Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
File: 5c829516-8640-4a9a-a2b3-cfababf09faa.roa (raw, json)
Hash identifier: EJyPQX8U6r6neSJ4rAMxDf2Zl26+7eZPAz0UM0r18L8=
Subject key identifier: 25:02:96:64:3C:D6:58:12:25:E0:D8:55:46:F9:A4:16:A5:F3:4B:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C762B98A121F8565A64F94BEE754E9CC01FDEC2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
Signing time: Fri 25 Apr 2025 19:00:03 +0000
ROA not before: Fri 25 Apr 2025 19:00:03 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:76:2b:98:a1:21:f8:56:5a:64:f9:4b:ee:75:4e:9c:c0:1f:de:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:03 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8b6e7f573a105ff502574ef8102e5d8240c17a9c56991a51f359be8534f4cb31, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:03:cf:2b:57:0a:61:39:d3:fc:04:4a:8a:f1:
c3:d5:34:d8:fa:09:69:e0:4c:d6:02:67:de:ea:4a:
72:0d:5f:62:dc:0e:e6:37:85:5e:f1:be:80:44:96:
33:d3:74:47:c9:84:76:0d:50:55:99:47:84:98:03:
67:7e:a9:9b:38:da:4b:9f:55:3a:3e:da:1b:49:48:
9b:fc:dd:a5:50:72:1c:46:44:01:f6:bc:3a:17:54:
d9:09:8c:aa:37:2b:8c:57:ea:f1:c8:17:92:2d:74:
b9:da:b1:c7:44:1c:5a:36:f9:d4:68:95:c6:ee:ee:
80:b2:8c:d8:e1:1f:73:6d:4a:68:76:90:f1:ca:b4:
3d:b0:3a:19:f4:cf:48:2e:17:f0:31:b2:7c:06:47:
73:fe:c1:38:ac:a1:84:6f:48:e8:bb:41:8b:65:75:
6f:e9:c3:eb:62:20:4a:19:c1:02:c6:da:97:7e:c9:
dd:2a:27:c8:8c:65:f6:99:03:3c:5c:91:2e:8d:71:
eb:91:79:e1:42:c1:27:27:ef:ee:71:eb:24:ef:57:
62:1e:ab:b9:c2:07:5a:88:98:4c:32:db:97:a6:45:
e2:68:68:49:59:69:14:cc:51:c2:11:ec:df:c9:69:
53:ea:e5:f9:2f:ba:4c:a6:7b:40:d3:67:e7:9a:d6:
28:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:02:96:64:3C:D6:58:12:25:E0:D8:55:46:F9:A4:16:A5:F3:4B:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e080::/48
Signature Algorithm: sha256WithRSAEncryption
44:c9:8e:28:cc:00:57:34:c7:8c:40:85:1e:2e:bb:03:bc:7e:
a0:27:25:b5:f4:d6:b4:ed:ce:33:d8:8b:64:2f:06:98:af:93:
a0:8e:3c:12:fa:68:66:4c:25:a7:0e:c9:c8:f9:6e:59:14:37:
44:43:68:20:ac:7a:4f:8a:69:56:26:77:9c:f2:c4:47:05:53:
07:cb:9d:e9:45:01:59:b4:10:e0:64:e8:a2:35:93:67:2b:ec:
fc:f9:56:d2:d5:5b:29:6e:07:ed:f6:06:01:92:52:7e:12:fe:
0c:f5:17:60:8a:43:2d:1b:be:dc:4c:76:4e:61:08:82:c8:84:
b6:c9:44:be:f9:e4:65:6f:57:72:08:01:62:5a:16:c0:77:95:
a6:b6:08:e9:62:8f:44:f4:cf:6b:62:a6:81:1c:0f:25:34:e7:
2a:cf:7e:5f:07:84:67:69:0d:01:c5:86:d7:8c:60:28:f6:6a:
fa:59:e9:51:51:0b:84:f6:32:e8:b3:f9:0b:fc:8e:db:75:10:
aa:ad:5a:34:39:96:f8:6f:b5:2d:75:bf:3f:05:59:3b:ba:5b:
d5:02:2d:81:dd:62:c7:db:00:44:65:5f:b0:e9:90:d4:2a:88:
d6:94:ac:fc:1a:2d:b4:6e:16:e7:3e:51:60:c0:7b:2e:d7:7d:
37:db:9c:eb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfHYrmKEh+FZaZPlL7nVOnMAf3sIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAwMDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiNmU3ZjU3M2ExMDVmZjUwMjU3NGVmODEwMmU1ZDgyNDBjMTdhOWM1Njk5
MWE1MWYzNTliZTg1MzRmNGNiMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0DzytXCmE50/wESorxw9U02PoJaeBM1gJn3upKcg1fYtwO5jeFXvG+gESW
M9N0R8mEdg1QVZlHhJgDZ36pmzjaS59VOj7aG0lIm/zdpVByHEZEAfa8OhdU2QmM
qjcrjFfq8cgXki10udqxx0QcWjb51GiVxu7ugLKM2OEfc21KaHaQ8cq0PbA6GfTP
SC4X8DGyfAZHc/7BOKyhhG9I6LtBi2V1b+nD62IgShnBAsbal37J3SonyIxl9pkD
PFyRLo1x65F54ULBJyfv7nHrJO9XYh6rucIHWoiYTDLbl6ZF4mhoSVlpFMxRwhHs
38lpU+rl+S+6TKZ7QNNn55rWKHUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQlApZk
PNZYEiXg2FVG+aQWpfNLSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4Mjk1MTYtODY0MC00YTlhLWEyYjMtY2ZhYmFiZjA5ZmFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
gDANBgkqhkiG9w0BAQsFAAOCAQEARMmOKMwAVzTHjECFHi67A7x+oCcltfTWtO3O
M9iLZC8GmK+ToI48EvpoZkwlpw7JyPluWRQ3RENoIKx6T4ppViZ3nPLERwVTB8ud
6UUBWbQQ4GToojWTZyvs/PlW0tVbKW4H7fYGAZJSfhL+DPUXYIpDLRu+3Ex2TmEI
gsiEtslEvvnkZW9XcggBYloWwHeVprYI6WKPRPTPa2KmgRwPJTTnKs9+XweEZ2kN
AcWG14xgKPZq+lnpUVELhPYy6LP5C/yO23UQqq1aNDmW+G+1LXW/PwVZO7pb1QIt
gd1ix9sARGVfsOmQ1CqI1pSs/BottG4W5z5RYMB7Ltd9N9uc6w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:12 2025 by rpki-client