Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
File: 7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa (raw, json)
Hash identifier: xHpUwHqXfKZN7k0LNfBXgcHI1i4VBWmi4XqnVaNwmm8=
Subject key identifier: 58:1C:90:04:DB:12:4F:C5:60:D4:4A:3F:7D:C3:1F:3E:3A:3B:F6:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51D9E6B6397DCBE88EC0B548454A21C9944812B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
Signing time: Fri 25 Apr 2025 18:51:19 +0000
ROA not before: Fri 25 Apr 2025 18:51:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:d9:e6:b6:39:7d:cb:e8:8e:c0:b5:48:45:4a:21:c9:94:48:12:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=4783fcf8d7406cb5edb82aab04d91f1eaa96d4e042bd5838d21e70fc95043273, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:df:a6:d9:90:c1:79:cb:70:f1:49:ed:a2:95:
52:66:ed:48:b6:2b:2f:32:81:18:47:4a:9a:11:a3:
ea:f1:85:2e:b3:d0:d2:45:66:c1:5b:7a:b4:ca:e4:
3a:a8:0c:d3:71:30:74:fa:b6:ca:0b:e7:8e:74:18:
b4:1a:4f:14:64:71:7a:f2:43:9d:79:6c:2b:cb:92:
56:a6:ba:f9:57:45:68:c1:b3:ed:5a:e7:29:b5:04:
19:81:78:ef:8f:77:a8:ba:55:df:9b:2f:ef:7e:82:
97:6d:a9:cf:dc:5f:99:44:d7:34:0b:a4:db:39:b1:
e0:62:7b:4a:20:46:fb:7a:8e:8e:2a:48:4e:d2:91:
82:09:cb:a8:7c:e3:ea:23:56:50:01:83:e4:fe:53:
f0:9e:45:41:f7:05:1f:5c:07:01:2f:56:a0:cc:7b:
4a:62:eb:81:3d:4a:2c:c9:14:2c:0c:a0:83:b1:12:
b2:67:6a:b0:c1:55:b0:0b:1b:84:cf:a1:7e:d9:1c:
e7:7a:53:b2:e1:e7:e8:f7:e2:5d:44:f3:7a:e1:dc:
db:9e:77:ea:96:71:3b:65:59:80:9c:f8:d3:a1:5d:
97:61:8c:c6:69:eb:8a:10:af:54:b6:15:dc:a5:62:
07:56:98:19:94:54:d8:e7:ba:90:95:35:c4:29:e1:
c8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:1C:90:04:DB:12:4F:C5:60:D4:4A:3F:7D:C3:1F:3E:3A:3B:F6:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038::/32
Signature Algorithm: sha256WithRSAEncryption
8b:61:29:3e:40:b6:dc:e6:d2:36:66:66:1d:83:41:cd:c2:5a:
74:7c:10:14:cb:0d:da:6f:c2:af:ab:e3:4e:db:f5:61:c4:c6:
e6:da:62:49:ce:1f:5a:c3:ab:33:75:39:e8:3d:72:95:b8:e8:
5b:8b:c9:d9:df:22:40:e9:2a:e5:c7:f2:d6:05:80:64:33:aa:
75:67:7c:aa:6f:b1:b2:e7:00:56:ac:a5:38:f8:92:74:bd:51:
f4:2d:50:a9:52:18:91:e0:8c:ed:12:9b:77:e6:c4:db:ee:7e:
21:0a:8f:f1:a5:30:cf:d2:cd:c9:a1:96:68:3f:2b:bc:01:e4:
6d:38:4f:85:48:e0:55:2a:3d:09:f1:e1:5d:5f:95:3a:ce:d2:
f6:19:d6:00:8e:2d:ca:bd:41:84:99:7e:18:1f:59:85:7a:24:
00:26:df:b5:c6:3f:56:9e:d7:e0:86:8a:aa:88:a2:bc:bd:14:
16:96:38:67:a0:2d:4a:a9:a1:33:b9:41:51:b7:91:28:fe:e8:
aa:58:3e:5b:21:74:1c:b3:e0:1c:e5:66:96:35:e2:ea:78:c9:
32:9b:49:e7:d4:c6:70:65:8e:1e:50:6c:80:ca:23:c6:de:a9:
96:21:af:01:1d:39:1c:85:2a:c2:ad:14:71:70:1a:52:6d:51:
c9:19:e7:e8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUUdnmtjl9y+iOwLVIRUohyZRIErgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3ODNmY2Y4ZDc0MDZjYjVlZGI4MmFhYjA0ZDkxZjFlYWE5NmQ0ZTA0MmJk
NTgzOGQyMWU3MGZjOTUwNDMyNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvfptmQwXnLcPFJ7aKVUmbtSLYrLzKBGEdKmhGj6vGFLrPQ0kVmwVt6tMrk
OqgM03EwdPq2ygvnjnQYtBpPFGRxevJDnXlsK8uSVqa6+VdFaMGz7VrnKbUEGYF4
7493qLpV35sv736Cl22pz9xfmUTXNAuk2zmx4GJ7SiBG+3qOjipITtKRggnLqHzj
6iNWUAGD5P5T8J5FQfcFH1wHAS9WoMx7SmLrgT1KLMkULAygg7ESsmdqsMFVsAsb
hM+hftkc53pTsuHn6PfiXUTzeuHc25536pZxO2VZgJz406Fdl2GMxmnrihCvVLYV
3KViB1aYGZRU2Oe6kJU1xCnhyDECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRYHJAE
2xJPxWDUSj99wx8+Ojv2DDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZjAxNGYtYWY4OC00YWI5LTk5NzYtNzQ2ZWQ4ZGVjMWE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Dgw
DQYJKoZIhvcNAQELBQADggEBAIthKT5Attzm0jZmZh2DQc3CWnR8EBTLDdpvwq+r
407b9WHExubaYknOH1rDqzN1Oeg9cpW46FuLydnfIkDpKuXH8tYFgGQzqnVnfKpv
sbLnAFaspTj4knS9UfQtUKlSGJHgjO0Sm3fmxNvufiEKj/GlMM/Szcmhlmg/K7wB
5G04T4VI4FUqPQnx4V1flTrO0vYZ1gCOLcq9QYSZfhgfWYV6JAAm37XGP1ae1+CG
iqqIory9FBaWOGegLUqpoTO5QVG3kSj+6KpYPlshdByz4BzlZpY14up4yTKbSefU
xnBljh5QbIDKI8beqZYhrwEdORyFKsKtFHFwGlJtUckZ5+g=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:30 2025 by rpki-client