
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa
File: ad363c67-ff83-46aa-9474-de02e382946b.roa (raw, json)
Hash identifier: msw0TyvzkFUIAl+fVnUHwrYS9V55r3wDPXWOqT3SYWY=
Subject key identifier: 8A:AC:3C:8B:31:F8:E6:55:FD:D4:5D:D2:4E:29:3A:F3:B7:33:86:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B9219D1CFA1CDA311A33A1BCB0D59F5DD17CA58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa
Signing time: Fri 25 Apr 2025 19:51:34 +0000
ROA not before: Fri 25 Apr 2025 19:51:34 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:92:19:d1:cf:a1:cd:a3:11:a3:3a:1b:cb:0d:59:f5:dd:17:ca:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:34 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=dcb50d3b8f00a60c4d5e2f6b14b1eaa5265636864f74d397e3af7d092ec1e6e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:33:15:28:31:ef:96:57:c1:db:f0:f7:ed:9d:
34:7d:1e:40:61:09:26:65:58:79:91:7e:0c:33:0e:
dc:dc:ef:45:9b:a3:bf:52:2b:28:cf:08:b4:5a:55:
99:7d:58:b9:af:82:ee:ec:0b:41:e8:69:93:48:2d:
7d:03:a6:6d:5e:cd:56:34:8b:a6:98:bc:01:42:7d:
53:1d:b7:60:18:30:d7:8b:e9:e9:38:f2:ae:8a:3a:
53:65:d6:c0:d7:6a:c3:54:8b:19:07:41:3f:ec:96:
3f:d7:86:14:0f:3f:2d:fb:1c:06:18:90:8e:4f:d8:
fc:53:ac:74:8f:64:35:a9:75:51:88:96:03:27:42:
51:cd:a5:d2:cb:3a:4f:d2:77:33:db:87:b8:f3:e7:
e1:91:aa:c5:bf:e7:9a:e2:24:f6:fc:c2:7d:87:88:
7c:bb:4f:ef:c6:af:d9:68:66:46:d3:dd:ba:0d:19:
17:46:db:ff:e4:97:af:f1:54:29:85:14:ea:e9:72:
98:09:40:b0:e0:f5:41:2f:53:20:29:24:12:2a:eb:
1a:75:cb:fd:19:11:c2:b9:35:42:1e:4f:c3:77:86:
f1:a4:0d:93:12:c5:99:a5:27:02:fa:8c:bb:58:a9:
7f:30:5e:ad:20:c0:2f:90:00:3e:80:ca:18:95:b1:
02:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AC:3C:8B:31:F8:E6:55:FD:D4:5D:D2:4E:29:3A:F3:B7:33:86:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:b000::/40
Signature Algorithm: sha256WithRSAEncryption
22:26:b2:22:5c:d0:db:2b:98:fb:e0:f1:bd:ae:c8:d0:8e:44:
a2:20:40:eb:ef:f0:d5:9a:51:f9:30:1a:ad:7a:ce:5a:df:8f:
5f:9b:da:3b:25:f8:c9:a1:1d:75:b9:20:93:69:b3:4e:1b:01:
99:a0:f3:07:8a:e5:b6:34:6b:26:a7:a2:29:1d:ff:a7:c6:d6:
dc:50:02:61:3f:08:e5:cb:01:39:c2:5e:88:9c:69:07:b4:04:
cb:45:96:93:3c:07:06:5e:c0:a0:49:2f:46:9c:0f:95:2a:2b:
e1:40:aa:87:f2:94:7b:86:b1:6a:48:39:27:09:67:2c:d0:df:
96:3f:6d:73:8f:7e:05:c8:b9:81:27:e1:44:8a:8f:bc:49:de:
2d:03:27:c1:f5:bc:64:60:cd:17:78:00:99:6b:50:12:70:e1:
ce:4d:91:fd:39:ad:eb:30:63:fe:c3:1e:35:d6:67:d6:49:02:
cc:77:21:7f:5d:2f:52:a5:f1:fd:ef:85:95:4a:d9:65:d4:67:
02:5b:c2:59:3a:a5:a2:16:8a:db:b7:5d:72:e9:ac:af:e3:db:
ce:a3:58:5d:ac:76:6c:e1:d5:31:a3:f7:cd:41:e8:f1:6c:97:
fc:a8:1f:2f:e2:d4:a2:90:9a:dd:92:75:5b:af:41:c4:03:60:
0f:74:09:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC5IZ0c+hzaMRozobyw1Z9d0XylgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxMzRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjYjUwZDNiOGYwMGE2MGM0ZDVlMmY2YjE0YjFlYWE1MjY1NjM2ODY0Zjc0
ZDM5N2UzYWY3ZDA5MmVjMWU2ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPAzFSgx75ZXwdvw9+2dNH0eQGEJJmVYeZF+DDMO3NzvRZujv1IrKM8ItFpV
mX1Yua+C7uwLQehpk0gtfQOmbV7NVjSLppi8AUJ9Ux23YBgw14vp6Tjyroo6U2XW
wNdqw1SLGQdBP+yWP9eGFA8/LfscBhiQjk/Y/FOsdI9kNal1UYiWAydCUc2l0ss6
T9J3M9uHuPPn4ZGqxb/nmuIk9vzCfYeIfLtP78av2WhmRtPdug0ZF0bb/+SXr/FU
KYUU6ulymAlAsOD1QS9TICkkEirrGnXL/RkRwrk1Qh5Pw3eG8aQNkxLFmaUnAvqM
u1ipfzBerSDAL5AAPoDKGJWxAvcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSKrDyL
MfjmVf3UXdJOKTrztzOG7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQzNjNjNjctZmY4My00NmFhLTk0NzQtZGUwMmUzODI5NDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGw
MA0GCSqGSIb3DQEBCwUAA4IBAQAiJrIiXNDbK5j74PG9rsjQjkSiIEDr7/DVmlH5
MBqtes5a349fm9o7JfjJoR11uSCTabNOGwGZoPMHiuW2NGsmp6IpHf+nxtbcUAJh
PwjlywE5wl6InGkHtATLRZaTPAcGXsCgSS9GnA+VKivhQKqH8pR7hrFqSDknCWcs
0N+WP21zj34FyLmBJ+FEio+8Sd4tAyfB9bxkYM0XeACZa1AScOHOTZH9Oa3rMGP+
wx411mfWSQLMdyF/XS9SpfH974WVStll1GcCW8JZOqWiForbt11y6ayv49vOo1hd
rHZs4dUxo/fNQejxbJf8qB8v4tSikJrdknVbr0HEA2APdAnw
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:04 2025 by rpki-client