Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
File: 5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa (raw, json)
Hash identifier: mTtC1LbCI5Z2OwZmmy7WPlW3mepjtWBDQ262hAK4xxw=
Subject key identifier: 7E:DE:9A:9C:F2:1A:5C:04:3B:37:A0:52:EF:D9:7A:CB:7C:1F:2D:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 304F6E09DF8C1D763527ED3C404ABB304BFC085C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
Signing time: Fri 25 Apr 2025 20:01:11 +0000
ROA not before: Fri 25 Apr 2025 20:01:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:4f:6e:09:df:8c:1d:76:35:27:ed:3c:40:4a:bb:30:4b:fc:08:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=140c3d2fb16263629561fa1c425364f4ceabc53617bf02a55ac5d1113a414a79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:55:bb:8d:30:97:23:f7:d4:da:0b:10:5a:00:
53:51:77:f8:90:f4:40:8f:8d:a3:8d:ef:07:f7:60:
f5:36:66:1e:ad:89:f9:04:02:ee:11:42:83:ee:09:
16:6d:44:75:a2:56:1b:f8:69:95:99:ce:d9:ec:67:
cd:f3:e8:ce:9e:ee:f7:fc:07:b1:ea:79:b1:a8:1d:
c9:12:1e:4c:f6:8e:47:75:35:17:d3:9a:59:ce:26:
6e:6d:2e:49:ed:9a:eb:c6:53:ba:6e:3a:46:9b:f4:
7c:54:01:2c:76:73:b0:b0:aa:fe:45:ac:3f:84:90:
e7:ab:c4:6b:19:ef:df:d3:2d:10:ba:38:ce:af:76:
4b:c4:f3:5f:31:a0:15:83:ea:a3:6b:e9:82:8c:5b:
c2:80:6b:fe:cb:73:b8:34:6f:77:54:9f:25:7e:db:
f7:38:71:28:f6:17:33:4f:09:84:68:54:ea:04:56:
00:04:4d:6c:fd:2d:ab:f8:e0:6a:71:81:a5:97:06:
7b:87:17:28:ef:93:ef:a6:8d:47:ef:b6:bb:8c:11:
70:d3:5f:c0:93:fb:68:36:12:11:30:4b:e9:fc:81:
fd:d5:c7:c1:bd:70:19:6a:59:d2:b1:dc:49:d7:05:
09:e3:9e:8d:53:78:87:0f:2d:7d:89:f3:ea:b3:8b:
82:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:DE:9A:9C:F2:1A:5C:04:3B:37:A0:52:EF:D9:7A:CB:7C:1F:2D:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
59:57:27:8d:b6:65:38:96:7d:00:21:38:85:9a:bf:48:4b:1d:
19:30:47:29:47:05:bd:b7:c3:84:97:76:ae:da:3d:d3:9d:8f:
8b:05:5b:29:1d:c1:7d:e3:54:84:a4:be:d0:bf:d7:15:45:1a:
cf:65:1f:45:de:7a:0c:c1:54:e8:b6:aa:cb:82:8f:d7:21:fc:
13:dd:48:22:70:61:ea:8b:15:a5:83:50:16:8e:44:42:37:49:
cc:d5:b4:2f:14:a4:47:06:ff:b1:b7:5c:46:3b:f3:cd:c2:73:
25:fa:fe:71:84:e7:7d:f4:3b:77:db:aa:71:56:ac:aa:f2:5f:
ff:f1:96:21:b2:db:9d:a9:08:ff:a1:0b:3e:ce:60:8a:ec:ae:
32:f2:c6:cc:d5:10:7b:06:8b:5f:ea:c5:0a:43:82:a3:8c:28:
18:32:65:ba:db:0a:94:3d:5e:c0:1b:68:46:7d:44:af:24:45:
df:05:a8:e0:c3:8a:07:00:91:41:7f:91:f3:ba:8b:c1:66:85:
67:a7:56:5e:90:c1:b1:f9:7c:f2:a9:dd:8c:c8:76:59:be:b7:
17:07:6b:4e:a4:59:f0:21:7e:8c:77:82:30:96:56:33:a9:78:
af:d5:14:2d:1e:00:c9:c8:a1:05:96:2d:16:c0:49:d3:b0:1a:
6a:85:bb:0e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUME9uCd+MHXY1J+08QEq7MEv8CFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0MGMzZDJmYjE2MjYzNjI5NTYxZmExYzQyNTM2NGY0Y2VhYmM1MzYxN2Jm
MDJhNTVhYzVkMTExM2E0MTRhNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRVu40wlyP31NoLEFoAU1F3+JD0QI+No43vB/dg9TZmHq2J+QQC7hFCg+4J
Fm1EdaJWG/hplZnO2exnzfPozp7u9/wHsep5sagdyRIeTPaOR3U1F9OaWc4mbm0u
Se2a68ZTum46Rpv0fFQBLHZzsLCq/kWsP4SQ56vEaxnv39MtELo4zq92S8TzXzGg
FYPqo2vpgoxbwoBr/stzuDRvd1SfJX7b9zhxKPYXM08JhGhU6gRWAARNbP0tq/jg
anGBpZcGe4cXKO+T76aNR++2u4wRcNNfwJP7aDYSETBL6fyB/dXHwb1wGWpZ0rHc
SdcFCeOejVN4hw8tfYnz6rOLghECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+3pqc
8hpcBDs3oFLv2XrLfB8tzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQ4ZTgzMWUtNGQ2MS00NDliLWE1MzItYTFkZDlkNzQzYWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hog
MA0GCSqGSIb3DQEBCwUAA4IBAQBZVyeNtmU4ln0AITiFmr9ISx0ZMEcpRwW9t8OE
l3au2j3TnY+LBVspHcF941SEpL7Qv9cVRRrPZR9F3noMwVTotqrLgo/XIfwT3Ugi
cGHqixWlg1AWjkRCN0nM1bQvFKRHBv+xt1xGO/PNwnMl+v5xhOd99Dt326pxVqyq
8l//8ZYhstudqQj/oQs+zmCK7K4y8sbM1RB7Botf6sUKQ4KjjCgYMmW62wqUPV7A
G2hGfUSvJEXfBajgw4oHAJFBf5HzuovBZoVnp1ZekMGx+Xzyqd2MyHZZvrcXB2tO
pFnwIX6Md4IwllYzqXiv1RQtHgDJyKEFli0WwEnTsBpqhbsO
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:12 2025 by rpki-client