Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json)
Hash identifier: 3Y58VKG05WAhlwIj7IFDPeNZswq0GO8nGR3cnXaqskU=
Subject key identifier: C6:54:C3:E7:C5:C8:37:45:F0:4F:A8:D9:D6:92:41:0C:0A:81:26:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 205A21FCF0960B4E259B1977D6439B01FE6F6853
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
Signing time: Tue 01 Apr 2025 15:00:17 +0000
ROA not before: Tue 01 Apr 2025 15:00:17 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:5a:21:fc:f0:96:0b:4e:25:9b:19:77:d6:43:9b:01:fe:6f:68:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:00:17 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=54230002aaee84ab7b2f91fb6155e2cffb3335268937ea93ec247235bfadd797, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7d:56:f6:3b:af:fd:70:54:c7:0d:4f:f6:6c:
04:46:4a:2a:80:d1:6a:a1:17:16:10:31:98:85:67:
a3:6d:23:aa:ee:fc:3e:46:bc:dd:95:2b:19:23:60:
f4:d1:da:e5:57:5a:be:17:f4:ff:13:07:96:ac:99:
3c:a9:24:1c:37:d9:df:51:60:69:2a:14:22:ca:9a:
0d:72:80:99:49:24:4a:de:1c:1d:51:2a:d0:6a:8c:
99:73:70:a7:f4:d0:22:4e:c3:79:88:d2:95:59:fe:
ab:3f:32:18:a6:f0:de:cc:df:66:fd:02:0e:24:9b:
ba:13:d7:1e:9f:ca:bb:8c:34:75:bf:04:b8:a0:22:
50:db:90:63:86:9a:d1:64:ac:eb:d0:7a:1b:90:0b:
f3:7f:e7:b7:bf:31:01:4e:bf:62:db:48:55:d9:4b:
c7:79:31:c9:97:4d:c7:fa:bd:63:83:97:ab:e0:a9:
3c:c3:6d:fd:b2:f5:b3:b6:62:9a:6d:fc:02:9b:17:
27:91:95:4b:62:54:ec:0c:2b:88:17:8a:c4:2e:5b:
20:2d:43:5c:e7:2f:62:d3:df:7d:f3:63:86:fe:96:
46:88:18:3b:18:81:71:67:41:76:9a:7b:fa:28:b1:
01:f3:62:64:d2:86:43:d3:6f:c9:4f:5f:77:2b:0f:
c7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:54:C3:E7:C5:C8:37:45:F0:4F:A8:D9:D6:92:41:0C:0A:81:26:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:c000::/40
Signature Algorithm: sha256WithRSAEncryption
22:71:fd:82:48:14:05:cd:d0:3f:76:5d:fc:d9:3d:e2:0e:93:
29:ee:b1:6a:7c:11:ab:0d:35:81:dd:c6:a5:70:e2:82:7c:78:
11:f6:6a:3b:5d:99:4f:20:38:95:f8:e5:0e:47:4d:48:09:d6:
e2:69:a8:28:24:f4:71:14:a4:ed:14:40:5e:3e:f9:68:c8:de:
d9:47:23:1c:65:67:0a:13:bb:a4:c0:30:23:b3:90:e8:7e:6c:
a2:0c:45:db:5f:47:f3:39:45:76:a0:05:97:4f:84:90:4a:fe:
04:20:a5:08:cb:a7:f1:1d:ae:b7:32:d3:bc:47:26:18:c9:32:
3a:84:d5:2b:95:16:9c:43:cb:ef:b3:43:4d:a9:31:44:0a:4f:
89:b7:a5:8d:a1:b7:41:97:cf:97:33:7b:07:fa:48:e8:8e:df:
28:35:03:66:bd:d0:84:4f:a2:f9:ea:59:e3:41:cd:13:45:36:
9d:68:b4:fd:34:6d:41:1c:eb:30:bc:1b:fe:cf:ba:e1:8e:2b:
54:9f:7a:c1:bc:86:c6:f6:d3:30:01:78:00:30:11:a5:20:de:
f3:9b:e7:16:61:f9:59:93:4b:d8:fa:f3:87:35:7d:40:33:cc:
41:5a:b1:8e:f2:e1:c0:b0:c0:d7:8a:a4:4e:79:07:90:ae:cd:
44:52:b3:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIFoh/PCWC04lmxl31kObAf5vaFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAwMTdaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MjMwMDAyYWFlZTg0YWI3YjJmOTFmYjYxNTVlMmNmZmIzMzM1MjY4OTM3
ZWE5M2VjMjQ3MjM1YmZhZGQ3OTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh9VvY7r/1wVMcNT/ZsBEZKKoDRaqEXFhAxmIVno20jqu78Pka83ZUrGSNg
9NHa5Vdavhf0/xMHlqyZPKkkHDfZ31FgaSoUIsqaDXKAmUkkSt4cHVEq0GqMmXNw
p/TQIk7DeYjSlVn+qz8yGKbw3szfZv0CDiSbuhPXHp/Ku4w0db8EuKAiUNuQY4aa
0WSs69B6G5AL83/nt78xAU6/YttIVdlLx3kxyZdNx/q9Y4OXq+CpPMNt/bL1s7Zi
mm38ApsXJ5GVS2JU7AwriBeKxC5bIC1DXOcvYtPfffNjhv6WRogYOxiBcWdBdpp7
+iixAfNiZNKGQ9NvyU9fdysPx2MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGVMPn
xcg3RfBPqNnWkkEMCoEmzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA
MA0GCSqGSIb3DQEBCwUAA4IBAQAicf2CSBQFzdA/dl382T3iDpMp7rFqfBGrDTWB
3calcOKCfHgR9mo7XZlPIDiV+OUOR01ICdbiaagoJPRxFKTtFEBePvloyN7ZRyMc
ZWcKE7ukwDAjs5DofmyiDEXbX0fzOUV2oAWXT4SQSv4EIKUIy6fxHa63MtO8RyYY
yTI6hNUrlRacQ8vvs0NNqTFECk+Jt6WNobdBl8+XM3sH+kjojt8oNQNmvdCET6L5
6lnjQc0TRTadaLT9NG1BHOswvBv+z7rhjitUn3rBvIbG9tMwAXgAMBGlIN7zm+cW
YflZk0vY+vOHNX1AM8xBWrGO8uHAsMDXiqROeQeQrs1EUrMQ
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:37:58 2025 by rpki-client