Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
File: 8e4adf38-a007-4c0e-8621-1e65a160ad12.roa (raw, json)
Hash identifier: ttXtW3X9HFsLrI2vIURZEzsuwprOMLcolfJOemM47ks=
Subject key identifier: 20:3E:67:FF:98:B2:40:CB:51:E0:09:40:9C:B1:20:5F:1C:53:1D:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53C2C9AF82F6F073225D68D6249BC086DA2BF136
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
Signing time: Fri 25 Apr 2025 19:10:38 +0000
ROA not before: Fri 25 Apr 2025 19:10:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c2:c9:af:82:f6:f0:73:22:5d:68:d6:24:9b:c0:86:da:2b:f1:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9e5c68b71bd774d32be91b718d3b2f9930f5432b7815c8e3e4c2ebc71ef15751, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ba:a5:70:d4:40:fe:aa:3d:ed:6d:a5:7b:d0:
f2:b1:0e:58:fd:e6:45:63:db:83:3c:1d:b5:b4:3e:
44:5c:e9:34:ab:22:ef:a3:31:7f:36:f6:54:31:c2:
62:06:fe:4b:a3:68:57:af:d4:04:d8:db:56:e3:35:
14:19:3f:82:13:d2:65:40:bc:e6:48:0e:d8:c1:67:
4b:c5:4e:85:46:1c:c9:70:46:7a:1d:42:58:1f:52:
33:98:06:e5:50:94:3d:74:44:d7:5f:11:1c:80:00:
28:23:5a:1c:90:63:19:f1:16:fc:fd:80:a1:57:40:
55:88:13:f3:58:33:12:51:ca:c0:b4:56:9b:00:16:
ee:b6:d9:32:e7:97:6b:b9:6a:50:ca:db:a8:40:fd:
29:d0:5d:52:fd:ff:ff:a3:c8:96:f1:3a:23:0e:6b:
a9:ac:ec:8d:55:a4:9c:d9:d5:48:5b:60:89:ae:06:
17:97:b4:b5:7c:06:7a:50:04:09:74:77:83:fb:1b:
12:45:66:dd:66:de:da:d4:da:c2:ef:2d:37:e8:a9:
dc:f2:c3:ee:45:e0:96:a9:1b:46:2a:38:8e:2d:a1:
0e:d0:1d:b8:f5:0a:6f:c0:f5:9f:d8:24:80:cc:76:
f0:21:7f:de:1f:56:32:6c:71:f2:a1:22:1c:75:cc:
8b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3E:67:FF:98:B2:40:CB:51:E0:09:40:9C:B1:20:5F:1C:53:1D:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:3e:ef:e9:82:9d:68:e1:4f:93:07:6d:0e:7c:9b:46:71:89:
84:20:6f:6e:ef:89:47:0d:70:e2:ba:f3:4a:cf:aa:23:1d:c8:
35:46:7f:90:aa:fa:13:68:ea:76:99:6a:29:93:85:52:88:9a:
a7:b8:c5:fa:a7:73:ff:2b:74:b8:ba:4b:10:bb:fd:c9:ff:2f:
68:ae:b5:5a:d5:91:64:6d:48:78:27:ae:63:bb:ba:cf:a6:2a:
12:3f:c1:43:dd:80:d2:ae:da:fc:d7:17:a5:5b:a8:68:17:af:
dc:06:48:26:86:11:fb:1f:d0:5d:9a:e1:39:ca:03:0c:6d:1e:
7f:1f:b4:b6:22:74:33:c9:9e:57:a4:18:ad:24:50:47:9c:f9:
ba:07:96:0f:77:5c:e5:0d:04:13:19:ec:53:64:d3:04:a3:e0:
e9:f8:58:8f:7a:63:bf:6e:53:7c:72:29:2d:75:d7:cd:b1:35:
43:a1:28:22:c2:c0:b5:dc:db:34:47:dd:c0:63:91:fd:09:db:
5c:98:3f:bd:46:4b:b2:ad:bd:a3:c9:80:39:e7:1a:23:a3:90:
6c:fe:fd:b5:9e:a4:d5:a4:26:7d:38:52:48:6c:81:3a:2c:42:
a2:9a:5e:89:47:8a:9c:00:6e:ff:c0:94:30:9c:ad:0a:89:72:
e2:33:72:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU8LJr4L28HMiXWjWJJvAhtor8TYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDllNWM2OGI3MWJkNzc0ZDMyYmU5MWI3MThkM2IyZjk5MzBmNTQzMmI3ODE1
YzhlM2U0YzJlYmM3MWVmMTU3NTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMm6pXDUQP6qPe1tpXvQ8rEOWP3mRWPbgzwdtbQ+RFzpNKsi76Mxfzb2VDHC
Ygb+S6NoV6/UBNjbVuM1FBk/ghPSZUC85kgO2MFnS8VOhUYcyXBGeh1CWB9SM5gG
5VCUPXRE118RHIAAKCNaHJBjGfEW/P2AoVdAVYgT81gzElHKwLRWmwAW7rbZMueX
a7lqUMrbqED9KdBdUv3//6PIlvE6Iw5rqazsjVWknNnVSFtgia4GF5e0tXwGelAE
CXR3g/sbEkVm3Wbe2tTawu8tN+ip3PLD7kXglqkbRio4ji2hDtAduPUKb8D1n9gk
gMx28CF/3h9WMmxx8qEiHHXMi/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgPmf/
mLJAy1HgCUCcsSBfHFMdtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0YWRmMzgtYTAwNy00YzBlLTg2MjEtMWU2NWExNjBhZDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8g
MA0GCSqGSIb3DQEBCwUAA4IBAQChPu/pgp1o4U+TB20OfJtGcYmEIG9u74lHDXDi
uvNKz6ojHcg1Rn+QqvoTaOp2mWopk4VSiJqnuMX6p3P/K3S4uksQu/3J/y9orrVa
1ZFkbUh4J65ju7rPpioSP8FD3YDSrtr81xelW6hoF6/cBkgmhhH7H9BdmuE5ygMM
bR5/H7S2InQzyZ5XpBitJFBHnPm6B5YPd1zlDQQTGexTZNMEo+Dp+FiPemO/blN8
ciktddfNsTVDoSgiwsC13Ns0R93AY5H9CdtcmD+9Rkuyrb2jyYA55xojo5Bs/v21
nqTVpCZ9OFJIbIE6LEKiml6JR4qcAG7/wJQwnK0KiXLiM3J6
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:00 2025 by rpki-client