Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
File: 5c57a644-0d1c-4126-9684-e345f93c1560.roa (raw, json)
Hash identifier: 8ql2KmafkDVfyxHIUtEMX7ugjQwbAcH1+TU6PCZFceU=
Subject key identifier: 57:1E:E6:73:31:F3:9F:B6:10:A2:A3:65:3F:CF:08:D4:4A:86:93:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B15E2A1DA3D962F3F71DCD4F0571E072990A5ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
Signing time: Fri 25 Apr 2025 19:00:07 +0000
ROA not before: Fri 25 Apr 2025 19:00:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:15:e2:a1:da:3d:96:2f:3f:71:dc:d4:f0:57:1e:07:29:90:a5:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=bc00591e1f922ff37a41ec005283e42a9e241f48faa3e0ff1099528d4ec283f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a9:1c:a3:f9:eb:63:48:4c:ef:25:9c:6f:d9:
f7:e6:f1:45:18:30:17:4c:c8:12:e6:91:fd:5e:5f:
e0:00:23:d6:1d:a6:ad:29:7e:67:14:f2:69:ac:20:
d1:a3:bd:7d:87:aa:3e:63:9c:9a:c0:24:02:78:16:
0b:15:d5:3c:78:93:fe:a4:f9:bc:ab:d3:e1:d1:5a:
fa:6c:48:37:f3:50:57:f3:5a:7c:fc:f5:bc:7b:92:
3c:91:3e:83:a5:48:af:8d:19:1c:97:97:4e:60:97:
52:72:09:15:db:7d:37:9d:a9:4e:9b:d5:63:db:24:
78:bc:75:d3:b8:f6:c4:d7:1e:cd:22:03:61:48:fe:
73:40:64:cf:f0:de:3e:0f:b9:ba:41:9c:09:dc:47:
ab:32:2d:7b:8a:4b:65:3c:80:3e:67:ff:cc:fb:09:
44:3f:09:81:88:31:46:97:2c:13:a2:03:12:01:e5:
5d:07:69:92:cc:4a:c1:7d:e7:3a:91:9b:34:b1:df:
2b:87:e8:fe:8f:74:68:0e:8e:99:93:b9:86:0d:0a:
b1:0b:32:3a:6b:8c:5f:9c:a0:a2:2d:64:48:5e:ee:
73:4b:73:49:86:dc:85:05:ad:8a:f0:9a:12:93:90:
9e:71:ce:f1:55:9b:ef:a5:87:ff:92:e2:bd:31:83:
41:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:1E:E6:73:31:F3:9F:B6:10:A2:A3:65:3F:CF:08:D4:4A:86:93:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9040::/48
Signature Algorithm: sha256WithRSAEncryption
0f:8e:81:61:61:ec:ac:13:68:d0:98:57:74:18:09:63:b9:92:
8f:69:c8:32:e9:27:1b:03:21:ff:1a:9f:40:ca:ba:88:52:cf:
7f:e4:3d:0c:3f:4f:e0:1f:b9:1b:27:fe:36:20:35:1f:fa:13:
53:cb:85:4c:d1:4a:ff:98:3d:e5:ff:1b:ee:b6:ee:43:1d:0e:
5a:c5:b7:9f:e9:62:27:98:21:67:73:e1:e9:ca:c0:f9:5b:da:
34:4c:4b:36:32:09:43:d0:96:e3:0f:c4:cf:e3:b8:e1:89:1b:
d7:2a:f1:d6:8b:ef:60:ba:9a:aa:ce:f9:45:20:38:f8:fd:01:
5e:6a:69:26:97:8f:1b:1b:bf:1b:45:0b:a9:10:77:6c:34:64:
af:1a:1a:8e:9e:e3:44:df:fa:49:87:5b:d8:d2:b0:25:bf:d4:
62:d8:9f:96:0f:84:91:3f:ed:51:ad:b5:d5:0f:aa:0a:c6:84:
1b:a0:6d:a5:b0:50:3e:fd:ea:f2:08:df:bd:e3:28:33:2e:db:
53:e3:7c:a7:02:61:2f:02:26:5c:63:b0:75:22:f6:c0:e0:cf:
d5:65:67:ff:0c:86:32:c7:f4:8c:d6:cf:3a:6d:36:fe:25:bf:
6e:71:6c:97:76:e4:3c:39:37:0a:b5:63:67:04:28:9b:08:4b:
24:ba:22:96
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCxXiodo9li8/cdzU8FceBymQpe0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAwMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjMDA1OTFlMWY5MjJmZjM3YTQxZWMwMDUyODNlNDJhOWUyNDFmNDhmYWEz
ZTBmZjEwOTk1MjhkNGVjMjgzZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKypHKP562NITO8lnG/Z9+bxRRgwF0zIEuaR/V5f4AAj1h2mrSl+ZxTyaawg
0aO9fYeqPmOcmsAkAngWCxXVPHiT/qT5vKvT4dFa+mxIN/NQV/NafPz1vHuSPJE+
g6VIr40ZHJeXTmCXUnIJFdt9N52pTpvVY9skeLx107j2xNcezSIDYUj+c0Bkz/De
Pg+5ukGcCdxHqzIte4pLZTyAPmf/zPsJRD8JgYgxRpcsE6IDEgHlXQdpksxKwX3n
OpGbNLHfK4fo/o90aA6OmZO5hg0KsQsyOmuMX5ygoi1kSF7uc0tzSYbchQWtivCa
EpOQnnHO8VWb76WH/5LivTGDQZECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXHuZz
MfOfthCio2U/zwjUSoaTITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM1N2E2NDQtMGQxYy00MTI2LTk2ODQtZTM0NWY5M2MxNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAD46BYWHsrBNo0JhXdBgJY7mSj2nIMuknGwMh
/xqfQMq6iFLPf+Q9DD9P4B+5Gyf+NiA1H/oTU8uFTNFK/5g95f8b7rbuQx0OWsW3
n+liJ5ghZ3Ph6crA+VvaNExLNjIJQ9CW4w/Ez+O44Ykb1yrx1ovvYLqaqs75RSA4
+P0BXmppJpePGxu/G0ULqRB3bDRkrxoajp7jRN/6SYdb2NKwJb/UYtiflg+EkT/t
Ua211Q+qCsaEG6BtpbBQPv3q8gjfveMoMy7bU+N8pwJhLwImXGOwdSL2wODP1WVn
/wyGMsf0jNbPOm02/iW/bnFsl3bkPDk3CrVjZwQomwhLJLoilg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:44 2025 by rpki-client