Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
File: 819bfec2-19de-4cdb-ba40-657fff6a743e.roa (raw, json)
Hash identifier: PUUKSyEFs7RsWi7U+Vp+ifzJHmCR4pNvzwBDY9paOLE=
Subject key identifier: AA:4E:D8:1C:FF:1E:D5:39:FC:3C:25:B8:FD:28:E7:1B:5F:13:2B:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E7E3B259B179DF3002DC56B54089188D1B0225A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
Signing time: Fri 25 Apr 2025 19:00:18 +0000
ROA not before: Fri 25 Apr 2025 19:00:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:7e:3b:25:9b:17:9d:f3:00:2d:c5:6b:54:08:91:88:d1:b0:22:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=06d9d1b6395e8fb42c06d53bded3b8829856d9f63d8c0e8ba3a3c7cf2a6c4899, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:85:55:ff:07:41:cc:c2:c7:3b:8d:a7:c6:a3:
71:bb:08:af:0f:0a:fc:89:31:32:68:4a:e5:67:a5:
35:bc:8e:64:1c:69:cd:a0:00:37:20:10:9c:b6:0d:
23:48:0a:5d:64:18:44:ed:ab:81:8e:ee:46:12:f9:
85:8a:87:42:20:1b:c4:6b:18:2d:50:77:21:27:5f:
63:c3:19:84:45:94:be:7d:61:01:65:be:83:c3:70:
e5:2e:a4:7e:96:3a:80:89:3b:fb:0b:08:83:78:b3:
c9:46:9d:7d:88:74:cc:be:70:d4:90:5b:46:f9:87:
ca:e6:59:90:75:5b:ab:9e:e3:05:b5:75:9d:5c:d6:
cc:e9:40:d6:c5:af:cf:27:70:bd:92:ba:0e:2d:52:
07:ad:1e:df:9b:3b:ec:2d:e6:55:56:18:66:d9:16:
b8:df:5d:9c:75:38:bd:da:63:45:be:ef:0f:63:cd:
25:69:cc:9c:97:4e:5d:7e:32:ad:f0:04:13:65:64:
15:f3:8f:c6:83:fd:7c:dd:24:cd:69:43:d8:9d:1b:
59:f2:35:83:99:97:24:57:a0:ad:72:18:92:6a:db:
a3:c1:13:69:0d:15:35:de:29:8b:94:5e:b3:3b:86:
a6:33:95:9d:36:e5:5a:b1:8a:2f:6b:85:02:a4:86:
43:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4E:D8:1C:FF:1E:D5:39:FC:3C:25:B8:FD:28:E7:1B:5F:13:2B:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:a2:c3:7e:dd:ca:3f:f9:b9:27:85:8b:a8:c5:bd:bb:71:04:
c0:90:43:c3:9c:5c:5a:bb:44:3f:6e:bb:6a:98:0a:79:e2:5b:
6f:a7:b5:63:90:34:fe:97:07:c7:f3:6f:11:10:8f:83:e0:e5:
1a:05:46:8c:2a:03:bd:22:0c:d7:b8:0a:4f:28:a3:a9:aa:e3:
fb:84:79:48:67:d7:c2:42:b7:53:b9:7b:75:96:c3:1e:dc:a1:
c9:35:4b:3b:bd:b2:2b:b7:aa:d5:45:bd:d7:f3:06:9c:4a:22:
6e:0f:60:14:15:6e:8a:08:fc:c5:71:19:b8:5d:9f:3c:f3:56:
02:b5:f9:41:4e:28:7a:d5:dd:f7:0d:8f:ec:1c:d4:85:55:06:
1e:7d:e3:2e:0d:a7:b7:c9:d5:89:87:4e:01:38:f6:fc:9f:ea:
02:c4:31:86:91:20:da:14:7a:82:c0:f3:56:58:5b:b6:df:99:
10:9a:37:b4:fd:17:5c:60:91:6c:fb:66:b4:1e:90:37:5a:c5:
a3:27:d8:79:51:a7:21:44:e5:99:3e:58:2f:1e:03:21:98:5a:
8c:a6:9b:84:f6:4f:03:99:12:81:40:80:97:c8:80:25:54:43:
fb:c0:79:1e:63:bb:b4:76:39:65:f1:ec:b8:e7:28:0a:1b:31:
14:8c:50:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHn47JZsXnfMALcVrVAiRiNGwIlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAwMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZDlkMWI2Mzk1ZThmYjQyYzA2ZDUzYmRlZDNiODgyOTg1NmQ5ZjYzZDhj
MGU4YmEzYTNjN2NmMmE2YzQ4OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOiFVf8HQczCxzuNp8ajcbsIrw8K/IkxMmhK5WelNbyOZBxpzaAANyAQnLYN
I0gKXWQYRO2rgY7uRhL5hYqHQiAbxGsYLVB3ISdfY8MZhEWUvn1hAWW+g8Nw5S6k
fpY6gIk7+wsIg3izyUadfYh0zL5w1JBbRvmHyuZZkHVbq57jBbV1nVzWzOlA1sWv
zydwvZK6Di1SB60e35s77C3mVVYYZtkWuN9dnHU4vdpjRb7vD2PNJWnMnJdOXX4y
rfAEE2VkFfOPxoP9fN0kzWlD2J0bWfI1g5mXJFegrXIYkmrbo8ETaQ0VNd4pi5Re
szuGpjOVnTblWrGKL2uFAqSGQz0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqTtgc
/x7VOfw8Jbj9KOcbXxMrFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE5YmZlYzItMTlkZS00Y2RiLWJhNDAtNjU3ZmZmNmE3NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQClosN+3co/+bknhYuoxb27cQTAkEPDnFxau0Q/
brtqmAp54ltvp7VjkDT+lwfH828REI+D4OUaBUaMKgO9IgzXuApPKKOpquP7hHlI
Z9fCQrdTuXt1lsMe3KHJNUs7vbIrt6rVRb3X8wacSiJuD2AUFW6KCPzFcRm4XZ88
81YCtflBTih61d33DY/sHNSFVQYefeMuDae3ydWJh04BOPb8n+oCxDGGkSDaFHqC
wPNWWFu235kQmje0/RdcYJFs+2a0HpA3WsWjJ9h5UachROWZPlgvHgMhmFqMppuE
9k8DmRKBQICXyIAlVEP7wHkeY7u0djll8ey45ygKGzEUjFBb
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:54 2025 by rpki-client