Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
File: 4c78114f-4347-44fe-aef1-32fc688c69b9.roa (raw, json)
Hash identifier: WNwnAAEPMWi82UFTe2kWduap2Cxesj7OApiOxt7QVe0=
Subject key identifier: 3E:A6:08:F5:D4:03:1E:78:4D:8B:1F:6B:B5:6B:B2:3C:6D:0C:01:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 702449D26D13F43E820B5FD3B801FF89ABFF7158
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
Signing time: Fri 25 Apr 2025 18:50:10 +0000
ROA not before: Fri 25 Apr 2025 18:50:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:24:49:d2:6d:13:f4:3e:82:0b:5f:d3:b8:01:ff:89:ab:ff:71:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=14e4fd2eecd3db1ee86c001aa7fe57647b40c2cbf011ac12d5543f8ddf628b02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:82:24:c9:cd:b2:d1:4d:72:6a:e0:4c:79:60:
32:9d:26:07:90:9a:fe:43:99:05:20:38:dc:49:73:
0a:3e:a2:06:33:52:47:91:83:04:43:6b:f1:f9:47:
27:e3:ef:bd:f8:11:0c:05:b9:00:86:fe:e0:82:8c:
ad:44:3b:f0:3f:97:d8:08:c1:2a:92:c8:3f:8c:41:
b2:83:d5:34:93:46:1d:ef:10:e6:89:64:d8:ef:e0:
52:ed:3c:52:52:e7:89:d2:0d:e3:3d:1d:32:d9:7e:
b6:de:5b:72:9e:4d:83:ea:ab:9b:52:51:aa:51:33:
d9:02:c5:6f:df:5c:6b:78:4b:5f:cd:f8:9a:f4:97:
c3:c9:09:0f:cc:d5:cd:7f:5f:2b:9a:b2:23:bf:67:
da:94:7c:b3:cc:07:d0:94:17:c3:71:3b:e4:04:22:
ae:d9:31:8b:18:34:54:7a:f7:5d:49:c6:e8:84:1e:
44:69:46:5b:ef:ba:1b:5d:23:bc:d7:21:16:c5:29:
1d:5a:aa:77:cb:03:c4:80:5f:50:2f:1c:bd:1b:1c:
ad:d3:00:98:b6:66:8e:83:e2:57:f0:01:64:df:86:
57:9a:33:27:b8:f3:97:49:c3:ba:ca:75:b3:88:d0:
40:ff:85:48:fb:86:95:51:7a:7c:65:58:e3:13:c0:
35:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A6:08:F5:D4:03:1E:78:4D:8B:1F:6B:B5:6B:B2:3C:6D:0C:01:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8020::/48
Signature Algorithm: sha256WithRSAEncryption
10:dc:98:3f:7b:76:79:14:5a:a8:05:34:b1:59:a6:33:d2:89:
04:a6:ff:46:36:91:08:2e:29:08:ca:4a:49:79:c0:55:bd:70:
b1:f4:70:4f:6a:e6:ee:18:a2:83:7d:7a:c2:78:3e:db:62:e3:
15:f5:78:73:23:5f:4d:25:e3:62:05:02:8f:49:8a:de:b6:24:
c9:97:2e:9c:9d:53:3e:40:9a:03:10:42:0c:af:12:d3:0a:30:
a6:b0:5f:af:e9:da:f4:d4:20:35:71:99:f9:ec:bd:76:45:c0:
3b:78:80:ad:af:76:84:23:fd:e6:d1:50:46:23:06:aa:b2:9e:
e6:98:de:e9:cb:13:5a:ed:83:56:0f:65:28:3d:2f:0e:47:73:
19:d3:ad:d4:8c:12:dd:6f:79:f1:f8:ab:42:f3:de:46:38:95:
21:0b:59:ff:5a:2c:e5:bb:76:27:bb:ee:d1:3e:00:56:58:8d:
2a:64:01:b0:44:59:79:60:3d:de:5e:66:0e:c9:86:41:81:78:
48:cc:6d:66:1b:7f:0e:77:d2:4d:67:de:4c:eb:4d:53:e9:96:
85:e3:c0:6d:e0:7f:87:3b:0b:58:29:c0:b1:72:ac:32:26:9a:
3b:87:02:2b:cd:b0:66:be:cb:6e:3d:dc:05:45:19:54:76:2f:
9f:5e:2a:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcCRJ0m0T9D6CC1/TuAH/iav/cVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ZTRmZDJlZWNkM2RiMWVlODZjMDAxYWE3ZmU1NzY0N2I0MGMyY2JmMDEx
YWMxMmQ1NTQzZjhkZGY2MjhiMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2CJMnNstFNcmrgTHlgMp0mB5Ca/kOZBSA43ElzCj6iBjNSR5GDBENr8flH
J+PvvfgRDAW5AIb+4IKMrUQ78D+X2AjBKpLIP4xBsoPVNJNGHe8Q5olk2O/gUu08
UlLnidIN4z0dMtl+tt5bcp5Ng+qrm1JRqlEz2QLFb99ca3hLX834mvSXw8kJD8zV
zX9fK5qyI79n2pR8s8wH0JQXw3E75AQirtkxixg0VHr3XUnG6IQeRGlGW++6G10j
vNchFsUpHVqqd8sDxIBfUC8cvRscrdMAmLZmjoPiV/ABZN+GV5ozJ7jzl0nDusp1
s4jQQP+FSPuGlVF6fGVY4xPANUsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ+pgj1
1AMeeE2LH2u1a7I8bQwB0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM3ODExNGYtNDM0Ny00NGZlLWFlZjEtMzJmYzY4OGM2OWI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
IDANBgkqhkiG9w0BAQsFAAOCAQEAENyYP3t2eRRaqAU0sVmmM9KJBKb/RjaRCC4p
CMpKSXnAVb1wsfRwT2rm7hiig316wng+22LjFfV4cyNfTSXjYgUCj0mK3rYkyZcu
nJ1TPkCaAxBCDK8S0wowprBfr+na9NQgNXGZ+ey9dkXAO3iAra92hCP95tFQRiMG
qrKe5pje6csTWu2DVg9lKD0vDkdzGdOt1IwS3W958firQvPeRjiVIQtZ/1os5bt2
J7vu0T4AVliNKmQBsERZeWA93l5mDsmGQYF4SMxtZht/DnfSTWfeTOtNU+mWhePA
beB/hzsLWCnAsXKsMiaaO4cCK82wZr7Lbj3cBUUZVHYvn14qOA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:43 2025 by rpki-client