Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: 5a6qvm4C/p1mG6Ajn1KKJp7V1NFJYHCgqlnwJTn71EE=
Subject key identifier: 90:D7:7C:E8:39:FA:54:21:74:74:45:3A:44:82:C4:E6:B8:9C:4D:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1581D92D6B8E5264388CFBD5381358CA678F6390
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Fri 25 Apr 2025 20:20:18 +0000
ROA not before: Fri 25 Apr 2025 20:20:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:81:d9:2d:6b:8e:52:64:38:8c:fb:d5:38:13:58:ca:67:8f:63:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=24821b877e1704f503381dbb6f9982d0b631b41f823b3bb8e440ef58ecfe9460, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a9:cc:fa:7c:a6:fc:ab:f9:7c:2e:90:66:02:
ae:3a:58:a3:7a:45:cd:93:28:b1:24:a2:90:4e:7c:
4c:83:e5:99:b1:eb:81:27:0d:74:13:cd:d0:ff:f7:
06:46:58:13:87:38:01:aa:13:3a:98:43:4f:77:41:
fd:b3:fd:1b:e9:01:87:34:b0:33:c7:4b:a8:58:a4:
51:b6:42:c7:52:dd:e8:3c:6e:c2:fc:cf:22:bb:b5:
c4:f5:13:9e:51:71:4c:2e:0e:3e:bc:3a:b7:d8:00:
4f:d3:aa:3f:f5:be:ad:4f:37:66:47:5e:4f:a8:b5:
4a:0c:b7:da:d5:b4:25:d9:29:1d:ab:af:56:20:e0:
1a:3b:d6:26:2e:f6:6e:e7:19:09:7d:e1:ad:e1:df:
ff:9a:8d:c2:f0:aa:9d:29:15:df:a4:51:79:e5:fc:
0b:9b:dd:47:6f:ef:10:d4:1c:88:ed:a1:35:c1:b5:
c9:04:0b:f1:b5:10:90:f3:3f:d6:bc:eb:dd:11:10:
e6:36:69:9f:ad:86:94:41:cc:f6:f4:d8:4d:14:87:
4c:fc:2f:f0:72:fa:c9:96:fe:f1:20:aa:4a:e2:ab:
e1:03:f0:23:8d:75:aa:4f:fc:0d:02:7b:39:27:46:
8b:d2:b1:f3:f0:66:a4:ea:8d:7a:9c:90:50:ed:44:
4c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D7:7C:E8:39:FA:54:21:74:74:45:3A:44:82:C4:E6:B8:9C:4D:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
c8:74:78:b0:e0:3d:1c:a5:fc:17:14:75:e8:d7:00:ae:22:56:
1b:6c:f4:49:ba:2f:50:d9:70:23:74:a6:f6:97:a7:39:7f:72:
38:0d:25:8b:09:53:37:e9:c5:0c:19:39:47:82:6a:34:49:fb:
32:55:41:ce:00:bd:8a:31:37:5e:7c:91:11:1b:65:ba:5d:3e:
b7:ec:71:4a:aa:77:95:a2:2a:e6:4e:b0:3a:3b:88:a6:84:2c:
0a:11:d0:f2:bb:ab:90:65:11:d4:3b:43:f1:e6:0c:b8:70:5f:
5a:fc:d1:cf:3c:42:0c:22:f2:4b:a5:51:06:ab:ab:78:db:89:
8b:9f:46:5f:68:c9:c4:98:65:23:8f:73:9c:5c:28:01:d0:36:
ba:b8:0f:3e:61:9e:4b:71:95:33:2b:72:51:e7:e7:f3:bc:2e:
cd:d5:c4:7f:6c:30:be:06:19:16:de:ee:a0:97:95:48:df:cd:
3e:9f:e6:71:1b:43:9f:42:28:a1:3d:7c:2a:e6:f3:55:a5:41:
90:df:5e:97:7f:ac:dd:ca:69:66:46:4a:98:7f:d1:fc:f3:8b:
92:0d:b0:4f:ca:db:f1:69:ea:0c:db:65:c9:e7:07:52:56:fa:
e3:72:0b:06:56:99:f1:7a:c2:a6:3b:d0:6a:02:6f:41:1c:3f:
43:05:70:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFYHZLWuOUmQ4jPvVOBNYymePY5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0ODIxYjg3N2UxNzA0ZjUwMzM4MWRiYjZmOTk4MmQwYjYzMWI0MWY4MjNi
M2JiOGU0NDBlZjU4ZWNmZTk0NjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCpzPp8pvyr+XwukGYCrjpYo3pFzZMosSSikE58TIPlmbHrgScNdBPN0P/3
BkZYE4c4AaoTOphDT3dB/bP9G+kBhzSwM8dLqFikUbZCx1Ld6DxuwvzPIru1xPUT
nlFxTC4OPrw6t9gAT9OqP/W+rU83ZkdeT6i1Sgy32tW0JdkpHauvViDgGjvWJi72
bucZCX3hreHf/5qNwvCqnSkV36RReeX8C5vdR2/vENQciO2hNcG1yQQL8bUQkPM/
1rzr3REQ5jZpn62GlEHM9vTYTRSHTPwv8HL6yZb+8SCqSuKr4QPwI411qk/8DQJ7
OSdGi9Kx8/BmpOqNepyQUO1ETAkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQ13zo
OfpUIXR0RTpEgsTmuJxNYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQDIdHiw4D0cpfwXFHXo1wCuIlYbbPRJui9Q2XAj
dKb2l6c5f3I4DSWLCVM36cUMGTlHgmo0SfsyVUHOAL2KMTdefJERG2W6XT637HFK
qneVoirmTrA6O4imhCwKEdDyu6uQZRHUO0Px5gy4cF9a/NHPPEIMIvJLpVEGq6t4
24mLn0ZfaMnEmGUjj3OcXCgB0Da6uA8+YZ5LcZUzK3JR5+fzvC7N1cR/bDC+BhkW
3u6gl5VI380+n+ZxG0OfQiihPXwq5vNVpUGQ316Xf6zdymlmRkqYf9H884uSDbBP
ytvxaeoM22XJ5wdSVvrjcgsGVpnxesKmO9BqAm9BHD9DBXAV
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:13 2025 by rpki-client