Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
File: 4cf83881-74f7-4033-977b-362e08e8d6d2.roa (raw, json)
Hash identifier: 7GuPiwlGegs++jggiA9v0fPQMzvJlKJJNayRyExe5z8=
Subject key identifier: D5:94:2D:5C:F6:EF:63:9B:97:C5:CB:A2:A5:AD:AC:A3:87:22:37:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55B0FD579CA5B53D5A794805EF90C730466C589B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
Signing time: Mon 21 Apr 2025 18:30:20 +0000
ROA not before: Mon 21 Apr 2025 18:30:20 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:b0:fd:57:9c:a5:b5:3d:5a:79:48:05:ef:90:c7:30:46:6c:58:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:30:20 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=fd7e0cfc0531e6ea8db72be2950f2df3da52b6039325d163cd43254226ac4c81, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d5:0a:6e:2e:9d:ad:2f:40:c7:d5:4b:b7:4a:
f2:f9:16:7b:6c:a7:10:aa:7e:20:e9:3f:b0:c8:10:
a3:13:37:42:ac:35:f8:a8:e2:2b:90:4e:2c:1a:76:
6c:52:f5:80:55:c9:fe:a0:86:fa:cf:f2:10:33:fc:
8f:af:40:da:e9:4c:fa:ac:4f:43:6c:f8:fe:ae:b4:
bd:89:fc:07:f0:35:aa:25:18:d5:fd:94:17:85:e3:
6b:71:09:22:c9:af:5b:50:15:fb:15:f8:99:1a:c0:
d9:53:ef:a7:7a:5a:9c:ce:5d:c6:70:1d:ba:ae:2a:
21:fa:6f:f7:97:22:8b:78:47:ed:71:41:21:67:11:
31:6a:80:97:f8:0d:16:a8:d8:89:4c:e2:4a:53:cb:
47:5e:7f:16:20:eb:ec:d6:d2:ce:d8:13:72:fd:3c:
28:b8:53:8b:2b:58:a2:93:91:cb:78:cc:19:11:ae:
2b:2f:66:bf:53:d6:b4:d8:1d:64:8a:22:d3:81:f9:
83:64:06:d2:32:ce:39:4d:c3:d2:bf:4e:8f:a3:84:
0c:55:78:e7:af:99:ff:41:5c:0c:97:24:2d:10:b9:
33:26:77:0c:93:05:10:46:2e:d5:aa:70:2c:66:ba:
59:d1:e2:ec:3c:49:30:27:af:1a:17:80:47:3e:0a:
95:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:94:2D:5C:F6:EF:63:9B:97:C5:CB:A2:A5:AD:AC:A3:87:22:37:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:840::/48
Signature Algorithm: sha256WithRSAEncryption
99:37:64:a1:00:d1:49:08:9f:da:04:94:df:92:c9:bd:0c:b9:
f1:7c:54:fc:ef:a4:1c:61:51:07:4b:2a:69:3a:79:2b:18:b1:
a7:ac:60:db:0f:cb:9f:ff:16:c7:6f:b5:77:c0:f9:35:84:84:
cd:a1:13:d8:8e:bc:47:41:7f:be:02:df:72:1e:84:c2:e8:e0:
19:22:54:3a:a9:ef:8f:d8:fe:5b:d8:35:7b:f9:dd:25:0d:74:
f6:c0:ce:4d:c5:e6:b2:24:2d:43:9a:7b:32:fe:a0:74:d1:b4:
c6:41:ff:b0:41:2a:74:2c:c5:eb:9c:56:93:09:de:86:b5:a2:
b4:96:46:3f:32:6e:33:98:73:37:39:e0:4a:bb:9e:d1:c9:ae:
58:4a:2a:37:e2:97:ab:f0:00:e3:f3:8f:c9:57:e0:71:1f:18:
8c:86:42:48:b2:12:3e:1e:41:ce:47:c4:ca:a8:ba:ca:b4:34:
e3:5a:65:3c:ad:e7:62:ea:62:d2:09:c9:34:b1:39:ec:6b:4f:
35:a6:0e:81:d1:d4:76:b0:0c:7f:40:d1:92:d2:51:16:04:df:
03:cc:19:f0:e6:48:a1:21:9f:9d:64:e2:1b:7f:8a:54:4c:36:
59:83:8d:07:3d:5e:bf:69:b5:6d:3e:73:13:2c:5a:c5:4d:fc:
1b:89:48:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVbD9V5yltT1aeUgF75DHMEZsWJswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMwMjBaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkN2UwY2ZjMDUzMWU2ZWE4ZGI3MmJlMjk1MGYyZGYzZGE1MmI2MDM5MzI1
ZDE2M2NkNDMyNTQyMjZhYzRjODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvVCm4una0vQMfVS7dK8vkWe2ynEKp+IOk/sMgQoxM3Qqw1+KjiK5BOLBp2
bFL1gFXJ/qCG+s/yEDP8j69A2ulM+qxPQ2z4/q60vYn8B/A1qiUY1f2UF4Xja3EJ
IsmvW1AV+xX4mRrA2VPvp3panM5dxnAduq4qIfpv95cii3hH7XFBIWcRMWqAl/gN
FqjYiUziSlPLR15/FiDr7NbSztgTcv08KLhTiytYopORy3jMGRGuKy9mv1PWtNgd
ZIoi04H5g2QG0jLOOU3D0r9Oj6OEDFV456+Z/0FcDJckLRC5MyZ3DJMFEEYu1apw
LGa6WdHi7DxJMCevGheARz4KlRcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTVlC1c
9u9jm5fFy6KlrayjhyI3iDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNmODM4ODEtNzRmNy00MDMzLTk3N2ItMzYyZTA4ZThkNmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
QDANBgkqhkiG9w0BAQsFAAOCAQEAmTdkoQDRSQif2gSU35LJvQy58XxU/O+kHGFR
B0sqaTp5Kxixp6xg2w/Ln/8Wx2+1d8D5NYSEzaET2I68R0F/vgLfch6EwujgGSJU
Oqnvj9j+W9g1e/ndJQ109sDOTcXmsiQtQ5p7Mv6gdNG0xkH/sEEqdCzF65xWkwne
hrWitJZGPzJuM5hzNzngSrue0cmuWEoqN+KXq/AA4/OPyVfgcR8YjIZCSLISPh5B
zkfEyqi6yrQ041plPK3nYupi0gnJNLE57GtPNaYOgdHUdrAMf0DRktJRFgTfA8wZ
8OZIoSGfnWTiG3+KVEw2WYONBz1ev2m1bT5zEyxaxU38G4lIOQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:38 2025 by rpki-client