzIxZTYwYmVhNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6mdE4iUEogU0PiIoEPafPEvISg3iNKES9LVkqyVPBA3kuf37d3TosQGZE+
OMB7svORXsnJb5fRnl/7HtGGf0PkLKeDJy1l3A9NKIBQxYxdBok7BX52XAVYeEw2
nAtmfYZ7hbmVp700hP8KNKSuw2fk3+f1uTQFnAJekiQYwcHNL47FSEd2UdpBGwUb
1cyh2vRcgApxvo3YdwX5xcLszDMY3B8qJp76sfQscKy6JDFy6OMi7i80xxgeuzSd
zoWEXEgGka9OXNDqNrr9YwKoXO90UjDNbA8sJPB0ZtJ/I0dfTxgKNatdfufwBNu5
rGPeCteCTH2zhy8HakJpk7qb2gcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ3GMuu
71yvCKA/FLYmPp6k2YNTOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1NzgzZWUtZGRlYS00Y2FlLWI2ZjQtM2QyNmQzMjhiMzZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
wDANBgkqhkiG9w0BAQsFAAOCAQEAHPhYMmoMcUH8nxSnkKWahb98K9E5qDW/B/Ow
sHz53HHOhnCMPSBy/r+U8wfv1VwSKfK0xDWyygNc/tUq3djg9Y65zwyydVNsf2Kc
Z94EnqV/Rb6Znv3gU5tPxfFatphvzP9v0nYHTexr2pURMq9bXtZIJBRYmZDQ+YIp
tLB1kl9InC5l2R4oIpxEKUvz3YVySevW9xUaUFyJB8rp5OeiSeoVHQPgUE1nc9oL
YrQaWl6stTlRvFi3IUjpp2/3RnVl4v/p0npsOpJy7pOC9969jj0Iojb+X1UgbN/D
jdISA3n2V71H+/NIFQOpkmv+40GK3EjEstxinmqSiR3U28poJw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:32 2025 by rpki-client