Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
File: b0fb422a-c1ce-4269-b503-2c8145fc798a.roa (raw, json)
Hash identifier: nigKjhGtywejS3LPB/1cpjvZRk4wQcRc9gE0ZS8nO0Q=
Subject key identifier: A4:74:37:A0:79:DB:15:CE:AA:EB:A5:6B:79:C9:F8:D2:4A:50:6C:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EE677DD8F52C719EB8A93944CE7AA6E4744C569
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
Signing time: Fri 25 Apr 2025 19:00:24 +0000
ROA not before: Fri 25 Apr 2025 19:00:24 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:e6:77:dd:8f:52:c7:19:eb:8a:93:94:4c:e7:aa:6e:47:44:c5:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:24 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=5d156db8e3edc3b5270b41e3fc1382f8e21c406c3348190c31e9273487a147ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ce:e1:ea:e1:eb:f7:87:ef:7f:e4:fc:d7:83:
16:6d:5e:8e:ba:df:6c:09:f7:a5:b6:cb:96:a9:32:
ac:b7:c3:d0:e3:a6:05:55:74:04:5b:9f:d8:3b:d0:
1f:cd:ff:80:b9:28:35:a8:36:a0:d0:e3:d9:68:e6:
07:c2:36:eb:b9:f0:ac:6a:28:f6:ef:2a:75:ed:50:
56:18:f7:67:5a:60:bd:cb:de:a0:8a:19:a7:3b:df:
df:9d:6b:60:5d:af:ea:b5:4e:30:7d:66:e2:ec:b5:
7a:73:3b:ea:67:3c:cd:f9:7d:da:11:5e:b5:af:df:
ae:bb:05:8b:40:71:42:b0:0b:7e:90:d8:86:7b:be:
14:30:86:da:0b:7b:d0:f3:79:85:7a:b1:16:8c:ce:
c1:80:b5:d1:81:52:73:cd:7a:7f:ad:fb:a7:af:21:
d3:ba:01:be:8f:5a:23:42:6f:23:2b:d9:c1:e6:35:
ed:41:ed:23:46:57:a6:d0:c8:33:26:a8:1f:4f:27:
c8:4c:29:15:23:0b:29:db:fb:b4:f5:8f:47:32:96:
bf:ff:2f:74:d4:45:c5:0d:5b:98:72:65:dd:9e:3f:
d1:6b:0d:27:8d:b5:90:8a:29:f4:d8:7e:7b:e8:e0:
d0:ee:9f:70:06:d0:3e:1a:d3:87:87:f8:06:44:c0:
e5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:74:37:A0:79:DB:15:CE:AA:EB:A5:6B:79:C9:F8:D2:4A:50:6C:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a020::/48
Signature Algorithm: sha256WithRSAEncryption
49:9f:84:23:2b:4a:42:d3:52:2f:03:97:37:fe:8a:dd:f4:d8:
6f:4c:07:a3:65:bb:f1:e0:f7:0d:a4:40:0f:b7:27:a0:f6:8c:
ea:75:ec:e7:42:33:71:77:94:ff:df:e8:84:17:d2:21:5b:fe:
29:0e:ac:e4:46:10:e3:a5:dd:e8:27:d4:db:61:1b:e1:75:7b:
77:60:37:0c:ea:c4:51:c1:21:a6:49:d3:f0:87:5d:f2:ac:20:
2f:b0:9c:1b:b3:7b:2c:e6:9c:7b:34:30:79:0e:1e:ae:20:df:
77:6e:fe:da:44:54:1a:ab:10:af:78:83:0d:c0:d3:80:39:cc:
2c:05:5d:9b:c9:d5:0b:8e:4a:41:38:c5:28:d9:f1:bb:c1:4c:
46:77:43:d9:aa:e6:09:b5:4e:7d:f6:b1:47:ad:d3:2f:d6:4d:
62:b1:26:bc:53:64:e6:8f:59:e5:7c:78:fe:35:34:a0:a4:84:
f7:2a:00:6f:be:0f:42:a7:9e:11:5f:8a:25:13:91:81:05:ed:
3d:56:a3:0a:35:a7:dd:32:6f:fc:01:12:3a:15:d7:71:77:a5:
88:a3:da:e3:05:d2:1a:33:cd:21:4a:8e:28:b0:86:72:9c:7b:
9d:36:b5:48:f6:a2:aa:a1:20:56:cb:53:fb:a1:48:24:94:c6:
58:2a:04:20
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTuZ33Y9SxxnripOUTOeqbkdExWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAwMjRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkMTU2ZGI4ZTNlZGMzYjUyNzBiNDFlM2ZjMTM4MmY4ZTIxYzQwNmMzMzQ4
MTkwYzMxZTkyNzM0ODdhMTQ3Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfO4erh6/eH73/k/NeDFm1ejrrfbAn3pbbLlqkyrLfD0OOmBVV0BFuf2DvQ
H83/gLkoNag2oNDj2WjmB8I267nwrGoo9u8qde1QVhj3Z1pgvcveoIoZpzvf351r
YF2v6rVOMH1m4uy1enM76mc8zfl92hFeta/frrsFi0BxQrALfpDYhnu+FDCG2gt7
0PN5hXqxFozOwYC10YFSc816f637p68h07oBvo9aI0JvIyvZweY17UHtI0ZXptDI
MyaoH08nyEwpFSMLKdv7tPWPRzKWv/8vdNRFxQ1bmHJl3Z4/0WsNJ421kIop9Nh+
e+jg0O6fcAbQPhrTh4f4BkTA5QUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSkdDeg
edsVzqrrpWt5yfjSSlBsUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBmYjQyMmEtYzFjZS00MjY5LWI1MDMtMmM4MTQ1ZmM3OThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
IDANBgkqhkiG9w0BAQsFAAOCAQEASZ+EIytKQtNSLwOXN/6K3fTYb0wHo2W78eD3
DaRAD7cnoPaM6nXs50IzcXeU/9/ohBfSIVv+KQ6s5EYQ46Xd6CfU22Eb4XV7d2A3
DOrEUcEhpknT8Idd8qwgL7CcG7N7LOacezQweQ4eriDfd27+2kRUGqsQr3iDDcDT
gDnMLAVdm8nVC45KQTjFKNnxu8FMRndD2armCbVOffaxR63TL9ZNYrEmvFNk5o9Z
5Xx4/jU0oKSE9yoAb74PQqeeEV+KJRORgQXtPVajCjWn3TJv/AESOhXXcXeliKPa
4wXSGjPNIUqOKLCGcpx7nTa1SPaiqqEgVstT+6FIJJTGWCoEIA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:22 2025 by rpki-client