Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa
File: 975dfb4d-ef39-4371-9678-ff7909080d1e.roa (raw, json)
Hash identifier: dvY5+xqzgBityVxYeMCWwwYvihnFBL1WtViAWRPA/Z4=
Subject key identifier: 84:C1:A3:88:2E:C5:83:0A:9C:E9:B7:21:92:F4:BC:DD:8F:0E:A5:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FC5A5FF493FDFE4503E5392DE9740246649EBDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa
Signing time: Fri 25 Apr 2025 18:31:37 +0000
ROA not before: Fri 25 Apr 2025 18:31:37 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c5:a5:ff:49:3f:df:e4:50:3e:53:92:de:97:40:24:66:49:eb:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:37 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d6a167587989733a81fe119ce299dc4a3c5b177c3a33943f0e8f3331a9851ebf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:7e:21:69:c3:9e:75:fa:bb:52:a8:92:37:
82:b9:5b:d2:8a:8d:44:b5:f7:dd:65:d1:5f:ab:dd:
ab:88:16:9c:ef:fe:75:67:e1:ef:80:16:47:bc:bd:
e9:94:2a:96:c5:e2:23:cd:dc:9a:5e:0a:d6:d9:29:
e3:67:4e:7b:67:43:3b:a0:bb:15:10:de:1c:05:57:
36:85:df:cd:6c:a9:b9:0b:0a:1f:6b:41:f2:1f:88:
0c:d0:75:c5:0f:b0:81:92:fa:35:71:fc:f7:45:58:
ee:93:7e:90:08:36:3e:8f:dd:16:47:b5:d7:4f:7f:
27:c0:fb:a4:1c:93:15:81:6a:8b:f3:46:f6:98:2a:
9d:43:50:f0:3e:eb:ca:bd:af:ba:72:2f:8b:d2:b1:
b9:a5:da:bb:9f:4e:ec:11:8d:a1:c7:d7:d4:75:de:
e8:a6:d3:2d:66:7e:57:9a:fc:98:f0:45:be:96:e8:
28:97:82:51:42:77:72:a1:39:ed:da:3c:01:ff:b2:
eb:3f:94:4c:9d:34:23:06:36:38:1f:53:90:cd:3e:
ec:5a:3f:18:fa:9b:44:ab:5c:23:a1:6e:56:90:50:
93:45:19:7d:09:99:8a:40:66:9b:a1:05:09:ba:7b:
f2:bb:2e:af:18:01:cf:8c:cf:5f:96:2a:63:d3:53:
f4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C1:A3:88:2E:C5:83:0A:9C:E9:B7:21:92:F4:BC:DD:8F:0E:A5:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b080::/48
Signature Algorithm: sha256WithRSAEncryption
37:4d:c9:71:7e:a6:0c:5c:85:9e:14:95:bc:89:ae:22:fc:7f:
42:98:9a:65:03:e0:af:4c:d7:ca:c9:c0:c9:bf:f7:29:0c:91:
50:60:18:aa:02:67:33:70:e8:b1:8f:d7:22:0a:27:1e:f1:55:
2e:83:50:80:16:55:c7:5e:bb:f3:f5:87:c0:8a:f5:bc:20:d7:
ae:3c:92:c7:83:a7:73:95:bf:1e:db:ae:1d:58:bf:0a:67:ba:
31:db:96:ff:93:4c:ca:96:df:a5:f9:8c:d9:73:85:f4:31:74:
05:05:86:0d:7b:0a:58:bc:b4:06:0b:1e:94:92:00:1a:de:80:
1c:af:14:d5:53:e8:24:02:0c:6f:3c:49:29:03:96:94:b9:77:
e2:fd:8d:76:d3:12:cc:42:b1:29:bb:bd:96:e5:93:6e:a3:96:
71:7e:06:2d:34:27:8d:1d:53:06:60:fc:4a:c6:1d:6c:ec:84:
85:08:a0:4e:bb:1b:18:a4:69:0d:2b:48:7d:99:7d:6c:e8:6b:
e7:3e:2e:27:1f:b5:bd:3d:fa:48:e4:16:ed:57:96:29:83:3a:
24:3e:c1:02:b9:61:54:c8:87:c1:7b:3f:21:3f:ef:22:22:46:
27:48:cf:02:56:37:9c:2a:00:4f:a2:af:39:49:d1:da:41:fe:
a0:6e:bc:22
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT8Wl/0k/3+RQPlOS3pdAJGZJ69swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxMzdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2YTE2NzU4Nzk4OTczM2E4MWZlMTE5Y2UyOTlkYzRhM2M1YjE3N2MzYTMz
OTQzZjBlOGYzMzMxYTk4NTFlYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDtfiFpw551+rtSqJI3grlb0oqNRLX33WXRX6vdq4gWnO/+dWfh74AWR7y9
6ZQqlsXiI83cml4K1tkp42dOe2dDO6C7FRDeHAVXNoXfzWypuQsKH2tB8h+IDNB1
xQ+wgZL6NXH890VY7pN+kAg2Po/dFke1109/J8D7pByTFYFqi/NG9pgqnUNQ8D7r
yr2vunIvi9KxuaXau59O7BGNocfX1HXe6KbTLWZ+V5r8mPBFvpboKJeCUUJ3cqE5
7do8Af+y6z+UTJ00IwY2OB9TkM0+7Fo/GPqbRKtcI6FuVpBQk0UZfQmZikBmm6EF
Cbp78rsurxgBz4zPX5YqY9NT9H0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSEwaOI
LsWDCpzptyGS9Lzdjw6lcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc1ZGZiNGQtZWYzOS00MzcxLTk2NzgtZmY3OTA5MDgwZDFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKw
gDANBgkqhkiG9w0BAQsFAAOCAQEAN03JcX6mDFyFnhSVvImuIvx/QpiaZQPgr0zX
ysnAyb/3KQyRUGAYqgJnM3DosY/XIgonHvFVLoNQgBZVx1678/WHwIr1vCDXrjyS
x4Onc5W/HtuuHVi/Cme6MduW/5NMypbfpfmM2XOF9DF0BQWGDXsKWLy0BgselJIA
Gt6AHK8U1VPoJAIMbzxJKQOWlLl34v2NdtMSzEKxKbu9luWTbqOWcX4GLTQnjR1T
BmD8SsYdbOyEhQigTrsbGKRpDStIfZl9bOhr5z4uJx+1vT36SOQW7VeWKYM6JD7B
ArlhVMiHwXs/IT/vIiJGJ0jPAlY3nCoAT6KvOUnR2kH+oG68Ig==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:04 2025 by rpki-client