Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93c73d28-6ada-4f65-bb8d-8fbee434c001.roa
File: 93c73d28-6ada-4f65-bb8d-8fbee434c001.roa (raw, json)
Hash identifier: LrD4uoln+G+EVJZA8Lr2G9PxioBJg6/ifVMSpDCLJiY=
Subject key identifier: 32:E8:3A:79:D3:F7:1D:C6:07:CE:94:C1:67:D9:CC:CF:B7:BB:6A:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 478695157DCEFEC55796BE4D8FF4EEEE4DFFB0A8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93c73d28-6ada-4f65-bb8d-8fbee434c001.roa
Signing time: Fri 25 Apr 2025 20:10:22 +0000
ROA not before: Fri 25 Apr 2025 20:10:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:86:95:15:7d:ce:fe:c5:57:96:be:4d:8f:f4:ee:ee:4d:ff:b0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9a3576dae7967d9d3162d3d7459add03ed21204eeeb35e966e441df9db760a85, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:04:12:63:0e:e2:63:c9:59:67:06:68:6f:3d:
7d:2b:89:9f:6a:b5:6c:ff:58:51:ec:17:60:ee:19:
7b:28:a6:7e:b9:87:3c:da:c1:19:51:f7:a1:bc:b6:
db:47:08:72:77:3a:ea:53:56:6d:ac:d4:d1:08:21:
20:8f:74:d0:e7:46:03:3d:a9:ef:15:c4:34:e1:0c:
38:d4:cb:c5:25:d4:30:26:74:a3:1c:18:c2:67:52:
62:aa:ae:e3:db:7f:ec:75:15:6d:1a:bc:83:39:a6:
99:0b:d2:2b:cd:0c:6b:32:89:50:99:24:ae:41:01:
06:be:ac:89:5a:99:aa:9c:db:d9:af:95:41:49:8c:
18:a6:fd:ca:ce:95:6b:a1:49:5a:13:af:c8:7b:ca:
79:e1:e0:5d:06:bf:37:62:e3:20:14:0f:33:25:8e:
b6:80:17:0a:a6:07:44:15:76:2f:98:a8:8b:b1:40:
d1:b2:09:da:8b:8b:86:bc:f4:09:08:61:79:50:62:
9e:9a:17:b1:2e:39:23:ca:3a:38:3d:d1:3d:b8:2c:
97:56:4d:2f:87:6b:5e:44:53:da:7f:d9:7b:9a:52:
8d:33:77:03:8a:3d:24:db:88:6d:dc:4c:8c:01:54:
8a:a2:64:18:a5:d4:5e:9c:2b:a5:30:1b:87:0f:9b:
7e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E8:3A:79:D3:F7:1D:C6:07:CE:94:C1:67:D9:CC:CF:B7:BB:6A:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93c73d28-6ada-4f65-bb8d-8fbee434c001.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:400::/38
Signature Algorithm: sha256WithRSAEncryption
3b:e4:40:c8:b3:8a:a3:56:7f:45:bd:df:75:c4:09:6a:7e:8b:
2f:dc:c2:66:8d:98:95:54:5e:7b:81:83:2c:e1:cd:29:3f:f2:
34:07:2d:42:94:c3:f9:80:75:04:db:b3:4b:13:68:62:75:cb:
11:d9:a2:6f:17:e0:e1:33:42:02:4c:b6:51:d5:a7:05:97:4e:
4e:fe:be:c1:c6:b3:d7:93:3e:3b:c2:21:cd:52:97:3e:9c:7d:
88:b8:b4:b6:04:70:cb:1a:23:be:04:f6:03:f9:d2:67:13:fc:
d7:5e:bd:4d:e9:45:d7:9d:29:54:69:2b:73:7a:bc:8c:f4:3a:
44:f6:06:af:d7:6d:35:55:a8:c7:fd:12:3a:74:12:df:93:05:
67:77:a2:d4:4b:76:ca:6e:d3:1c:6e:63:1f:41:fe:24:b4:84:
f3:20:f9:97:58:9d:ff:a3:44:30:8a:9d:02:27:a4:eb:d5:93:
dd:df:1c:1a:60:3b:77:c1:ed:d5:06:4c:2b:0c:f5:19:5b:f7:
29:f9:d0:fd:e7:49:62:92:7f:c4:97:e2:82:10:28:90:18:54:
0c:7a:3f:ef:80:dc:ed:31:ab:1c:c0:07:da:f7:43:99:dc:46:
70:17:fb:a4:e4:34:c6:c6:03:7c:74:ef:68:f9:6d:da:27:d5:
b4:64:f7:18
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR4aVFX3O/sVXlr5Nj/Tu7k3/sKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMzU3NmRhZTc5NjdkOWQzMTYyZDNkNzQ1OWFkZDAzZWQyMTIwNGVlZWIz
NWU5NjZlNDQxZGY5ZGI3NjBhODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkEEmMO4mPJWWcGaG89fSuJn2q1bP9YUewXYO4ZeyimfrmHPNrBGVH3oby2
20cIcnc66lNWbazU0QghII900OdGAz2p7xXENOEMONTLxSXUMCZ0oxwYwmdSYqqu
49t/7HUVbRq8gzmmmQvSK80MazKJUJkkrkEBBr6siVqZqpzb2a+VQUmMGKb9ys6V
a6FJWhOvyHvKeeHgXQa/N2LjIBQPMyWOtoAXCqYHRBV2L5ioi7FA0bIJ2ouLhrz0
CQhheVBinpoXsS45I8o6OD3RPbgsl1ZNL4drXkRT2n/Ze5pSjTN3A4o9JNuIbdxM
jAFUiqJkGKXUXpwrpTAbhw+bfjcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQy6Dp5
0/cdxgfOlMFn2czPt7tqBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTNjNzNkMjgtNmFkYS00ZjY1LWJiOGQtOGZiZWU0MzRjMDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUE
MA0GCSqGSIb3DQEBCwUAA4IBAQA75EDIs4qjVn9Fvd91xAlqfosv3MJmjZiVVF57
gYMs4c0pP/I0By1ClMP5gHUE27NLE2hidcsR2aJvF+DhM0ICTLZR1acFl05O/r7B
xrPXkz47wiHNUpc+nH2IuLS2BHDLGiO+BPYD+dJnE/zXXr1N6UXXnSlUaStzeryM
9DpE9gav1201VajH/RI6dBLfkwVnd6LUS3bKbtMcbmMfQf4ktITzIPmXWJ3/o0Qw
ip0CJ6Tr1ZPd3xwaYDt3we3VBkwrDPUZW/cp+dD950likn/El+KCECiQGFQMej/v
gNztMascwAfa90OZ3EZwF/uk5DTGxgN8dO9o+W3aJ9W0ZPcY
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:01 2025 by rpki-client