Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
File: 546828d4-9f43-44c2-bff8-aafeddca4e25.roa (raw, json)
Hash identifier: XeiqzmRa/52c+yZPNDU5AKvhMxlvJOgAs6eKK6GwfDA=
Subject key identifier: 1C:4E:88:90:14:65:5B:97:66:4E:60:ED:EE:6F:C8:AD:DF:4A:BC:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1711DACF21CD04DD175DE162608F7D417AE377
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
Signing time: Fri 25 Apr 2025 19:00:46 +0000
ROA not before: Fri 25 Apr 2025 19:00:46 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:11:da:cf:21:cd:04:dd:17:5d:e1:62:60:8f:7d:41:7a:e3:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:46 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=454d475ab3710c8c3b7c8d66197f9413df11c6b432c68477a23bef5386cbf3ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:63:61:fa:89:0b:21:0d:eb:d0:77:d7:f0:48:
a2:6b:15:8f:33:a2:72:e7:a4:dd:43:3d:32:d7:36:
cd:73:bb:1f:95:ce:b8:6d:42:4d:52:ca:21:f8:31:
ea:51:fc:5d:b0:fe:97:76:d4:39:11:8a:0a:13:de:
f1:fc:8b:d4:dd:21:bd:6f:fe:dd:92:9a:22:ff:87:
b4:5e:7d:92:16:a0:5c:93:37:14:03:7f:fa:5d:68:
19:55:59:6f:f9:ed:33:5e:60:75:b4:85:4b:2b:6f:
6f:2c:2c:30:a1:ff:73:89:73:42:44:25:9a:4a:bb:
35:68:b7:88:9a:5c:63:dd:eb:cd:3e:5c:9a:d0:ba:
06:c5:89:ff:ba:ae:c8:d6:25:7a:f0:ff:d8:f1:f9:
f5:da:c7:74:4c:d5:bd:32:1d:ef:4a:e0:74:4b:96:
87:d1:3f:28:13:21:72:8d:79:e3:6d:b2:20:be:47:
6a:d6:36:b7:0a:4f:02:c9:47:94:0d:73:82:38:a5:
df:4f:5a:f3:d2:46:ca:83:64:3e:7f:ff:b9:71:21:
ea:d5:4d:80:b9:32:3b:ed:3c:ea:b9:7e:13:b4:31:
af:48:b3:cb:c1:68:bc:ec:d7:f9:32:4d:19:a3:92:
7d:3a:33:bf:6c:85:2d:63:f2:44:7d:83:f1:70:e5:
08:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:4E:88:90:14:65:5B:97:66:4E:60:ED:EE:6F:C8:AD:DF:4A:BC:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e040::/48
Signature Algorithm: sha256WithRSAEncryption
65:da:9c:f7:d8:27:04:e2:6d:cf:ec:87:54:14:39:c3:36:6d:
1b:1d:a5:76:b9:86:fc:02:b8:39:6e:74:5b:d5:c4:1f:67:4e:
27:e3:a4:8d:09:b8:15:ce:5f:99:85:7c:d5:c6:e2:f4:55:b3:
70:58:ff:93:8f:88:a0:b1:19:f4:16:19:94:ff:ff:81:e7:8c:
32:61:c4:94:f7:58:f2:7d:ab:91:5d:b3:44:3d:cf:db:71:09:
e7:84:12:a4:70:83:cf:61:c8:58:95:6c:6a:69:25:0f:63:a1:
cc:ef:ce:60:8c:dd:55:a0:6c:4d:13:5b:14:a9:f9:6a:2e:fc:
1d:c0:cd:37:6a:7a:4f:36:96:2b:85:5b:2e:61:18:95:cf:8b:
08:a9:2f:48:28:ea:6e:bd:8a:a2:7b:6c:33:0d:ec:47:7e:b7:
ef:5d:e7:79:11:6d:fa:c0:eb:61:c4:41:04:aa:8b:93:7a:37:
05:88:77:3b:44:2d:53:38:07:aa:29:e1:a8:5a:12:96:43:4e:
1c:dc:ee:fe:d6:c9:a0:f4:41:c8:d3:b3:e2:f7:81:f1:76:5a:
f7:e9:19:9c:cc:83:0c:7f:f3:3a:5d:e5:fd:1f:43:59:a8:ab:
52:6e:68:b1:bb:6c:1b:e8:86:b0:fe:e2:83:fc:74:1d:23:e6:
51:1d:8a:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITFxHazyHNBN0XXeFiYI99QXrjdzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDQyNTE5MDA0NloXDTI1MDUzMDIzNTk1OVowejFJMEcGA1UE
BRNANDU0ZDQ3NWFiMzcxMGM4YzNiN2M4ZDY2MTk3Zjk0MTNkZjExYzZiNDMyYzY4
NDc3YTIzYmVmNTM4NmNiZjNhYjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn2Nh+okLIQ3r0HfX8EiiaxWPM6Jy56TdQz0y1zbNc7sflc64bUJNUsoh+DHq
UfxdsP6XdtQ5EYoKE97x/IvU3SG9b/7dkpoi/4e0Xn2SFqBckzcUA3/6XWgZVVlv
+e0zXmB1tIVLK29vLCwwof9ziXNCRCWaSrs1aLeImlxj3evNPlya0LoGxYn/uq7I
1iV68P/Y8fn12sd0TNW9Mh3vSuB0S5aH0T8oEyFyjXnjbbIgvkdq1ja3Ck8CyUeU
DXOCOKXfT1rz0kbKg2Q+f/+5cSHq1U2AuTI77TzquX4TtDGvSLPLwWi87Nf5Mk0Z
o5J9OjO/bIUtY/JEfYPxcOUIJwIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFBxOiJAU
ZVuXZk5g7e5vyK3fSryZMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC81
NDY4MjhkNC05ZjQzLTQ0YzItYmZmOC1hYWZlZGRjYTRlMjUucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgXQAOBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBl2pz32CcE4m3P7IdUFDnDNm0bHaV2uYb8Arg5
bnRb1cQfZ04n46SNCbgVzl+ZhXzVxuL0VbNwWP+Tj4igsRn0FhmU//+B54wyYcSU
91jyfauRXbNEPc/bcQnnhBKkcIPPYchYlWxqaSUPY6HM785gjN1VoGxNE1sUqflq
LvwdwM03anpPNpYrhVsuYRiVz4sIqS9IKOpuvYqie2wzDexHfrfvXed5EW36wOth
xEEEqouTejcFiHc7RC1TOAeqKeGoWhKWQ04c3O7+1smg9EHI07Pi94Hxdlr36Rmc
zIMMf/M6XeX9H0NZqKtSbmixu2wb6Iaw/uKD/HQdI+ZRHYo2
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:43 2025 by rpki-client