Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
File: b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa (raw, json)
Hash identifier: 61VwfYqSS7ShplD2gSRNwEEoRjdhjdk+7BSqatvlRnU=
Subject key identifier: B4:2B:EF:FD:E2:5F:8D:BA:46:70:E6:BB:6F:1C:9D:61:C6:95:6C:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 524D90002443EA16C1D6B2AC7BDBC2012B9DDA34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
Signing time: Fri 25 Apr 2025 20:10:11 +0000
ROA not before: Fri 25 Apr 2025 20:10:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:4d:90:00:24:43:ea:16:c1:d6:b2:ac:7b:db:c2:01:2b:9d:da:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=81cef1561e50a623a71d428050ad86cdd325bd6ab14a2442455143907e85e383, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6f:20:1a:e2:3e:33:7f:59:e7:5c:d8:9a:52:
cf:96:ed:dc:ae:72:88:88:79:e7:f9:45:03:b8:df:
bf:3c:7f:84:bd:8c:eb:17:26:c0:36:1e:0e:fa:df:
04:35:38:44:19:eb:03:23:15:4c:b5:26:c1:71:ee:
a2:cd:9f:da:78:d6:ce:77:a6:19:02:de:de:0d:5e:
bd:60:3c:16:16:54:a2:8a:7b:f4:3d:1d:44:03:c3:
bc:4c:1c:f4:a4:4d:19:59:2b:19:a3:a5:5f:57:e6:
53:46:d2:da:f8:3e:5e:12:31:1d:b6:20:76:3c:1c:
ae:7a:0f:31:b5:12:cd:f3:24:6b:89:09:a1:46:45:
3e:b7:64:43:89:0f:b3:c4:98:92:4b:00:f9:be:3f:
97:c7:50:b6:f0:0e:14:c4:da:53:13:b9:34:61:cf:
0e:e9:98:9f:fe:14:ec:10:90:a4:71:e2:1f:3d:b3:
16:d7:dd:5b:e6:ad:02:2a:4f:9f:9c:2f:6e:cc:85:
1d:02:8a:aa:20:e7:0f:70:8f:ab:24:26:2a:ab:7f:
70:01:02:93:e8:2b:a5:db:5d:7f:28:63:b9:5f:ba:
da:23:9c:6c:d5:5d:45:53:81:c4:b7:2e:6d:d3:c5:
ba:16:c7:c3:d7:5f:c6:2f:30:37:b4:9d:5b:30:4b:
a8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:2B:EF:FD:E2:5F:8D:BA:46:70:E6:BB:6F:1C:9D:61:C6:95:6C:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:400::/38
Signature Algorithm: sha256WithRSAEncryption
bb:27:f8:89:ca:a4:f2:95:b2:6f:95:b7:77:09:e8:b0:4d:57:
f6:38:f4:dd:8d:0e:c5:c0:ca:a0:74:54:1a:da:8d:17:da:ae:
69:1f:5b:f0:08:31:6d:61:99:1c:53:b8:4c:4a:c9:3a:fe:31:
27:01:b5:01:33:a1:60:f7:62:df:2a:1e:80:ec:2a:2a:9a:f3:
90:2e:b7:8a:e1:f6:c1:d5:fb:2b:53:41:66:8c:40:bc:8a:bd:
bb:41:a9:b8:56:5a:95:f5:19:18:18:9b:f4:f4:5c:fc:c2:9f:
c6:cc:fa:75:6e:ca:cd:cb:ba:06:7f:4f:00:b7:4c:54:16:9c:
f7:31:be:9b:df:ec:90:85:c5:e3:5a:18:71:e0:d6:e3:a4:cf:
e0:90:dd:f9:97:7b:85:94:9b:bd:ff:df:5c:5a:64:d6:8a:3d:
4f:e2:fe:cc:f6:1c:25:4d:bf:dd:4e:69:86:f8:3b:7f:e3:06:
78:cc:f8:80:7a:e2:ee:99:d8:7a:53:45:ec:9a:46:18:7c:8a:
97:e8:04:af:c6:38:33:e0:4c:72:a0:e1:7b:0e:4b:b9:21:a7:
eb:bf:e1:a2:c1:b5:b1:2f:85:d1:a4:de:39:37:29:ba:5d:69:
f9:d2:60:db:9d:57:9a:4f:3c:2c:9e:3d:18:aa:39:ef:18:b0:
bb:1e:b7:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUk2QACRD6hbB1rKse9vCASud2jQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxY2VmMTU2MWU1MGE2MjNhNzFkNDI4MDUwYWQ4NmNkZDMyNWJkNmFiMTRh
MjQ0MjQ1NTE0MzkwN2U4NWUzODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFvIBriPjN/Wedc2JpSz5bt3K5yiIh55/lFA7jfvzx/hL2M6xcmwDYeDvrf
BDU4RBnrAyMVTLUmwXHuos2f2njWznemGQLe3g1evWA8FhZUoop79D0dRAPDvEwc
9KRNGVkrGaOlX1fmU0bS2vg+XhIxHbYgdjwcrnoPMbUSzfMka4kJoUZFPrdkQ4kP
s8SYkksA+b4/l8dQtvAOFMTaUxO5NGHPDumYn/4U7BCQpHHiHz2zFtfdW+atAipP
n5wvbsyFHQKKqiDnD3CPqyQmKqt/cAECk+grpdtdfyhjuV+62iOcbNVdRVOBxLcu
bdPFuhbHw9dfxi8wN7SdWzBLqIsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS0K+/9
4l+NukZw5rtvHJ1hxpVsjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjcyYTk1NDAtNTFlZi00ZGNjLWE1ZTItMjQxNzI0OWExYWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIE
MA0GCSqGSIb3DQEBCwUAA4IBAQC7J/iJyqTylbJvlbd3CeiwTVf2OPTdjQ7FwMqg
dFQa2o0X2q5pH1vwCDFtYZkcU7hMSsk6/jEnAbUBM6Fg92LfKh6A7CoqmvOQLreK
4fbB1fsrU0FmjEC8ir27Qam4VlqV9RkYGJv09Fz8wp/GzPp1bsrNy7oGf08At0xU
Fpz3Mb6b3+yQhcXjWhhx4NbjpM/gkN35l3uFlJu9/99cWmTWij1P4v7M9hwlTb/d
TmmG+Dt/4wZ4zPiAeuLumdh6U0XsmkYYfIqX6ASvxjgz4ExyoOF7Dku5Iafrv+Gi
wbWxL4XRpN45Nym6XWn50mDbnVeaTzwsnj0YqjnvGLC7Hrew
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:10 2025 by rpki-client