Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
File: 90bd72ba-b30d-4433-a47e-e0543a4ea451.roa (raw, json)
Hash identifier: CL5I6PaqD+KgKN0MF9EZClPmOYm5NTuiKGREXLfvCC0=
Subject key identifier: EC:3D:24:6A:08:95:A1:DD:52:BD:51:56:3B:C9:B3:8A:5D:76:09:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36501F114346E99FF6134018AEEEAC327D47C4F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
Signing time: Fri 25 Apr 2025 19:51:27 +0000
ROA not before: Fri 25 Apr 2025 19:51:27 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:50:1f:11:43:46:e9:9f:f6:13:40:18:ae:ee:ac:32:7d:47:c4:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:27 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9843cc2f3ab8fe5a0d1b2352a6f14bea076c032ad7e46e118dd3b61177330e7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ed:6f:5e:a5:c8:f2:54:bb:93:7e:cd:44:74:
40:8c:bb:64:b4:bb:4d:a9:48:b2:88:1e:61:d9:8e:
5d:0f:a9:ff:fb:f5:ed:0b:81:00:fa:6b:b4:aa:66:
f0:02:32:bf:14:11:5e:3a:16:6f:e3:d4:93:d2:38:
f3:86:a6:e4:1f:52:e9:ce:69:c4:ee:93:c8:14:b7:
53:f1:e1:2e:e4:51:b7:5d:4c:b1:c3:49:87:d4:9d:
49:6a:73:91:e3:c3:66:69:21:9b:d9:65:65:56:b9:
cf:8a:d8:dd:56:5b:f9:96:cc:c7:41:b4:16:80:80:
3d:c0:13:25:76:7b:cb:7e:da:f1:5a:76:65:e9:24:
7d:a6:3c:72:42:6a:b1:cf:46:27:cd:42:e5:f4:9d:
05:55:38:4d:77:b4:3f:4e:2a:70:69:87:f8:86:76:
4a:88:20:cb:c8:2f:32:31:24:53:10:e3:2a:29:4b:
a8:b4:36:e0:79:cf:f7:be:c3:53:83:13:9c:97:0c:
3a:0d:b3:de:c8:a2:4d:12:39:34:1c:54:73:71:fc:
d9:f6:45:eb:19:80:54:e8:3f:a0:83:ff:52:5e:85:
7b:d2:d0:43:bf:ea:3f:50:16:7c:e5:04:8e:a1:00:
86:9f:a6:71:c1:d8:29:20:3e:97:6f:32:7f:47:2c:
8c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:3D:24:6A:08:95:A1:DD:52:BD:51:56:3B:C9:B3:8A:5D:76:09:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:e000::/40
Signature Algorithm: sha256WithRSAEncryption
04:b8:88:ff:c5:4f:dc:8e:26:a9:2e:13:cf:7d:19:36:f8:86:
7e:b1:6e:1f:01:b6:ae:fa:4f:94:47:a7:21:fd:55:4b:80:22:
40:28:83:39:36:20:70:ce:b5:8d:c5:bc:d5:02:9d:f1:79:7a:
bd:2a:4b:5d:74:9b:ee:17:79:55:b7:47:f0:5b:07:e8:57:38:
0c:f4:f1:1f:47:3b:8b:00:a6:ac:2f:78:f8:cb:0f:ea:7c:0e:
ef:82:82:9f:0d:2b:71:df:bc:93:e6:16:41:57:8a:41:52:6b:
d3:96:1c:89:4b:54:1e:58:7e:2c:06:ae:c3:0e:d1:d1:79:b9:
5f:f1:93:ce:e0:bb:be:49:26:cb:78:02:94:40:bb:db:96:70:
38:f3:95:42:5b:eb:7e:db:e4:0c:40:5d:8d:a3:ac:b9:6d:21:
0d:27:c5:14:c9:5d:c1:81:dd:b2:b1:90:f3:3a:12:2c:07:9e:
7b:1f:7a:20:42:4f:e6:e1:f1:a0:bd:39:2f:a1:7b:eb:61:2a:
82:af:b1:f8:78:60:8c:f7:2f:8d:1b:7c:e7:73:c5:12:af:5d:
36:70:e0:d4:3a:57:97:d9:46:f8:6f:46:0f:4f:f3:e5:ca:aa:
53:8d:3f:34:0b:fc:25:62:62:58:af:d8:4c:0b:96:92:12:cd:
a9:26:45:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNlAfEUNG6Z/2E0AYru6sMn1HxPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxMjdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4NDNjYzJmM2FiOGZlNWEwZDFiMjM1MmE2ZjE0YmVhMDc2YzAzMmFkN2U0
NmUxMThkZDNiNjExNzczMzBlN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODtb16lyPJUu5N+zUR0QIy7ZLS7TalIsogeYdmOXQ+p//v17QuBAPprtKpm
8AIyvxQRXjoWb+PUk9I484am5B9S6c5pxO6TyBS3U/HhLuRRt11MscNJh9SdSWpz
kePDZmkhm9llZVa5z4rY3VZb+ZbMx0G0FoCAPcATJXZ7y37a8Vp2ZekkfaY8ckJq
sc9GJ81C5fSdBVU4TXe0P04qcGmH+IZ2Soggy8gvMjEkUxDjKilLqLQ24HnP977D
U4MTnJcMOg2z3siiTRI5NBxUc3H82fZF6xmAVOg/oIP/Ul6Fe9LQQ7/qP1AWfOUE
jqEAhp+mccHYKSA+l28yf0csjFECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsPSRq
CJWh3VK9UVY7ybOKXXYJVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTBiZDcyYmEtYjMwZC00NDMzLWE0N2UtZTA1NDNhNGVhNDUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTg
MA0GCSqGSIb3DQEBCwUAA4IBAQAEuIj/xU/cjiapLhPPfRk2+IZ+sW4fAbau+k+U
R6ch/VVLgCJAKIM5NiBwzrWNxbzVAp3xeXq9KktddJvuF3lVt0fwWwfoVzgM9PEf
RzuLAKasL3j4yw/qfA7vgoKfDStx37yT5hZBV4pBUmvTlhyJS1QeWH4sBq7DDtHR
eblf8ZPO4Lu+SSbLeAKUQLvblnA485VCW+t+2+QMQF2No6y5bSENJ8UUyV3Bgd2y
sZDzOhIsB557H3ogQk/m4fGgvTkvoXvrYSqCr7H4eGCM9y+NG3znc8USr102cODU
OleX2Ub4b0YPT/PlyqpTjT80C/wlYmJYr9hMC5aSEs2pJkXZ
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:47 2025 by rpki-client