Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54aaecbd-f237-4e42-9d78-c366846bfd11.roa
File: 54aaecbd-f237-4e42-9d78-c366846bfd11.roa (raw, json)
Hash identifier: lw8l55l2boMPKnmggW5ai67tOgJ3QsA50nFXLd4OuZ0=
Subject key identifier: CF:9C:0D:6E:99:B2:2C:EE:21:FC:C1:CF:30:C9:8B:1A:7D:15:8E:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 655E5179B1A8D7DAE41A4C37A20F48E6058FFAFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54aaecbd-f237-4e42-9d78-c366846bfd11.roa
Signing time: Fri 25 Apr 2025 19:30:07 +0000
ROA not before: Fri 25 Apr 2025 19:30:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:5e:51:79:b1:a8:d7:da:e4:1a:4c:37:a2:0f:48:e6:05:8f:fa:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:30:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=52400d37b749e2c546ccfe915cd0b1ade81a5a704ba9910694553852c5939654, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cd:f0:0f:6f:07:4b:bd:5d:e8:76:3f:0e:9c:
37:f1:fc:f0:58:d8:0d:34:02:d4:e0:14:e9:36:e1:
4e:57:8b:60:64:3b:bd:34:84:0d:6c:49:94:23:da:
03:d2:df:f3:95:89:a1:ea:ff:76:37:f6:ff:82:44:
30:cf:8e:01:34:ce:a8:55:16:f0:91:b2:c3:ae:e5:
68:13:43:1b:43:18:b9:6e:9c:b5:f5:42:fc:63:d8:
6b:f6:fe:9e:f9:62:78:b4:7c:b5:41:22:14:36:49:
4c:8b:13:d4:29:af:33:56:41:d3:b1:06:32:65:8d:
9c:7b:6f:c5:34:79:df:7f:38:58:03:95:a3:76:9b:
ad:37:20:48:52:dc:ce:04:8e:75:d2:c3:e4:ff:49:
94:17:b4:fd:35:20:48:4d:e0:41:71:aa:d6:2c:da:
7c:6d:7e:c4:92:41:68:df:5a:52:4f:8c:22:e2:65:
6b:ca:2d:e4:2e:f1:86:1f:b6:f0:64:03:16:6e:a2:
e3:f6:6d:2c:45:44:a5:dc:42:d6:10:0c:7f:a0:89:
d0:c7:0a:2a:ba:30:81:59:73:32:9d:86:7e:f0:ae:
4d:3f:54:e4:57:01:39:cc:4e:03:c1:fc:02:56:12:
5c:00:e3:7c:a6:ce:c4:74:87:6e:ac:92:3f:e7:01:
40:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9C:0D:6E:99:B2:2C:EE:21:FC:C1:CF:30:C9:8B:1A:7D:15:8E:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54aaecbd-f237-4e42-9d78-c366846bfd11.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:4c:e0:d4:6f:d2:01:5e:fa:6b:dd:c4:f0:e2:e4:70:2d:96:
bb:96:23:b9:d5:6c:83:a2:6c:4a:c5:1c:8c:cc:48:b6:93:2b:
06:fd:04:b8:ca:0b:18:91:4a:7c:2a:f0:b6:b4:a1:46:54:8e:
7d:a2:f4:a8:15:4f:51:ce:13:58:cb:82:70:8c:76:4a:7a:ea:
39:9f:5c:07:b6:3e:c4:e7:a1:47:ab:e0:e1:c1:a8:c0:b2:67:
75:a8:e2:b6:fc:bd:38:c6:58:d6:6e:77:23:cc:8e:bb:3f:c8:
1f:91:ca:f5:46:8e:0c:3d:02:58:c1:06:51:af:1f:cd:70:0f:
55:38:89:63:bb:28:04:bc:48:bd:98:ce:3f:88:38:28:e1:c9:
53:6c:49:f5:fa:bf:8a:86:13:b9:45:20:35:69:ed:36:8c:b5:
69:a6:e7:87:0a:43:ec:bb:4e:d8:8c:c1:a8:84:56:71:0c:25:
e2:2d:93:61:21:e1:a2:41:a3:98:53:64:c3:77:3d:4d:32:d7:
29:99:c1:86:5c:d4:f8:50:71:e1:d0:49:df:a6:d8:85:9f:24:
dd:f5:5f:c8:90:9b:1f:39:03:c8:2c:07:d7:10:60:35:fb:9a:
2d:40:f1:44:e2:58:62:c5:93:c4:32:65:23:2c:5a:5e:3f:22:
12:8c:18:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZV5RebGo19rkGkw3og9I5gWP+vswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMwMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyNDAwZDM3Yjc0OWUyYzU0NmNjZmU5MTVjZDBiMWFkZTgxYTVhNzA0YmE5
OTEwNjk0NTUzODUyYzU5Mzk2NTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzN8A9vB0u9Xeh2Pw6cN/H88FjYDTQC1OAU6TbhTleLYGQ7vTSEDWxJlCPa
A9Lf85WJoer/djf2/4JEMM+OATTOqFUW8JGyw67laBNDG0MYuW6ctfVC/GPYa/b+
nvlieLR8tUEiFDZJTIsT1CmvM1ZB07EGMmWNnHtvxTR53384WAOVo3abrTcgSFLc
zgSOddLD5P9JlBe0/TUgSE3gQXGq1izafG1+xJJBaN9aUk+MIuJla8ot5C7xhh+2
8GQDFm6i4/ZtLEVEpdxC1hAMf6CJ0McKKrowgVlzMp2GfvCuTT9U5FcBOcxOA8H8
AlYSXADjfKbOxHSHbqySP+cBQA0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPnA1u
mbIs7iH8wc8wyYsafRWObTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTRhYWVjYmQtZjIzNy00ZTQyLTlkNzgtYzM2Njg0NmJmZDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Heg
MA0GCSqGSIb3DQEBCwUAA4IBAQDATODUb9IBXvpr3cTw4uRwLZa7liO51WyDomxK
xRyMzEi2kysG/QS4ygsYkUp8KvC2tKFGVI59ovSoFU9RzhNYy4JwjHZKeuo5n1wH
tj7E56FHq+DhwajAsmd1qOK2/L04xljWbncjzI67P8gfkcr1Ro4MPQJYwQZRrx/N
cA9VOIljuygEvEi9mM4/iDgo4clTbEn1+r+KhhO5RSA1ae02jLVppueHCkPsu07Y
jMGohFZxDCXiLZNhIeGiQaOYU2TDdz1NMtcpmcGGXNT4UHHh0EnfptiFnyTd9V/I
kJsfOQPILAfXEGA1+5otQPFE4lhixZPEMmUjLFpePyISjBjV
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:26 2025 by rpki-client