Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aba9112e-5520-4338-bc40-edcadc3952e2.roa
File: aba9112e-5520-4338-bc40-edcadc3952e2.roa (raw, json)
Hash identifier: kyrjZWuAURx05JxFPG7hllHr6B1uByr7jZaxX81TRLE=
Subject key identifier: 94:40:D2:7B:46:F0:E6:3A:3E:96:BD:37:A4:B3:40:21:CC:2D:E3:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B7886911BEE5ADEFD2D5ECDBC03B8BDE7790C86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aba9112e-5520-4338-bc40-edcadc3952e2.roa
Signing time: Mon 21 Apr 2025 18:40:07 +0000
ROA not before: Mon 21 Apr 2025 18:40:07 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:78:86:91:1b:ee:5a:de:fd:2d:5e:cd:bc:03:b8:bd:e7:79:0c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:07 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=151ffaea48394af066aa2b347fc3f6d4ee8dc5a55a5b77018f35587c78fd954a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c6:f1:ff:6f:02:9c:f7:e9:aa:67:91:3d:d1:
50:f4:0a:ee:b3:e8:76:5c:c3:45:de:2b:64:d6:4e:
69:f2:42:25:16:80:d6:ee:39:22:03:47:42:22:2d:
0c:80:29:53:61:e2:1e:4a:81:ef:91:11:e3:b8:09:
84:b6:17:81:ad:5b:fe:ab:85:95:32:8c:15:4d:20:
41:ad:89:f0:e8:31:99:4a:52:33:e8:68:d7:01:3c:
67:05:1c:37:c3:2f:38:2c:f5:09:28:d3:65:cd:c7:
60:6b:76:ad:30:78:e6:8d:08:a1:77:aa:0a:ff:c0:
a3:ba:49:65:cc:25:8a:d7:f4:6e:a6:3b:93:0a:6a:
3c:10:2f:6c:1b:24:8a:d5:7a:f2:38:b2:f6:d7:8d:
c3:8e:3c:5e:42:ea:15:cf:a2:fb:c7:47:58:12:f5:
58:01:d8:13:27:4d:80:ea:02:31:39:33:70:37:8b:
66:b0:b6:52:1b:ac:8a:7c:c7:e5:dc:11:61:62:2c:
b6:53:0f:02:f2:54:37:0f:97:d0:16:57:81:95:36:
ae:b2:8e:7d:ea:b2:95:4f:68:6e:2f:c1:7f:6d:a9:
19:25:12:b0:fb:c1:cf:a1:0f:6d:aa:fb:d4:20:c0:
65:36:0e:8c:9c:fb:35:8f:50:45:fa:8c:82:5d:9e:
2f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:40:D2:7B:46:F0:E6:3A:3E:96:BD:37:A4:B3:40:21:CC:2D:E3:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aba9112e-5520-4338-bc40-edcadc3952e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
20:91:10:15:09:5a:d5:0b:cc:cc:3f:c1:13:5e:f5:b8:e5:d8:
a3:4d:16:bc:34:be:66:96:4a:34:ee:f9:0d:f9:85:ef:fc:07:
a9:d2:94:03:cf:48:dd:3e:72:9d:1f:d2:90:30:2a:88:aa:45:
f2:c6:2e:64:85:b2:58:b0:d3:8e:8b:77:3d:c4:8c:07:3d:91:
35:c4:45:6f:46:1a:bf:ef:68:f1:f3:31:9a:a3:b8:0d:a1:61:
cb:b6:6f:67:5a:52:05:2e:bc:56:72:45:97:58:e3:78:9b:c2:
13:0e:dd:99:c0:c9:45:d5:9a:b9:05:52:cd:32:89:fe:d6:e3:
49:74:7d:4e:8e:15:fc:8e:5f:fa:63:18:b0:05:0c:35:ee:11:
0e:19:76:e9:c7:62:a1:a1:35:fa:ed:79:60:2c:c0:b6:8c:2f:
30:35:99:75:d0:49:1f:da:f8:a7:7c:d0:eb:c3:a1:62:5a:d7:
16:23:6b:3b:72:9c:55:bd:5f:7f:d3:e4:b8:cd:30:ee:91:3f:
21:10:c1:bb:a3:39:aa:e7:b0:6b:64:35:82:0f:68:d5:77:83:
98:d5:6c:5f:b7:be:a9:80:e3:3a:aa:4f:a6:8a:04:7c:07:61:
1a:0f:ba:31:1c:ea:42:80:07:c7:39:35:41:6a:9c:54:71:40:
f9:08:e9:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC3iGkRvuWt79LV7NvAO4ved5DIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMDdaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MWZmYWVhNDgzOTRhZjA2NmFhMmIzNDdmYzNmNmQ0ZWU4ZGM1YTU1YTVi
NzcwMThmMzU1ODdjNzhmZDk1NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHG8f9vApz36apnkT3RUPQK7rPodlzDRd4rZNZOafJCJRaA1u45IgNHQiIt
DIApU2HiHkqB75ER47gJhLYXga1b/quFlTKMFU0gQa2J8OgxmUpSM+ho1wE8ZwUc
N8MvOCz1CSjTZc3HYGt2rTB45o0IoXeqCv/Ao7pJZcwlitf0bqY7kwpqPBAvbBsk
itV68jiy9teNw448XkLqFc+i+8dHWBL1WAHYEydNgOoCMTkzcDeLZrC2UhusinzH
5dwRYWIstlMPAvJUNw+X0BZXgZU2rrKOfeqylU9obi/Bf22pGSUSsPvBz6EPbar7
1CDAZTYOjJz7NY9QRfqMgl2eL1MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUQNJ7
RvDmOj6WvTeks0AhzC3jHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJhOTExMmUtNTUyMC00MzM4LWJjNDAtZWRjYWRjMzk1MmUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQAgkRAVCVrVC8zMP8ETXvW45dijTRa8NL5mlko0
7vkN+YXv/Aep0pQDz0jdPnKdH9KQMCqIqkXyxi5khbJYsNOOi3c9xIwHPZE1xEVv
Rhq/72jx8zGao7gNoWHLtm9nWlIFLrxWckWXWON4m8ITDt2ZwMlF1Zq5BVLNMon+
1uNJdH1OjhX8jl/6YxiwBQw17hEOGXbpx2KhoTX67XlgLMC2jC8wNZl10Ekf2vin
fNDrw6FiWtcWI2s7cpxVvV9/0+S4zTDukT8hEMG7ozmq57BrZDWCD2jVd4OY1Wxf
t76pgOM6qk+migR8B2EaD7oxHOpCgAfHOTVBapxUcUD5COmL
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:15 2025 by rpki-client