Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
File: 88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa (raw, json)
Hash identifier: 6PtnE1A9wIasptDX+wJrYzL+EvtjQsnLbrg59WvfTA0=
Subject key identifier: 0B:7F:4E:F0:83:A1:67:44:89:73:84:1B:F8:6E:4B:79:10:76:17:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F6123174611440C47DBCF4823C4F55075783582
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
Signing time: Fri 25 Apr 2025 20:10:09 +0000
ROA not before: Fri 25 Apr 2025 20:10:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:61:23:17:46:11:44:0c:47:db:cf:48:23:c4:f5:50:75:78:35:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7422a662c7efc555b8ce3f7683fe8e1193a5423d5b343051b21da8e267b1fdfb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:0c:80:a0:6b:73:b0:5b:bd:8b:25:bb:7b:
82:6d:6e:76:ee:9e:58:c5:6a:14:5d:87:87:42:52:
13:e6:ad:1d:9d:4a:43:50:ec:f1:f3:35:23:2f:2e:
d3:18:4b:8b:e9:5b:0f:bb:4c:11:f5:92:6d:04:97:
3f:1a:23:ee:c7:88:fd:aa:a2:bf:5a:df:68:ca:e0:
64:e1:be:f4:9e:7d:a6:71:28:37:a5:ad:50:f8:ae:
e6:79:11:75:b0:d0:f6:e5:99:ff:fc:eb:7e:01:0f:
8f:33:fc:c8:49:82:29:3e:9d:d0:5e:85:6b:8f:eb:
e0:bc:5c:2e:71:69:05:e3:72:c3:a3:f1:40:95:4e:
24:d9:a8:4d:f1:f8:51:f3:d4:d1:08:f9:fe:df:80:
d7:da:75:87:83:40:a5:a5:04:23:dc:33:af:ea:00:
7e:a2:fe:02:c6:1b:e1:96:81:61:4d:b6:cd:d3:52:
08:0a:27:0a:d3:27:db:25:a8:8f:95:eb:b9:84:3d:
2a:a1:e7:14:22:0d:11:36:30:5d:9d:73:67:ca:74:
2d:c1:f0:ac:32:c1:70:6f:f2:69:41:45:8d:14:93:
ae:d4:9b:19:23:76:ae:82:bd:d3:f5:4d:ba:cd:03:
7b:98:29:6d:82:28:9a:0e:a5:e5:76:4c:0c:e7:3d:
2e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7F:4E:F0:83:A1:67:44:89:73:84:1B:F8:6E:4B:79:10:76:17:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:c00::/38
Signature Algorithm: sha256WithRSAEncryption
8e:61:d6:aa:39:d7:25:cc:21:95:7e:ba:e2:dc:72:07:01:8d:
97:b4:a0:9a:c0:ac:3f:fd:09:7c:47:98:fb:e1:23:6c:32:1d:
cf:36:66:35:58:eb:62:e9:73:13:9f:7c:94:9d:f0:78:01:20:
86:af:eb:44:a1:d9:9c:9c:81:f2:59:ea:e9:6f:7a:78:66:43:
44:be:74:68:b1:47:3d:1e:ae:21:e9:ab:92:a4:17:69:ac:73:
28:14:14:c7:ce:a2:b8:49:b6:0a:a6:fe:3a:9f:ac:0b:77:b5:
66:86:e6:22:fe:a5:13:78:b0:a3:e6:2a:51:c2:ad:80:9d:f5:
cb:93:be:b6:c5:3b:43:c0:e5:8e:48:51:7d:04:7f:3d:e8:41:
c9:c2:76:f3:44:2b:e4:78:0e:6c:70:87:dd:0e:b7:f3:1a:92:
32:9e:be:24:0b:3e:71:88:fb:f9:8e:40:da:0e:db:fa:a1:c3:
a4:f7:c9:32:6e:6d:60:f7:76:9b:67:69:32:d8:88:67:a3:88:
be:c2:b2:dc:db:34:2d:74:8f:6f:fa:0b:c4:75:5b:05:80:cc:
b7:1d:9f:15:f3:e8:ec:e1:34:f4:fd:ac:0d:f0:6e:1a:68:35:
02:7e:8f:f1:35:3b:4c:87:af:8c:1b:2c:69:ef:3b:32:35:f6:
f4:83:4d:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT2EjF0YRRAxH289II8T1UHV4NYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0MjJhNjYyYzdlZmM1NTViOGNlM2Y3NjgzZmU4ZTExOTNhNTQyM2Q1YjM0
MzA1MWIyMWRhOGUyNjdiMWZkZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrcDICga3OwW72LJbt7gm1udu6eWMVqFF2Hh0JSE+atHZ1KQ1Ds8fM1Iy8u
0xhLi+lbD7tMEfWSbQSXPxoj7seI/aqiv1rfaMrgZOG+9J59pnEoN6WtUPiu5nkR
dbDQ9uWZ//zrfgEPjzP8yEmCKT6d0F6Fa4/r4LxcLnFpBeNyw6PxQJVOJNmoTfH4
UfPU0Qj5/t+A19p1h4NApaUEI9wzr+oAfqL+AsYb4ZaBYU22zdNSCAonCtMn2yWo
j5XruYQ9KqHnFCINETYwXZ1zZ8p0LcHwrDLBcG/yaUFFjRSTrtSbGSN2roK90/VN
us0De5gpbYIomg6l5XZMDOc9Lt8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLf07w
g6FnRIlzhBv4bkt5EHYXdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg4MDBmOWYtNDhmZC00NDQyLWE2ZjYtN2E1MDRlMWNiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIM
MA0GCSqGSIb3DQEBCwUAA4IBAQCOYdaqOdclzCGVfrri3HIHAY2XtKCawKw//Ql8
R5j74SNsMh3PNmY1WOti6XMTn3yUnfB4ASCGr+tEodmcnIHyWerpb3p4ZkNEvnRo
sUc9Hq4h6auSpBdprHMoFBTHzqK4SbYKpv46n6wLd7VmhuYi/qUTeLCj5ipRwq2A
nfXLk762xTtDwOWOSFF9BH896EHJwnbzRCvkeA5scIfdDrfzGpIynr4kCz5xiPv5
jkDaDtv6ocOk98kybm1g93abZ2ky2Ihno4i+wrLc2zQtdI9v+gvEdVsFgMy3HZ8V
8+js4TT0/awN8G4aaDUCfo/xNTtMh6+MGyxp7zsyNfb0g03/
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:04 2025 by rpki-client