Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json)
Hash identifier: x2Y5s1Fa038+HeAARA0dSAVtUJT4OIHmu6H6XP7ipC0=
Subject key identifier: 12:98:EB:54:E7:46:D1:54:90:67:BC:53:15:26:9B:F8:27:2D:28:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45D12D48D9458C26DCCFE2A4CCEBDE4759631E22
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
Signing time: Fri 25 Apr 2025 19:01:08 +0000
ROA not before: Fri 25 Apr 2025 19:01:08 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:d1:2d:48:d9:45:8c:26:dc:cf:e2:a4:cc:eb:de:47:59:63:1e:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:01:08 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=18c2bfb579bde507e52ead4931173e4cea92c4b251dab22215ed08e8e77791bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b1:07:0b:f0:1f:f4:ee:8b:37:ba:6a:32:28:
1c:51:c9:d9:74:7f:73:f3:97:cf:99:64:a8:e4:93:
b0:b7:48:a6:48:53:9a:02:3b:42:0e:1b:fe:02:2d:
e8:37:f1:c1:55:56:c4:26:2a:b2:c6:cd:9c:5c:62:
c7:2a:1c:17:d0:53:84:e9:5c:94:c3:bc:90:46:00:
30:c9:9b:78:d1:f5:f9:ed:d5:69:64:33:24:aa:3d:
ce:b4:69:b8:2f:6c:da:22:38:d9:1f:10:fd:52:88:
0e:13:60:5b:f7:c8:1e:b2:5a:34:db:30:17:2c:be:
99:72:4b:81:9f:91:b0:6e:a6:52:f2:28:d4:d3:08:
23:c6:e6:2f:af:91:a9:6c:0a:f3:2e:86:f8:81:b4:
b2:27:3f:a5:1f:81:ff:d8:45:90:b8:85:d0:41:eb:
87:ee:e5:f5:41:8f:ce:6b:2f:95:50:4a:d8:cd:7f:
ae:96:c2:4e:1f:1b:82:9e:78:b2:a7:e5:41:87:de:
78:4d:22:e8:67:25:70:67:56:9a:d9:97:71:9f:66:
da:8e:6d:3f:6e:30:25:b4:43:ee:50:72:e4:d3:b0:
09:73:c2:69:07:96:5d:95:42:a7:48:fc:71:5c:a2:
ab:82:46:d7:e4:9c:9a:81:ec:ba:1e:04:3e:24:1b:
a7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:98:EB:54:E7:46:D1:54:90:67:BC:53:15:26:9B:F8:27:2D:28:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2040::/48
Signature Algorithm: sha256WithRSAEncryption
09:6b:cb:5e:16:10:14:84:56:c5:d9:c6:44:53:45:4f:6a:30:
bc:f5:d3:9a:db:5a:28:69:d5:89:1e:c9:ab:1e:29:d4:cd:65:
88:19:8f:7c:4f:8c:68:71:d3:66:2c:38:17:55:8e:98:ae:3e:
27:d3:3e:bf:52:12:cf:3e:9c:03:fb:8a:e2:19:1c:fa:22:68:
46:dd:8f:31:3a:d3:b4:94:a7:f9:f7:84:3c:73:24:a7:d0:d3:
98:6b:3b:09:8a:2b:d0:c2:68:f1:9e:37:a8:70:3f:0c:ea:7c:
c6:0d:a5:11:bb:18:70:9b:b1:55:f1:a2:ea:1f:0e:ca:de:13:
dd:a1:1a:07:e9:83:6c:fd:15:cd:9f:e4:59:6b:8f:c7:99:ea:
8a:60:2e:7a:b5:44:2a:fe:4a:50:bb:51:5d:4b:f0:6b:65:dd:
8c:26:d3:8e:cf:c9:d6:ec:80:e3:ae:f1:20:8d:0b:25:a2:a4:
01:57:9b:dc:c2:cf:a7:ef:14:51:d1:7b:ef:aa:5c:d3:49:5e:
10:d0:ab:fa:c5:18:0a:27:3d:a3:f7:17:1a:84:70:fd:f9:5f:
5d:29:2f:3b:35:df:56:9f:fa:9c:c0:f6:01:96:d6:84:d6:a4:
9e:a5:83:e2:4b:e4:4c:24:ac:e7:35:71:88:a4:0e:7e:e3:a9:
75:f9:70:f5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURdEtSNlFjCbcz+KkzOveR1ljHiIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAxMDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4YzJiZmI1NzliZGU1MDdlNTJlYWQ0OTMxMTczZTRjZWE5MmM0YjI1MWRh
YjIyMjE1ZWQwOGU4ZTc3NzkxYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWxBwvwH/Tuize6ajIoHFHJ2XR/c/OXz5lkqOSTsLdIpkhTmgI7Qg4b/gIt
6DfxwVVWxCYqssbNnFxixyocF9BThOlclMO8kEYAMMmbeNH1+e3VaWQzJKo9zrRp
uC9s2iI42R8Q/VKIDhNgW/fIHrJaNNswFyy+mXJLgZ+RsG6mUvIo1NMII8bmL6+R
qWwK8y6G+IG0sic/pR+B/9hFkLiF0EHrh+7l9UGPzmsvlVBK2M1/rpbCTh8bgp54
sqflQYfeeE0i6GclcGdWmtmXcZ9m2o5tP24wJbRD7lBy5NOwCXPCaQeWXZVCp0j8
cVyiq4JG1+ScmoHsuh4EPiQbpw8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQSmOtU
50bRVJBnvFMVJpv4Jy0oZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
QDANBgkqhkiG9w0BAQsFAAOCAQEACWvLXhYQFIRWxdnGRFNFT2owvPXTmttaKGnV
iR7Jqx4p1M1liBmPfE+MaHHTZiw4F1WOmK4+J9M+v1ISzz6cA/uK4hkc+iJoRt2P
MTrTtJSn+feEPHMkp9DTmGs7CYor0MJo8Z43qHA/DOp8xg2lEbsYcJuxVfGi6h8O
yt4T3aEaB+mDbP0VzZ/kWWuPx5nqimAuerVEKv5KULtRXUvwa2XdjCbTjs/J1uyA
467xII0LJaKkAVeb3MLPp+8UUdF776pc00leENCr+sUYCic9o/cXGoRw/flfXSkv
OzXfVp/6nMD2AZbWhNaknqWD4kvkTCSs5zVxiKQOfuOpdflw9Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:17 2025 by rpki-client