Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
File: ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa (raw, json)
Hash identifier: h4HNLFtGIFwY3hDMjlSystSiTgkaa/Wa/kWOyn3+5TY=
Subject key identifier: 93:72:8C:B3:0B:66:4E:28:3A:87:7A:51:00:43:3D:C3:D2:89:01:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38842174F47BDC253C368860AB88EFBDB48E6DBA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
Signing time: Fri 25 Apr 2025 18:31:06 +0000
ROA not before: Fri 25 Apr 2025 18:31:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:84:21:74:f4:7b:dc:25:3c:36:88:60:ab:88:ef:bd:b4:8e:6d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e3dd45855a70177cd56cf92228463289aaf0e61f95aeb915e87ea5ce69dd98d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2f:01:4f:3c:83:ff:59:b7:42:8f:0f:ef:81:
93:76:78:7f:93:1d:67:96:9c:8d:1b:c1:78:cd:92:
35:ed:92:fa:ae:9a:96:6c:f1:85:34:c9:72:a2:83:
02:46:b6:31:48:35:45:db:c0:db:92:f5:95:07:b6:
49:c9:d2:12:9e:36:fd:6e:a5:bc:64:ef:47:e5:9b:
16:cb:26:9e:21:18:8d:c2:f5:ba:8e:18:9b:b5:d0:
51:d2:91:63:28:2a:20:94:a9:3b:a7:a7:ff:52:4b:
23:15:f4:0d:78:75:36:eb:a8:77:75:a3:91:ac:e2:
7c:d3:df:40:94:de:0c:61:fd:36:cf:0c:f4:24:e3:
fd:ed:04:34:b5:5c:41:b2:1f:10:43:c9:02:ec:8c:
16:ca:e4:20:bb:2c:71:78:af:1e:5e:f4:26:9b:7a:
2a:fc:4c:ef:1d:c3:29:6a:e4:64:07:0e:b6:1a:34:
86:85:35:85:f1:af:a8:4e:d5:a1:8f:b8:8a:6a:66:
98:e2:68:9c:13:50:d9:98:6e:7a:82:e9:e7:7f:ab:
c2:b7:73:4e:0c:22:d4:af:65:8e:d7:7a:f7:87:81:
1c:44:35:d8:fa:c4:79:7d:dd:d4:f9:52:38:2b:4d:
7a:bb:93:6e:6b:ba:3e:5d:df:ce:ae:06:64:18:30:
f4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:72:8C:B3:0B:66:4E:28:3A:87:7A:51:00:43:3D:C3:D2:89:01:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
1d:80:3a:ce:01:38:d6:33:a7:d4:19:5a:38:d4:cf:be:13:b1:
87:2e:9e:17:f1:f6:ce:81:72:89:a7:5a:7f:78:78:2d:07:24:
e8:f5:d3:06:53:25:9c:ac:49:87:8a:5a:65:b5:f2:f7:7e:d6:
e6:6f:f6:ab:81:ad:b8:0f:09:56:58:c9:cc:b3:7a:ee:ba:a6:
7a:11:17:37:80:db:f9:50:47:35:47:1d:5b:24:8e:d0:75:65:
73:a2:f4:69:9a:e7:71:89:0e:69:9e:9d:b4:16:5b:b9:f7:92:
75:f7:10:49:d5:a8:3b:bc:68:d4:ac:91:37:18:b7:4a:cf:d2:
e0:de:8f:7e:00:bd:a9:e0:bd:79:6d:b3:e6:cf:c7:ed:53:3e:
40:bb:60:12:7a:b1:40:74:d2:81:06:5d:68:0a:0d:4c:dc:4a:
62:19:fd:45:0c:6a:87:ae:07:14:7b:7d:71:1a:ff:96:89:9f:
15:7e:c7:14:3d:87:cb:b6:99:45:2e:81:ec:40:aa:b1:3d:f6:
a1:af:15:3a:47:e5:ce:4b:94:34:fb:65:db:d3:12:1c:0d:a2:
b4:6d:2a:59:70:b1:c6:c5:5d:e9:f2:9a:de:87:10:bf:1e:d7:
04:9d:6a:21:12:89:c1:4f:14:85:1c:70:e4:f6:e7:3b:a7:fd:
d1:61:7e:4e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOIQhdPR73CU8Nohgq4jvvbSObbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzZGQ0NTg1NWE3MDE3N2NkNTZjZjkyMjI4NDYzMjg5YWFmMGU2MWY5NWFl
YjkxNWU4N2VhNWNlNjlkZDk4ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIvAU88g/9Zt0KPD++Bk3Z4f5MdZ5acjRvBeM2SNe2S+q6almzxhTTJcqKD
Aka2MUg1RdvA25L1lQe2ScnSEp42/W6lvGTvR+WbFssmniEYjcL1uo4Ym7XQUdKR
YygqIJSpO6en/1JLIxX0DXh1Nuuod3WjkazifNPfQJTeDGH9Ns8M9CTj/e0ENLVc
QbIfEEPJAuyMFsrkILsscXivHl70Jpt6KvxM7x3DKWrkZAcOtho0hoU1hfGvqE7V
oY+4impmmOJonBNQ2ZhueoLp53+rwrdzTgwi1K9ljtd694eBHEQ12PrEeX3d1PlS
OCtNeruTbmu6Pl3fzq4GZBgw9FcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSTcoyz
C2ZOKDqHelEAQz3D0okBrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxZmRjNGEtZmExYS00ODEzLTgyNzItOTYwMWEzZDc1NWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAHYA6zgE41jOn1BlaONTPvhOxhy6eF/H2zoFy
iadaf3h4LQck6PXTBlMlnKxJh4paZbXy937W5m/2q4GtuA8JVljJzLN67rqmehEX
N4Db+VBHNUcdWySO0HVlc6L0aZrncYkOaZ6dtBZbufeSdfcQSdWoO7xo1KyRNxi3
Ss/S4N6PfgC9qeC9eW2z5s/H7VM+QLtgEnqxQHTSgQZdaAoNTNxKYhn9RQxqh64H
FHt9cRr/lomfFX7HFD2Hy7aZRS6B7ECqsT32oa8VOkflzkuUNPtl29MSHA2itG0q
WXCxxsVd6fKa3ocQvx7XBJ1qIRKJwU8UhRxw5PbnO6f90WF+Tg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:22 2025 by rpki-client