Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
File: a6d14d01-1a1b-448e-bb4a-73279a06c540.roa (raw, json)
Hash identifier: JQaxNqX4gBi59CBO2EihUSC8e7iusI3M+WTg4vTdfWg=
Subject key identifier: 4E:F6:2C:97:60:CA:35:02:AF:AE:28:5F:C5:E5:38:B6:09:5F:76:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10E8CA21972B97B1F05BCD71538D10F04B9FAA88
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
Signing time: Fri 25 Apr 2025 18:31:01 +0000
ROA not before: Fri 25 Apr 2025 18:31:01 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:e8:ca:21:97:2b:97:b1:f0:5b:cd:71:53:8d:10:f0:4b:9f:aa:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:01 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=bb527fa45f69082b350b84570c721792c377805ba0d494b1a617b8f9c01c2783, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:32:6d:fd:90:a8:67:66:e7:d1:e0:5f:f2:ee:
fb:ba:e8:9b:fe:50:a7:69:5a:22:1a:b2:0f:69:28:
ea:c5:8a:93:2c:1c:a2:d6:58:00:c5:b4:36:f4:22:
b9:2d:5f:67:0c:a1:d5:3f:7e:77:e6:4f:93:aa:65:
7c:ce:3f:1c:8e:e8:b5:1d:18:b8:98:d0:52:0f:22:
12:ca:9e:60:20:b7:ab:3a:3a:50:b6:65:b1:d9:e4:
b9:dd:05:f7:80:24:24:c8:d8:f1:05:97:92:2a:bc:
76:c8:cf:35:22:a0:0f:74:c0:cb:53:56:69:d5:c2:
fe:3f:7b:8c:a8:6f:52:55:de:04:f5:44:a8:01:50:
67:3c:45:92:ae:cc:ed:48:d4:79:da:f8:42:2a:fb:
38:f8:63:c0:ca:66:c2:bd:58:4e:9b:74:7c:ad:5f:
81:d0:6c:cd:f2:c0:63:f2:d0:16:37:71:3b:28:37:
3e:fa:3d:85:76:79:6c:67:da:07:6f:4e:c0:14:87:
ea:5c:80:1d:7b:81:fc:9e:d7:75:0a:a2:ea:b9:2e:
27:61:2a:61:3b:45:b0:4d:65:b1:f1:bb:32:e5:2b:
fa:37:1a:22:a7:22:fc:fb:90:47:4b:05:31:21:59:
1b:bf:71:26:fa:12:fa:95:78:1f:74:85:35:74:00:
10:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F6:2C:97:60:CA:35:02:AF:AE:28:5F:C5:E5:38:B6:09:5F:76:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5040::/48
Signature Algorithm: sha256WithRSAEncryption
37:96:73:8c:35:be:91:c3:1e:10:9c:71:e7:ae:0d:96:cf:da:
c7:6a:25:dd:85:c9:d2:79:5e:b7:54:4d:48:c9:1c:53:ee:9c:
93:56:26:e4:eb:62:e0:e3:79:99:2c:76:92:7f:98:09:d5:e4:
db:d0:1a:d6:ea:be:da:ea:94:14:9c:27:a8:92:0e:69:35:7f:
97:27:ee:60:19:e7:13:98:23:91:3f:2d:74:00:35:4c:30:d2:
f2:45:7e:69:24:52:d9:40:ab:37:cc:0f:0f:fb:05:b5:f5:44:
b4:93:42:c1:50:24:c0:69:ad:ec:a6:5f:57:0d:ce:7d:92:dd:
59:03:2e:ac:ac:9f:7e:00:c7:ff:04:3e:68:2e:aa:83:c5:02:
fc:f8:a2:81:42:9f:9b:e4:1e:2a:c8:e9:bb:a2:af:56:c9:ad:
b6:11:ed:b1:ce:14:73:4e:f2:c8:71:96:f7:34:2f:97:26:5e:
81:03:cf:f6:64:6b:62:f5:4e:c7:ef:63:fa:86:8f:42:41:ed:
e9:10:8a:d5:a8:2a:d2:77:04:35:16:f0:ba:9a:b6:f2:19:fa:
34:97:b8:f7:2f:93:d7:d0:b3:ab:3b:9f:01:7b:00:66:a5:4a:
6a:ad:b1:a2:95:94:d8:8d:b3:44:a2:12:4c:7b:33:4c:e9:9d:
8e:bd:51:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEOjKIZcrl7HwW81xU40Q8EufqogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxMDFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiNTI3ZmE0NWY2OTA4MmIzNTBiODQ1NzBjNzIxNzkyYzM3NzgwNWJhMGQ0
OTRiMWE2MTdiOGY5YzAxYzI3ODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcybf2QqGdm59HgX/Lu+7rom/5Qp2laIhqyD2ko6sWKkywcotZYAMW0NvQi
uS1fZwyh1T9+d+ZPk6plfM4/HI7otR0YuJjQUg8iEsqeYCC3qzo6ULZlsdnkud0F
94AkJMjY8QWXkiq8dsjPNSKgD3TAy1NWadXC/j97jKhvUlXeBPVEqAFQZzxFkq7M
7UjUedr4Qir7OPhjwMpmwr1YTpt0fK1fgdBszfLAY/LQFjdxOyg3Pvo9hXZ5bGfa
B29OwBSH6lyAHXuB/J7XdQqi6rkuJ2EqYTtFsE1lsfG7MuUr+jcaIqci/PuQR0sF
MSFZG79xJvoS+pV4H3SFNXQAEKMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRO9iyX
YMo1Aq+uKF/F5Ti2CV92KTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZkMTRkMDEtMWExYi00NDhlLWJiNGEtNzMyNzlhMDZjNTQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAN5ZzjDW+kcMeEJxx564Nls/ax2ol3YXJ0nle
t1RNSMkcU+6ck1Ym5Oti4ON5mSx2kn+YCdXk29Aa1uq+2uqUFJwnqJIOaTV/lyfu
YBnnE5gjkT8tdAA1TDDS8kV+aSRS2UCrN8wPD/sFtfVEtJNCwVAkwGmt7KZfVw3O
fZLdWQMurKyffgDH/wQ+aC6qg8UC/PiigUKfm+QeKsjpu6KvVsmtthHtsc4Uc07y
yHGW9zQvlyZegQPP9mRrYvVOx+9j+oaPQkHt6RCK1agq0ncENRbwupq28hn6NJe4
9y+T19CzqzufAXsAZqVKaq2xopWU2I2zRKISTHszTOmdjr1R1g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:21 2025 by rpki-client