Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
File: 53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa (raw, json)
Hash identifier: LTRiod2TskZp4n4rxTchfdgLnM+WzJmfvRjs45CIk6A=
Subject key identifier: CE:52:AC:17:97:F8:46:F5:98:C2:A1:BC:A3:E8:FB:96:19:DA:EF:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EAAC337612F4403D69F69AA7A63966C52EE0D1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
Signing time: Tue 15 Apr 2025 15:00:04 +0000
ROA not before: Tue 15 Apr 2025 15:00:04 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:aa:c3:37:61:2f:44:03:d6:9f:69:aa:7a:63:96:6c:52:ee:0d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:04 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=efea4a3dac16278d2af6667e344d32000dd05e3c4aea70fcd54db33595d00e0c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:7c:63:0b:cb:3a:6f:af:65:a7:64:be:54:ee:
9f:69:e9:c4:b1:08:7e:2b:b3:11:33:5d:f4:29:65:
bb:69:be:e2:ee:cb:f2:43:a0:94:8b:e8:20:f8:76:
72:61:20:ee:01:94:07:f7:61:54:c3:66:0e:d5:24:
ea:f2:ad:8e:b3:a9:9e:b4:a2:0f:7d:bb:a2:8e:96:
e0:cf:98:4e:28:91:bf:99:53:7e:84:36:78:c8:89:
57:af:da:c7:51:82:06:15:86:66:13:ba:c8:a5:53:
a7:d2:99:43:1f:77:fb:58:01:cf:ae:cd:c8:a5:32:
9d:75:5f:d8:e4:aa:f9:90:fe:db:48:0f:66:5f:e2:
04:ec:f7:8a:78:d8:74:24:f1:04:b0:89:50:48:f2:
30:62:c5:e5:32:ab:66:f6:fc:38:a7:7b:1b:86:1c:
3c:11:b4:b4:e5:0f:26:15:24:6d:a0:8a:7f:e3:91:
87:eb:e2:4e:43:aa:81:f5:ab:3a:2a:b9:34:cf:f5:
8f:25:7d:c4:fd:ec:b7:33:b1:a1:78:01:10:db:82:
94:03:35:39:2a:75:fb:45:c5:16:63:59:87:0b:3a:
78:af:01:f3:ca:25:7d:ec:b2:51:2c:0b:7e:5b:55:
5e:43:a6:c2:75:c9:df:50:8a:a1:04:2f:41:01:8e:
d7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:52:AC:17:97:F8:46:F5:98:C2:A1:BC:A3:E8:FB:96:19:DA:EF:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53fdd354-0eb8-404b-8203-b5e8211b2b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:09:30:7a:d5:2e:93:b6:55:4a:0b:f6:f7:4c:a5:d9:53:22:
d9:ce:33:6c:e7:f1:73:6b:fc:cc:30:8b:d5:16:ea:fd:91:56:
6c:98:0c:e3:ce:ec:41:80:e1:9b:62:dd:f2:ca:a1:3a:58:ac:
fa:fb:0d:1d:72:40:d8:9c:86:f6:1c:e3:68:1e:b7:c9:61:09:
58:70:ad:8e:77:4e:cd:17:e4:f8:f4:86:40:fb:74:52:7d:66:
9a:b4:4d:de:e4:da:43:f5:c2:2d:71:e1:a2:7b:6b:d5:4e:97:
5c:10:40:e2:b6:40:85:7b:ab:47:56:14:bf:7b:74:30:6d:8f:
dc:c2:43:b5:81:40:f4:39:6a:2c:bb:bf:c9:60:eb:bd:78:7b:
04:c6:53:df:02:17:fe:0b:cf:3a:61:5e:5f:d8:75:86:2f:cb:
f8:6c:bc:37:cb:df:6b:0b:85:59:48:99:03:89:6b:01:85:ff:
b2:88:f2:6f:70:fc:00:78:b0:ec:eb:c7:6e:ab:d4:63:92:39:
6d:eb:25:de:ca:c9:42:ab:9d:af:15:5e:c7:63:36:e6:9b:58:
78:84:3d:c3:a4:41:09:8f:bc:f4:12:86:27:fb:cd:cb:f1:98:
fc:ab:f0:86:61:20:8f:85:39:0e:94:26:40:46:0a:21:db:2b:
ce:e1:1e:90
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULqrDN2EvRAPWn2mqemOWbFLuDRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwMDRaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmZWE0YTNkYWMxNjI3OGQyYWY2NjY3ZTM0NGQzMjAwMGRkMDVlM2M0YWVh
NzBmY2Q1NGRiMzM1OTVkMDBlMGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPp8YwvLOm+vZadkvlTun2npxLEIfiuzETNd9Cllu2m+4u7L8kOglIvoIPh2
cmEg7gGUB/dhVMNmDtUk6vKtjrOpnrSiD327oo6W4M+YTiiRv5lTfoQ2eMiJV6/a
x1GCBhWGZhO6yKVTp9KZQx93+1gBz67NyKUynXVf2OSq+ZD+20gPZl/iBOz3injY
dCTxBLCJUEjyMGLF5TKrZvb8OKd7G4YcPBG0tOUPJhUkbaCKf+ORh+viTkOqgfWr
Oiq5NM/1jyV9xP3stzOxoXgBENuClAM1OSp1+0XFFmNZhws6eK8B88olfeyyUSwL
fltVXkOmwnXJ31CKoQQvQQGO1z8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTOUqwX
l/hG9ZjCobyj6PuWGdrv0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTNmZGQzNTQtMGViOC00MDRiLTgyMDMtYjVlODIxMWIyYjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYg
MA0GCSqGSIb3DQEBCwUAA4IBAQC3CTB61S6TtlVKC/b3TKXZUyLZzjNs5/Fza/zM
MIvVFur9kVZsmAzjzuxBgOGbYt3yyqE6WKz6+w0dckDYnIb2HONoHrfJYQlYcK2O
d07NF+T49IZA+3RSfWaatE3e5NpD9cItceGie2vVTpdcEEDitkCFe6tHVhS/e3Qw
bY/cwkO1gUD0OWosu7/JYOu9eHsExlPfAhf+C886YV5f2HWGL8v4bLw3y99rC4VZ
SJkDiWsBhf+yiPJvcPwAeLDs68duq9Rjkjlt6yXeyslCq52vFV7HYzbmm1h4hD3D
pEEJj7z0EoYn+83L8Zj8q/CGYSCPhTkOlCZARgoh2yvO4R6Q
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:05 2025 by rpki-client