Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
File: a1796bea-01c9-41b7-b13d-6932c4f36a42.roa (raw, json)
Hash identifier: djfYW6/cojtIzd/IT/d/qg9eMYJCe0evM2wEBupLodQ=
Subject key identifier: 79:9C:3B:98:BC:86:3F:5F:8B:09:3D:95:FC:AD:0C:3F:04:BF:64:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 302D5E434B5A7FFC3737117D039AC5062593CD7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
Signing time: Fri 25 Apr 2025 18:40:11 +0000
ROA not before: Fri 25 Apr 2025 18:40:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:2d:5e:43:4b:5a:7f:fc:37:37:11:7d:03:9a:c5:06:25:93:cd:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a3dd6772c7a8fdf8c1b072cf9f8925755f0f2c4762d473eac41e446a84703e4b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:52:88:44:20:a6:a0:4d:d6:4f:80:14:1e:32:
b2:35:a1:c9:70:1b:bc:4b:e1:a4:7d:5d:a8:cc:89:
f1:55:8d:46:22:40:83:f2:15:08:5a:17:68:dc:3c:
eb:83:f7:4b:89:0b:d2:2d:b2:a2:35:d0:c4:21:6e:
60:4e:c8:30:60:8d:4e:d1:36:08:fa:5c:c7:9b:43:
07:b5:2c:7e:34:3a:5e:d6:fe:31:0b:7e:5c:62:ab:
d3:3a:28:1e:0a:03:7a:a5:a9:94:77:95:be:c2:3b:
20:3a:fd:2d:e7:11:a5:7d:e0:cb:40:a0:8b:fc:61:
ea:f6:91:a8:5b:c8:db:17:04:61:14:31:16:a0:37:
45:6f:0b:1e:5e:30:eb:a2:bc:b4:4e:24:09:37:4b:
62:c1:cc:49:07:87:99:6a:2d:48:6b:c4:68:c3:2e:
8e:75:ee:66:f2:89:61:25:fe:39:39:d4:2d:3d:23:
4f:61:6b:c2:03:cc:ba:0c:58:78:e8:a4:d0:9d:d2:
4d:9c:66:af:bd:c4:03:3e:b1:a7:4b:8c:d4:9c:f3:
e1:ef:00:82:94:ff:94:f4:d1:14:a4:7a:54:7b:35:
a2:57:92:b5:3a:64:2a:36:f6:d2:73:c0:f9:15:e0:
b2:ac:c1:30:a5:5e:4d:a7:75:2e:28:67:36:a6:af:
b2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:9C:3B:98:BC:86:3F:5F:8B:09:3D:95:FC:AD:0C:3F:04:BF:64:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a000::/40
Signature Algorithm: sha256WithRSAEncryption
78:8c:e9:0c:b3:ac:90:a3:84:bb:8e:d8:55:4f:eb:45:0b:70:
40:de:d1:da:e3:4c:54:b1:16:1a:44:ae:08:c4:d0:a8:92:7f:
43:7e:e7:1a:ab:de:e4:56:7d:c2:15:ad:59:6c:97:29:1b:1c:
cd:41:66:45:65:31:e1:5d:0f:1c:4e:21:92:cf:cb:ea:15:5a:
f9:83:bb:71:2e:6b:89:e9:3c:34:68:99:65:ae:6a:d3:f1:2c:
8e:da:77:b3:40:9f:bb:95:c4:fb:16:82:c6:ab:77:00:11:7e:
d5:91:17:36:9b:10:db:85:b3:88:6e:0b:f6:23:57:8a:fe:51:
f8:c1:41:21:34:ae:86:37:a7:4b:17:ec:8a:44:c1:0c:9a:12:
0c:b0:73:07:6c:eb:ad:27:8b:3e:03:f0:60:0c:31:5a:32:21:
94:7a:6e:84:a3:0e:0c:4b:54:9e:f6:fa:ad:a9:c8:a0:af:20:
1d:09:56:48:8e:ba:4d:60:ea:62:ff:dc:a8:93:d1:66:b4:ad:
59:bb:bb:90:f0:e9:d0:7e:57:43:7f:27:ee:75:2f:66:ff:44:
a7:30:c6:de:72:7c:ff:32:17:0d:13:33:97:15:b3:75:bc:3e:
90:10:f4:26:ec:70:6f:6c:04:a7:af:49:03:c5:3a:97:4a:a4:
af:3a:f9:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMC1eQ0taf/w3NxF9A5rFBiWTzXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzZGQ2NzcyYzdhOGZkZjhjMWIwNzJjZjlmODkyNTc1NWYwZjJjNDc2MmQ0
NzNlYWM0MWU0NDZhODQ3MDNlNGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtSiEQgpqBN1k+AFB4ysjWhyXAbvEvhpH1dqMyJ8VWNRiJAg/IVCFoXaNw8
64P3S4kL0i2yojXQxCFuYE7IMGCNTtE2CPpcx5tDB7UsfjQ6Xtb+MQt+XGKr0zoo
HgoDeqWplHeVvsI7IDr9LecRpX3gy0Cgi/xh6vaRqFvI2xcEYRQxFqA3RW8LHl4w
66K8tE4kCTdLYsHMSQeHmWotSGvEaMMujnXuZvKJYSX+OTnULT0jT2FrwgPMugxY
eOik0J3STZxmr73EAz6xp0uM1Jzz4e8AgpT/lPTRFKR6VHs1oleStTpkKjb20nPA
+RXgsqzBMKVeTad1LihnNqavsvECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5nDuY
vIY/X4sJPZX8rQw/BL9kPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTE3OTZiZWEtMDFjOS00MWI3LWIxM2QtNjkzMmM0ZjM2YTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGg
MA0GCSqGSIb3DQEBCwUAA4IBAQB4jOkMs6yQo4S7jthVT+tFC3BA3tHa40xUsRYa
RK4IxNCokn9Dfucaq97kVn3CFa1ZbJcpGxzNQWZFZTHhXQ8cTiGSz8vqFVr5g7tx
LmuJ6Tw0aJllrmrT8SyO2nezQJ+7lcT7FoLGq3cAEX7VkRc2mxDbhbOIbgv2I1eK
/lH4wUEhNK6GN6dLF+yKRMEMmhIMsHMHbOutJ4s+A/BgDDFaMiGUem6Eow4MS1Se
9vqtqcigryAdCVZIjrpNYOpi/9yok9FmtK1Zu7uQ8OnQfldDfyfudS9m/0SnMMbe
cnz/MhcNEzOXFbN1vD6QEPQm7HBvbASnr0kDxTqXSqSvOvkx
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:45 2025 by rpki-client