Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e91376d-8b45-49e6-bf21-9f8e5d21208b.roa
File: 4e91376d-8b45-49e6-bf21-9f8e5d21208b.roa (raw, json)
Hash identifier: ZEfDHuqG0+gcBwnJ9KmsU4IcTYpfZPmpfuPHrQRuaxo=
Subject key identifier: FE:E9:E2:97:9A:6F:AB:94:E3:00:5C:C0:7D:41:7E:D6:D3:B6:99:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CADEAE5152EAEA05A575AB752523121A7B55673
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e91376d-8b45-49e6-bf21-9f8e5d21208b.roa
Signing time: Tue 15 Apr 2025 15:10:09 +0000
ROA not before: Tue 15 Apr 2025 15:10:09 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:ad:ea:e5:15:2e:ae:a0:5a:57:5a:b7:52:52:31:21:a7:b5:56:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:09 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=f1495ded13c3d5b102ad409d379f1359fc52a2a2d016e26474f91535e6d1ca6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7c:92:2d:d2:09:7b:09:a4:00:0b:e7:da:ac:
4a:59:dd:e9:42:e8:a9:f8:63:eb:fe:45:da:c7:d5:
7d:9a:16:4c:93:10:8a:ff:67:73:c6:4a:d2:46:a9:
e0:a8:13:6b:18:29:03:8e:58:d9:e2:0f:14:ac:fa:
db:f9:1f:55:51:9b:ba:85:ba:bf:f3:be:86:12:7f:
bf:72:06:3b:c7:57:87:94:37:54:87:ae:31:e3:0e:
b2:a4:5d:32:97:22:cb:8c:f9:e9:fc:47:a1:b7:2a:
3b:14:6b:1d:3f:da:37:f5:70:74:19:34:1c:18:50:
b6:8b:a2:bb:5e:52:7d:33:60:71:21:d0:05:04:de:
cb:4f:0a:0f:02:ac:d7:d2:67:2e:17:54:0a:f8:ca:
4a:83:7f:72:76:52:d2:b4:6a:99:6e:69:63:35:bb:
85:89:43:2e:eb:2e:1a:6f:08:3a:da:f2:35:39:5b:
c2:4f:ae:84:98:59:77:51:c3:86:1e:92:c8:43:d5:
05:bd:c7:82:98:ff:a4:85:5e:7e:2f:f2:c7:7d:64:
5f:51:59:d3:5a:7e:c9:50:35:a1:c3:0e:fe:cb:b0:
21:a9:12:e2:2f:de:9e:e0:11:32:80:b0:3b:62:89:
9a:97:3c:e1:78:2a:ec:9b:f0:c4:75:85:39:2c:cb:
8d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E9:E2:97:9A:6F:AB:94:E3:00:5C:C0:7D:41:7E:D6:D3:B6:99:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e91376d-8b45-49e6-bf21-9f8e5d21208b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:5000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:a6:5f:d0:88:82:6c:dd:b5:23:d5:85:a2:c0:f6:fd:3c:a1:
7a:8c:32:25:e6:cb:a7:51:f0:62:ad:d8:9b:ae:74:27:84:6c:
d8:a6:b5:e5:a8:af:a0:92:5e:d5:a4:81:3c:9b:8f:a1:95:fe:
76:bf:f0:2a:6a:50:6b:26:fe:6a:2e:9f:11:fb:fd:65:88:e1:
ee:de:c4:47:9c:8c:26:03:b3:dd:92:06:3e:e6:19:5d:3b:68:
b8:9d:6d:54:89:89:f7:bc:2a:ef:d3:0d:f6:f9:8f:98:ae:34:
a3:9a:08:83:d8:15:74:82:58:5f:bf:6e:79:1f:81:55:41:e4:
5e:ad:9d:45:78:96:4a:a2:24:5a:d3:e2:68:94:aa:ee:2b:a5:
08:9f:f1:e5:63:0b:66:aa:98:ee:84:fa:41:04:7f:cb:8a:7a:
ec:a7:62:c8:0c:94:ac:ec:18:a8:59:59:fe:53:c2:62:53:58:
b1:67:b7:17:58:7c:23:cf:60:a6:98:16:4e:1b:03:be:c0:dd:
51:49:d9:7c:02:37:11:c6:c8:fa:71:0b:ad:72:f8:86:1e:11:
ec:10:60:d4:e9:54:58:0a:df:e1:0f:75:6c:01:d5:8e:d2:32:
10:30:74:7d:b3:a0:97:38:9f:de:31:5a:e6:d0:e7:86:14:d5:
c9:e6:73:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXK3q5RUurqBaV1q3UlIxIae1VnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMDlaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxNDk1ZGVkMTNjM2Q1YjEwMmFkNDA5ZDM3OWYxMzU5ZmM1MmEyYTJkMDE2
ZTI2NDc0ZjkxNTM1ZTZkMWNhNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL98ki3SCXsJpAAL59qsSlnd6ULoqfhj6/5F2sfVfZoWTJMQiv9nc8ZK0kap
4KgTaxgpA45Y2eIPFKz62/kfVVGbuoW6v/O+hhJ/v3IGO8dXh5Q3VIeuMeMOsqRd
Mpciy4z56fxHobcqOxRrHT/aN/VwdBk0HBhQtouiu15SfTNgcSHQBQTey08KDwKs
19JnLhdUCvjKSoN/cnZS0rRqmW5pYzW7hYlDLusuGm8IOtryNTlbwk+uhJhZd1HD
hh6SyEPVBb3Hgpj/pIVefi/yx31kX1FZ01p+yVA1ocMO/suwIakS4i/enuARMoCw
O2KJmpc84Xgq7JvwxHWFOSzLjQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+6eKX
mm+rlOMAXMB9QX7W07aZTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU5MTM3NmQtOGI0NS00OWU2LWJmMjEtOWY4ZTVkMjEyMDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA8pl/QiIJs3bUj1YWiwPb9PKF6jDIl5sunUfBi
rdibrnQnhGzYprXlqK+gkl7VpIE8m4+hlf52v/AqalBrJv5qLp8R+/1liOHu3sRH
nIwmA7PdkgY+5hldO2i4nW1UiYn3vCrv0w32+Y+YrjSjmgiD2BV0glhfv255H4FV
QeRerZ1FeJZKoiRa0+JolKruK6UIn/HlYwtmqpjuhPpBBH/Linrsp2LIDJSs7Bio
WVn+U8JiU1ixZ7cXWHwjz2CmmBZOGwO+wN1RSdl8AjcRxsj6cQutcviGHhHsEGDU
6VRYCt/hD3VsAdWO0jIQMHR9s6CXOJ/eMVrm0OeGFNXJ5nOX
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:54 2025 by rpki-client