Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
File: 5387f3e7-ef20-46b2-8929-bf638dce97e1.roa (raw, json)
Hash identifier: UMvwZkWUwUYLHsZR9XVy52DmKf1lGaUMixm7kBRRSxM=
Subject key identifier: 76:D9:3D:81:0B:A2:51:21:5D:76:0A:59:6A:EE:E8:86:05:66:00:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CBE4B2715D4BF784C40C5FBA01386CEF9115D72
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
Signing time: Fri 25 Apr 2025 18:31:33 +0000
ROA not before: Fri 25 Apr 2025 18:31:33 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:be:4b:27:15:d4:bf:78:4c:40:c5:fb:a0:13:86:ce:f9:11:5d:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:33 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=0ab0b142c63dd3a94a10ed414c01222f6110088b87d4f3d88d531d3dc0e38c00, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:60:ed:0e:a7:c5:8f:4a:3d:a4:3f:d4:5d:5e:
6a:5f:7f:1b:e9:ec:f5:ae:4a:19:86:b9:89:44:75:
d5:27:5e:50:35:a9:42:80:01:8c:21:23:af:32:be:
56:28:b9:d5:47:53:33:73:eb:11:1c:50:ed:bb:fd:
a3:bd:ff:24:4b:1a:6a:d0:c5:5f:dc:54:38:07:37:
4f:66:1f:75:68:06:1f:4d:b7:d2:53:9e:3c:f4:0f:
1b:e5:12:d4:c4:a3:fb:c1:b4:81:d4:c3:ee:4e:55:
5e:3d:3f:48:63:78:6b:15:fb:ef:73:4e:2a:64:72:
60:d9:c5:f6:e0:ce:82:a3:60:9d:2a:2a:90:5b:20:
f5:d8:4c:87:c7:24:6b:e9:5a:f0:70:02:c9:38:b9:
e5:4c:3c:a5:7a:8b:ba:d3:b0:83:5a:23:a1:51:d0:
3d:13:f3:38:3b:ff:d3:0e:81:d9:5c:b5:a8:76:14:
fe:b0:e3:62:a4:74:d7:84:59:05:8a:8b:05:82:ab:
57:ff:08:e5:15:d3:87:45:f2:2f:2c:3b:f4:b0:21:
c1:32:7f:20:ce:6b:ee:98:4c:59:2c:f6:4f:d6:13:
70:80:15:c6:52:07:c8:b6:08:86:0d:bd:8d:23:67:
33:35:b8:7a:ff:9d:e0:dc:6b:ab:72:82:42:cb:4c:
c8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D9:3D:81:0B:A2:51:21:5D:76:0A:59:6A:EE:E8:86:05:66:00:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a3:d3:e3:77:75:a6:24:89:0c:4b:fa:18:cc:6a:e5:d6:c2:34:
26:16:cf:ac:4e:40:7b:28:b4:88:97:24:65:1b:59:54:ad:9a:
12:33:31:ac:3d:32:b1:fb:bd:45:2e:41:98:7a:3d:1a:f6:71:
bd:22:e2:8b:a3:b1:b4:ab:4f:7d:74:55:76:e1:be:64:56:2c:
0d:ca:33:ab:04:20:37:a9:44:56:fe:a9:fc:10:71:d2:af:e2:
bb:25:7e:2a:df:36:89:73:38:1d:2b:d7:25:8b:2c:83:3e:dd:
a8:54:10:a4:40:a9:4e:db:f9:56:61:5b:57:be:41:41:74:a6:
cf:a6:7f:53:41:e5:3c:69:4a:5c:60:97:be:ef:50:b4:ce:cc:
71:d7:e0:8f:5f:f5:b9:75:1b:c1:fb:5d:d3:c3:7d:ce:31:e9:
44:1c:f2:ab:1c:54:a5:c9:60:7f:df:4b:89:7f:41:f3:45:44:
95:f1:23:6a:f1:ac:26:5f:ff:ee:c1:91:f7:f3:71:2b:9b:57:
f0:a8:08:aa:19:87:ee:b8:54:ed:4d:f5:2c:9d:dd:5a:ac:67:
5b:e4:45:cc:46:01:73:73:c6:8e:4f:c9:e4:eb:fc:49:33:80:
b3:85:a1:16:f5:f9:9f:be:7b:11:0d:df:3f:23:b7:aa:af:8c:
c8:95:3a:8d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDL5LJxXUv3hMQMX7oBOGzvkRXXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxMzNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYjBiMTQyYzYzZGQzYTk0YTEwZWQ0MTRjMDEyMjJmNjExMDA4OGI4N2Q0
ZjNkODhkNTMxZDNkYzBlMzhjMDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhg7Q6nxY9KPaQ/1F1eal9/G+ns9a5KGYa5iUR11SdeUDWpQoABjCEjrzK+
Vii51UdTM3PrERxQ7bv9o73/JEsaatDFX9xUOAc3T2YfdWgGH0230lOePPQPG+US
1MSj+8G0gdTD7k5VXj0/SGN4axX773NOKmRyYNnF9uDOgqNgnSoqkFsg9dhMh8ck
a+la8HACyTi55Uw8pXqLutOwg1ojoVHQPRPzODv/0w6B2Vy1qHYU/rDjYqR014RZ
BYqLBYKrV/8I5RXTh0XyLyw79LAhwTJ/IM5r7phMWSz2T9YTcIAVxlIHyLYIhg29
jSNnMzW4ev+d4Nxrq3KCQstMyI0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR22T2B
C6JRIV12Cllq7uiGBWYAkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4N2YzZTctZWYyMC00NmIyLTg5MjktYmY2MzhkY2U5N2UxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCj0+N3daYkiQxL+hjMauXWwjQmFs+sTkB7KLSI
lyRlG1lUrZoSMzGsPTKx+71FLkGYej0a9nG9IuKLo7G0q099dFV24b5kViwNyjOr
BCA3qURW/qn8EHHSr+K7JX4q3zaJczgdK9cliyyDPt2oVBCkQKlO2/lWYVtXvkFB
dKbPpn9TQeU8aUpcYJe+71C0zsxx1+CPX/W5dRvB+13Tw33OMelEHPKrHFSlyWB/
30uJf0HzRUSV8SNq8awmX//uwZH383Erm1fwqAiqGYfuuFTtTfUsnd1arGdb5EXM
RgFzc8aOT8nk6/xJM4CzhaEW9fmfvnsRDd8/I7eqr4zIlTqN
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:05 2025 by rpki-client