Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
File: c153f994-19fd-4682-b6f7-f4e92e6144ea.roa (raw, json)
Hash identifier: /lbOElAiGB6wYIGekrAkYGLTUaaelhbVQuUaeHwkF+o=
Subject key identifier: 04:7F:16:32:AF:8B:41:62:F3:C2:5E:0A:EC:1A:3E:03:EC:5C:CF:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F7F4A4BA962FD5E2315B93BA83DBAD2F6308652
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
Signing time: Fri 25 Apr 2025 20:10:51 +0000
ROA not before: Fri 25 Apr 2025 20:10:51 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:7f:4a:4b:a9:62:fd:5e:23:15:b9:3b:a8:3d:ba:d2:f6:30:86:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:51 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c745cb7660ec4b6017e814b8ade86cc3d87b4a93af5783618064b05ec94624e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e0:bf:62:9a:11:49:ab:ba:43:b6:79:88:29:
60:d4:63:8b:c0:51:74:b6:9d:0d:37:5b:95:8c:2a:
de:1f:78:f5:62:c4:70:6e:56:51:ed:66:76:db:c8:
3f:09:42:b7:27:77:67:a9:b9:8e:e2:ad:2e:04:31:
bf:89:db:d4:d2:e6:e3:5e:12:e7:9c:0b:fd:15:06:
85:37:ac:5b:e5:3a:b0:42:fd:e8:4c:c4:03:26:f4:
b8:d5:6a:cb:1d:15:38:6c:40:41:9e:14:11:d8:28:
97:7d:8a:1d:ba:61:63:d3:5b:99:96:05:b2:95:79:
26:ab:3f:60:35:3c:a6:38:c3:a1:39:5a:37:74:b2:
d5:c3:b0:76:40:79:8f:ea:29:b1:f5:bd:ff:bb:4e:
44:51:67:bd:ac:bc:4c:f4:58:97:99:ca:97:d8:e4:
91:c3:83:df:02:3e:28:28:4c:c5:67:d6:ff:e4:fe:
93:82:a5:35:51:de:46:92:c2:87:51:b6:82:f5:24:
bb:cf:fb:87:d7:e3:39:7f:5f:a7:83:55:e1:4f:58:
60:30:11:04:a1:0b:62:e8:01:02:19:ae:df:9e:3b:
57:e7:50:f8:14:4a:5b:d8:e8:5b:48:e8:13:c2:cf:
ac:e9:ea:3e:c1:a4:e8:3b:7f:2e:ca:b7:30:87:d4:
82:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:7F:16:32:AF:8B:41:62:F3:C2:5E:0A:EC:1A:3E:03:EC:5C:CF:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:c00::/38
Signature Algorithm: sha256WithRSAEncryption
a9:c2:34:b9:95:04:f6:8b:13:78:e3:04:9f:d7:6b:0e:ba:95:
c8:45:cb:61:10:97:69:c3:7f:07:b4:5c:2f:93:d3:ed:65:66:
71:30:15:a2:55:21:b9:ad:16:10:a7:7d:0e:a6:a2:23:76:a3:
d2:a7:c6:57:19:97:1a:00:5d:0c:89:56:e0:24:0d:2e:f4:fc:
5b:31:51:bb:af:73:b9:b3:57:82:92:aa:c0:1a:a0:47:25:8e:
53:a0:78:bc:12:6a:0f:0e:b6:31:12:06:dd:f4:ef:b3:82:2f:
c2:c9:74:c3:3e:ae:29:56:22:0e:45:1f:07:7a:58:ec:39:c9:
c2:96:90:d2:71:8a:0f:23:9a:1b:35:70:89:5c:cb:c2:f4:4d:
10:e4:70:a2:65:2f:12:70:0f:14:7f:d3:ed:0c:46:28:0f:a5:
6b:40:c7:21:56:b8:12:13:a1:5e:fd:19:12:0f:f8:18:62:e1:
ca:5c:d2:e8:c0:12:56:40:fb:a4:34:23:37:cc:16:d1:ba:01:
a6:1e:e9:86:b0:45:ab:97:9b:e4:0a:60:60:e2:07:c7:fb:6e:
53:23:53:06:ea:e3:07:b2:95:63:cc:88:b2:70:47:49:d2:f8:
55:81:f2:08:ab:ad:14:6c:82:3a:10:c2:f1:ce:8d:ce:d0:37:
d3:0f:d3:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX39KS6li/V4jFbk7qD260vYwhlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwNTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3NDVjYjc2NjBlYzRiNjAxN2U4MTRiOGFkZTg2Y2MzZDg3YjRhOTNhZjU3
ODM2MTgwNjRiMDVlYzk0NjI0ZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXgv2KaEUmrukO2eYgpYNRji8BRdLadDTdblYwq3h949WLEcG5WUe1mdtvI
PwlCtyd3Z6m5juKtLgQxv4nb1NLm414S55wL/RUGhTesW+U6sEL96EzEAyb0uNVq
yx0VOGxAQZ4UEdgol32KHbphY9NbmZYFspV5Jqs/YDU8pjjDoTlaN3Sy1cOwdkB5
j+opsfW9/7tORFFnvay8TPRYl5nKl9jkkcOD3wI+KChMxWfW/+T+k4KlNVHeRpLC
h1G2gvUku8/7h9fjOX9fp4NV4U9YYDARBKELYugBAhmu3547V+dQ+BRKW9joW0jo
E8LPrOnqPsGk6Dt/Lsq3MIfUgscCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEfxYy
r4tBYvPCXgrsGj4D7FzP3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE1M2Y5OTQtMTlmZC00NjgyLWI2ZjctZjRlOTJlNjE0NGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwM
MA0GCSqGSIb3DQEBCwUAA4IBAQCpwjS5lQT2ixN44wSf12sOupXIRcthEJdpw38H
tFwvk9PtZWZxMBWiVSG5rRYQp30OpqIjdqPSp8ZXGZcaAF0MiVbgJA0u9PxbMVG7
r3O5s1eCkqrAGqBHJY5ToHi8EmoPDrYxEgbd9O+zgi/CyXTDPq4pViIORR8Heljs
OcnClpDScYoPI5obNXCJXMvC9E0Q5HCiZS8ScA8Uf9PtDEYoD6VrQMchVrgSE6Fe
/RkSD/gYYuHKXNLowBJWQPukNCM3zBbRugGmHumGsEWrl5vkCmBg4gfH+25TI1MG
6uMHspVjzIiycEdJ0vhVgfIIq60UbII6EMLxzo3O0DfTD9Nj
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:33 2025 by rpki-client