Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
File: 4e84f0a8-9d20-4219-b641-9a6905a033d9.roa (raw, json)
Hash identifier: SBBGJkXzNkS/v+zHwsAfd1WL4WOTI9jnH6kWhBtq4UE=
Subject key identifier: 20:64:1E:A8:95:AD:B2:DA:9C:EB:AF:93:40:EA:E1:6E:38:6B:82:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7140EC54002C3732F3C6FA550FD7FD025FEF419E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
Signing time: Fri 25 Apr 2025 18:20:09 +0000
ROA not before: Fri 25 Apr 2025 18:20:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:40:ec:54:00:2c:37:32:f3:c6:fa:55:0f:d7:fd:02:5f:ef:41:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:20:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=061802267502dd85085265803471294574ca7a53d0a0ec1d4b4331e3512d2a2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:44:92:cf:0e:c7:a9:8e:7b:3c:74:b9:59:b1:
ce:c9:f5:b4:bf:02:35:70:03:f0:61:f1:af:14:eb:
c4:91:1b:00:48:5f:96:6f:d9:9d:28:6b:40:68:a9:
06:28:66:45:e0:9d:3d:32:4f:fa:fc:32:63:76:fd:
26:0c:5f:24:93:9a:53:3b:20:23:07:75:fc:8b:c2:
75:97:72:3a:29:75:65:48:5d:93:9d:fa:df:fe:c4:
96:55:fb:d8:89:50:39:f5:c8:cd:e2:71:41:ed:61:
05:57:c3:15:39:09:29:cf:d8:03:78:1a:87:d1:fc:
fd:b0:e2:9b:bc:51:f4:c3:2a:05:e5:18:cc:f6:7b:
22:de:1e:36:64:d3:01:2f:ac:1b:57:59:76:51:46:
ae:7f:6d:ac:c4:b3:14:e1:e7:a1:c0:13:65:fd:df:
e6:6e:e2:5e:e5:e6:80:03:b7:23:18:70:9a:a2:39:
40:84:7d:c0:82:94:36:9c:79:f3:09:64:dd:67:9d:
16:82:6d:22:f9:5a:dc:1b:48:36:b3:84:3e:2a:fd:
4e:63:d0:7b:86:d6:12:b3:01:09:83:c4:ea:65:9e:
9d:90:f9:60:dc:df:d0:37:04:70:ae:6e:08:dc:f5:
2d:a7:91:73:bb:b0:70:34:bf:21:7b:21:03:b0:6e:
5a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:64:1E:A8:95:AD:B2:DA:9C:EB:AF:93:40:EA:E1:6E:38:6B:82:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a040::/48
Signature Algorithm: sha256WithRSAEncryption
a5:85:d3:5f:66:be:19:12:45:d9:09:c9:bb:ba:3b:ca:c6:43:
d7:d7:38:c6:fd:09:e6:a8:f3:94:ad:46:0f:cf:89:1b:fc:a9:
be:91:da:37:b6:1a:e3:79:1f:b3:c3:81:75:dd:30:c0:0a:b5:
8d:b2:23:29:d5:67:be:a5:32:63:4e:ca:da:db:bf:e5:a0:e6:
b2:82:3d:a1:80:3e:67:dd:39:2b:b3:07:db:15:f5:66:8c:da:
6e:24:f0:a4:27:bb:43:ba:ce:b7:93:93:67:bf:83:8a:a0:09:
37:b3:c5:e2:43:d9:3c:5e:c6:89:c9:49:96:ab:7e:0e:d6:ac:
60:55:dd:e9:ca:22:8a:38:fd:8f:8c:80:d1:a0:f2:1f:dc:5e:
7a:e5:94:30:a1:b6:87:5a:6b:1a:fb:8b:5b:54:52:69:d6:db:
d9:76:8f:ea:26:ae:81:be:0c:41:56:ae:38:7f:13:9a:96:23:
dd:3e:12:ee:71:ce:1f:e9:75:fa:07:4a:41:bf:ef:d6:d0:3d:
6f:78:aa:7b:5f:a8:8d:aa:0e:dc:32:df:61:71:81:5c:81:cf:
50:39:df:51:1d:5f:11:91:fc:2d:c3:61:f3:8e:47:2f:90:b0:
90:be:71:43:50:29:17:c0:ea:1f:66:ff:9f:76:44:3e:90:5e:
13:43:e7:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcUDsVAAsNzLzxvpVD9f9Al/vQZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIwMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MTgwMjI2NzUwMmRkODUwODUyNjU4MDM0NzEyOTQ1NzRjYTdhNTNkMGEw
ZWMxZDRiNDMzMWUzNTEyZDJhMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxEks8Ox6mOezx0uVmxzsn1tL8CNXAD8GHxrxTrxJEbAEhflm/ZnShrQGip
BihmReCdPTJP+vwyY3b9JgxfJJOaUzsgIwd1/IvCdZdyOil1ZUhdk5363/7EllX7
2IlQOfXIzeJxQe1hBVfDFTkJKc/YA3gah9H8/bDim7xR9MMqBeUYzPZ7It4eNmTT
AS+sG1dZdlFGrn9trMSzFOHnocATZf3f5m7iXuXmgAO3IxhwmqI5QIR9wIKUNpx5
8wlk3WedFoJtIvla3BtINrOEPir9TmPQe4bWErMBCYPE6mWenZD5YNzf0DcEcK5u
CNz1LaeRc7uwcDS/IXshA7BuWu8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQgZB6o
la2y2pzrr5NA6uFuOGuCxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU4NGYwYTgtOWQyMC00MjE5LWI2NDEtOWE2OTA1YTAzM2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
QDANBgkqhkiG9w0BAQsFAAOCAQEApYXTX2a+GRJF2QnJu7o7ysZD19c4xv0J5qjz
lK1GD8+JG/ypvpHaN7Ya43kfs8OBdd0wwAq1jbIjKdVnvqUyY07K2tu/5aDmsoI9
oYA+Z905K7MH2xX1ZozabiTwpCe7Q7rOt5OTZ7+DiqAJN7PF4kPZPF7GiclJlqt+
DtasYFXd6coiijj9j4yA0aDyH9xeeuWUMKG2h1prGvuLW1RSadbb2XaP6iaugb4M
QVauOH8TmpYj3T4S7nHOH+l1+gdKQb/v1tA9b3iqe1+ojaoO3DLfYXGBXIHPUDnf
UR1fEZH8LcNh845HL5CwkL5xQ1ApF8DqH2b/n3ZEPpBeE0Pnuw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:23 2025 by rpki-client