Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
File: 97535b7f-b66d-439d-9398-8336783c9ea4.roa (raw, json)
Hash identifier: LSRfYwf8xEfL5D+UI0xNH48TD0VvGCNQOMJpQ3orzZU=
Subject key identifier: 72:24:2F:2F:96:74:87:78:4A:1F:1D:BF:AB:52:C1:5A:94:7A:B2:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46BA6E163C57347E7393C51A8B16692985F3E141
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
Signing time: Fri 25 Apr 2025 18:10:43 +0000
ROA not before: Fri 25 Apr 2025 18:10:43 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:ba:6e:16:3c:57:34:7e:73:93:c5:1a:8b:16:69:29:85:f3:e1:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:43 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e5785bc0d9bf634bc56af1b5ee67d1d666928fb5dab76dba9bfb830d1815f32d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:81:c7:e6:89:de:12:d9:40:c3:70:87:a8:f0:
9d:cd:37:29:98:04:d2:8b:4f:32:f0:b2:26:64:e6:
ff:74:50:cd:c6:4e:35:6b:21:9e:a5:53:0f:7a:ea:
ba:65:f3:31:6e:ef:9f:5d:05:28:b3:5e:ef:13:ca:
7a:84:76:d5:1d:f3:46:5f:0a:7b:8f:89:a0:41:0a:
75:e7:e5:b2:7c:ca:54:b2:da:25:14:28:d8:4e:a0:
99:35:5d:74:dc:a7:b1:30:c5:53:c0:63:56:c8:8c:
7f:be:c8:88:89:1e:ff:03:b7:96:91:c7:af:9b:fb:
39:74:6d:27:b5:46:84:f2:d3:5e:f1:cb:94:9f:65:
dd:76:4c:05:02:54:c5:e2:5a:bc:ea:6f:87:93:50:
22:db:01:6e:b4:3e:01:89:27:45:41:50:fb:b5:6a:
75:e9:5f:79:c1:7a:17:75:1d:67:81:b1:48:22:16:
8b:13:68:28:2a:dc:ed:6a:6a:52:fc:ce:3a:02:aa:
2f:7b:bd:81:8a:d1:7a:d2:78:fc:05:4f:29:56:e0:
a6:f5:09:06:3b:a5:5a:3f:64:52:1b:80:66:2b:2f:
6d:4a:f5:a2:8a:4a:ce:32:0f:ab:5d:f9:27:78:d5:
25:a0:fe:c2:ff:16:6b:10:7e:56:67:ee:11:95:a0:
d4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:24:2F:2F:96:74:87:78:4A:1F:1D:BF:AB:52:C1:5A:94:7A:B2:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5040::/48
Signature Algorithm: sha256WithRSAEncryption
60:46:68:09:28:20:60:fd:36:07:1a:2f:96:61:1b:ff:df:88:
37:65:c0:4d:4f:1f:e7:c3:05:71:0f:4f:51:c0:d0:7d:00:7e:
6f:c5:14:28:4d:de:0d:b6:ea:40:7b:9c:d7:ba:fd:ce:cc:ad:
d7:a5:29:dd:f0:68:65:dc:2d:15:2b:50:c6:e1:a5:5a:db:e0:
0d:5f:9c:db:bf:17:22:26:d8:73:15:a9:c5:95:a1:81:91:49:
57:51:4d:c3:a6:15:07:81:60:6d:39:94:c9:30:8b:55:1d:da:
ae:4e:91:e1:3a:8d:c1:bc:fd:43:1f:c7:f1:ea:d9:ed:0e:91:
f3:12:a9:e5:a7:cb:82:1a:70:d9:a7:e2:dd:86:91:87:fe:26:
35:e0:58:21:b4:80:ce:65:e8:32:b4:de:e7:6e:7e:14:67:17:
c3:02:e2:cd:78:da:bd:90:1d:6e:cd:48:8b:02:5c:3a:14:f8:
cc:b3:32:35:e5:5e:39:f0:ec:e3:2e:24:5c:4e:26:e5:4b:3d:
bc:11:ae:4d:25:5c:ef:eb:ee:b5:0a:d0:60:5e:57:63:b0:6f:
80:ba:2e:ac:aa:7f:5c:23:b5:43:1a:02:7c:48:2f:83:fd:cc:
93:37:ed:61:53:95:a4:91:9c:28:60:fb:6c:f1:d4:58:b1:e6:
6d:82:f6:7d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURrpuFjxXNH5zk8UaixZpKYXz4UEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwNDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1Nzg1YmMwZDliZjYzNGJjNTZhZjFiNWVlNjdkMWQ2NjY5MjhmYjVkYWI3
NmRiYTliZmI4MzBkMTgxNWYzMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaBx+aJ3hLZQMNwh6jwnc03KZgE0otPMvCyJmTm/3RQzcZONWshnqVTD3rq
umXzMW7vn10FKLNe7xPKeoR21R3zRl8Ke4+JoEEKdeflsnzKVLLaJRQo2E6gmTVd
dNynsTDFU8BjVsiMf77IiIke/wO3lpHHr5v7OXRtJ7VGhPLTXvHLlJ9l3XZMBQJU
xeJavOpvh5NQItsBbrQ+AYknRUFQ+7VqdelfecF6F3UdZ4GxSCIWixNoKCrc7Wpq
UvzOOgKqL3u9gYrRetJ4/AVPKVbgpvUJBjulWj9kUhuAZisvbUr1oopKzjIPq135
J3jVJaD+wv8WaxB+VmfuEZWg1K0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRyJC8v
lnSHeEofHb+rUsFalHqyLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc1MzViN2YtYjY2ZC00MzlkLTkzOTgtODMzNjc4M2M5ZWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAYEZoCSggYP02BxovlmEb/9+IN2XATU8f58MF
cQ9PUcDQfQB+b8UUKE3eDbbqQHuc17r9zsyt16Up3fBoZdwtFStQxuGlWtvgDV+c
278XIibYcxWpxZWhgZFJV1FNw6YVB4FgbTmUyTCLVR3ark6R4TqNwbz9Qx/H8erZ
7Q6R8xKp5afLghpw2afi3YaRh/4mNeBYIbSAzmXoMrTe525+FGcXwwLizXjavZAd
bs1IiwJcOhT4zLMyNeVeOfDs4y4kXE4m5Us9vBGuTSVc7+vutQrQYF5XY7BvgLou
rKp/XCO1QxoCfEgvg/3MkzftYVOVpJGcKGD7bPHUWLHmbYL2fQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:59 2025 by rpki-client