Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa
File: 7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa (raw, json)
Hash identifier: IvhyP0KU9iXCLfdhp0WOP/QHvnwz9Ht7BA1ErSrtrjg=
Subject key identifier: 3E:4A:B5:42:3C:69:21:4D:A3:57:CF:29:F8:B7:66:16:25:3F:E8:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53CE2D5DB08FCCA9954B1856DBF4AE3FAAFB9B09
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa
Signing time: Tue 15 Apr 2025 15:10:07 +0000
ROA not before: Tue 15 Apr 2025 15:10:07 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:ce:2d:5d:b0:8f:cc:a9:95:4b:18:56:db:f4:ae:3f:aa:fb:9b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:07 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=64379996eb27f43571a0f5eecbc59247c7c9b90ad5e8e36a3980036fa7ed3202, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c5:da:5a:8a:0f:45:cf:cb:13:7c:90:28:c7:
88:63:e8:1e:71:1a:c2:2c:b0:ea:3c:b5:a2:d8:79:
81:da:63:27:02:43:bd:19:7a:03:ee:8e:36:04:57:
23:21:e0:74:ee:9b:60:7d:dc:c7:33:60:b0:5f:e6:
af:7c:a6:9d:a8:a7:72:4d:1e:1a:09:b9:60:a4:c7:
55:50:fd:38:b4:38:5d:4a:8f:73:8e:67:32:6a:d6:
90:79:1b:4d:d5:d9:07:f9:3f:54:3e:1a:30:0f:98:
d1:9a:e6:e4:3e:8b:64:86:ba:dc:de:a4:5c:6c:7f:
4b:67:f5:90:b0:d7:29:69:d7:5c:e2:7d:ee:b0:a6:
13:a6:4f:b5:d2:96:94:7e:db:6d:9b:b5:b8:5f:7d:
66:0d:37:ba:c6:af:63:0b:36:3d:f6:3c:18:5a:5e:
b6:22:d5:c5:15:67:06:34:6f:a7:77:f6:b2:c1:e6:
97:48:21:a5:39:04:12:52:66:a5:e6:34:46:b9:00:
7f:33:06:f7:6b:8a:a9:25:a0:c1:03:ad:61:57:c7:
b1:0e:c3:f7:ef:51:e7:d6:5f:28:0b:6e:4d:36:c6:
8d:82:65:2a:8a:8d:f0:07:51:a7:73:88:d7:89:0c:
ce:e2:d8:7d:da:f1:3a:f1:26:62:b0:46:37:6f:67:
db:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4A:B5:42:3C:69:21:4D:A3:57:CF:29:F8:B7:66:16:25:3F:E8:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:5000::/40
Signature Algorithm: sha256WithRSAEncryption
90:03:cd:b5:05:17:d9:d0:ea:43:19:ea:8b:5d:3c:7c:40:d5:
36:ee:80:39:14:f9:b4:fb:44:09:da:05:14:bc:8d:d8:27:f1:
77:cd:e1:63:8f:17:5e:c6:52:d9:4c:40:4a:6f:fc:ab:07:2d:
eb:8a:72:bf:d0:d6:b2:e0:a9:05:32:a7:fc:10:35:ad:90:c4:
cd:fb:c8:ff:e0:cc:c9:5d:fa:d6:b2:a3:ae:e8:a9:14:ad:67:
c7:be:43:8b:c0:26:e6:d4:94:6f:72:f2:79:b6:f4:c4:ad:cd:
01:52:64:7a:39:35:91:ce:24:b2:23:6f:8d:a1:0d:a0:42:60:
54:1c:d7:cb:28:20:5d:4d:58:9e:9e:80:c5:5e:e2:34:77:09:
b4:86:ee:5c:c9:e7:aa:11:bb:03:86:e3:de:6d:35:1f:36:fe:
a3:ec:6d:ef:d1:7c:c7:e2:c0:86:9c:69:aa:40:34:9b:c6:35:
07:73:02:9f:bd:6e:2b:d0:a9:14:09:94:7d:56:d7:73:67:8b:
55:75:ef:fb:8a:c2:93:88:3e:16:65:85:14:09:ff:ad:4c:0e:
c2:ec:04:06:a7:9e:34:0d:c7:ab:78:d1:29:1b:dd:21:e3:38:
71:98:2e:61:61:8d:dc:a8:a2:42:4f:1d:1f:28:bd:16:1b:e8:
a8:e0:ad:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU84tXbCPzKmVSxhW2/SuP6r7mwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMDdaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0Mzc5OTk2ZWIyN2Y0MzU3MWEwZjVlZWNiYzU5MjQ3YzdjOWI5MGFkNWU4
ZTM2YTM5ODAwMzZmYTdlZDMyMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrF2lqKD0XPyxN8kCjHiGPoHnEawiyw6jy1oth5gdpjJwJDvRl6A+6ONgRX
IyHgdO6bYH3cxzNgsF/mr3ymnainck0eGgm5YKTHVVD9OLQ4XUqPc45nMmrWkHkb
TdXZB/k/VD4aMA+Y0Zrm5D6LZIa63N6kXGx/S2f1kLDXKWnXXOJ97rCmE6ZPtdKW
lH7bbZu1uF99Zg03usavYws2PfY8GFpetiLVxRVnBjRvp3f2ssHml0ghpTkEElJm
peY0RrkAfzMG92uKqSWgwQOtYVfHsQ7D9+9R59ZfKAtuTTbGjYJlKoqN8AdRp3OI
14kMzuLYfdrxOvEmYrBGN29n2ykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+SrVC
PGkhTaNXzyn4t2YWJT/oMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ExZWExZjItNjg1YS00MDczLWIyMmEtMGEzN2YxMzNiOWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCQA821BRfZ0OpDGeqLXTx8QNU27oA5FPm0+0QJ
2gUUvI3YJ/F3zeFjjxdexlLZTEBKb/yrBy3rinK/0Nay4KkFMqf8EDWtkMTN+8j/
4MzJXfrWsqOu6KkUrWfHvkOLwCbm1JRvcvJ5tvTErc0BUmR6OTWRziSyI2+NoQ2g
QmBUHNfLKCBdTVienoDFXuI0dwm0hu5cyeeqEbsDhuPebTUfNv6j7G3v0XzH4sCG
nGmqQDSbxjUHcwKfvW4r0KkUCZR9VtdzZ4tVde/7isKTiD4WZYUUCf+tTA7C7AQG
p540DcereNEpG90h4zhxmC5hYY3cqKJCTx0fKL0WG+io4K0D
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:35 2025 by rpki-client