Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
File: c3736673-707b-4dfc-aca4-88dcbb52a94d.roa (raw, json)
Hash identifier: aqzLpmNufqCSlP9q1EVIwBLWX9Dk+MWRAXxmMBU3qzw=
Subject key identifier: 1A:1E:A4:75:A0:73:EB:0A:DE:EC:7F:9A:E1:52:82:CB:0F:71:02:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EE10B6A1242C45C112048A0D663894D0F2E0F2C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
Signing time: Mon 21 Apr 2025 18:40:33 +0000
ROA not before: Mon 21 Apr 2025 18:40:33 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:e1:0b:6a:12:42:c4:5c:11:20:48:a0:d6:63:89:4d:0f:2e:0f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:33 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=666e3470b4984d0054e7d29fa62db33e68f3d4c88b5def9822a7a4ccf3e73cc7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d1:ab:48:a1:80:bf:9d:e4:6f:80:e3:e3:1e:
d7:ff:3d:a5:25:b2:98:c0:07:42:1f:8f:ea:45:b8:
da:bb:77:4f:b0:91:85:35:48:30:6c:2a:06:f2:79:
44:87:ed:d3:aa:d5:4f:e9:7d:24:f1:ae:e7:ba:62:
f5:36:39:5b:af:d3:d3:a1:d8:40:2c:2e:e7:89:8a:
09:93:c3:a8:11:66:7c:dc:95:92:77:7f:05:f1:dc:
80:16:03:31:78:4f:d0:d0:83:e0:5d:97:95:da:23:
ac:e9:75:e3:70:07:ae:9c:c4:85:78:4f:0d:ce:32:
d1:f3:03:32:73:e1:9b:e9:58:e9:33:50:41:d5:19:
4f:98:32:45:3f:1f:69:b1:8e:d6:9c:9b:1f:13:09:
35:3a:7a:1f:aa:4c:d8:61:16:ea:b8:e2:90:e2:b2:
69:94:eb:49:88:7f:ce:a7:dc:91:55:d9:2e:a4:08:
e7:c3:81:3d:ca:ef:c4:2e:cc:ea:5f:00:c0:a5:0b:
32:6b:48:a9:b1:2c:ad:d1:70:31:79:0e:a4:1f:bc:
a7:b3:c1:4e:f1:b6:94:40:58:85:11:7b:62:1a:00:
4d:6d:91:d5:38:c8:5e:4a:f3:e7:b1:0b:dc:20:ab:
a9:20:26:8a:ae:f5:ec:48:dd:a2:58:67:2f:84:51:
7f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1E:A4:75:A0:73:EB:0A:DE:EC:7F:9A:E1:52:82:CB:0F:71:02:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:800::/40
Signature Algorithm: sha256WithRSAEncryption
32:99:92:48:ee:dc:39:b7:21:cd:e6:39:e5:1e:29:8f:c0:ad:
7b:55:d5:60:15:f1:17:41:89:8a:29:05:49:dd:ee:4e:0b:27:
a3:b9:1c:d8:4b:b6:f1:d4:1f:56:fc:70:b4:d8:2c:e1:fb:39:
06:4b:c3:c2:48:a4:96:1f:92:f2:8a:c5:af:a9:2c:24:56:f4:
4a:a3:8b:ba:b5:38:91:ed:bd:e8:5f:7a:80:88:98:b9:2c:be:
7b:c7:56:52:ff:46:27:8d:f6:8b:8e:83:a1:43:a3:9f:c7:56:
ae:f1:84:6b:e1:0b:9c:e5:3f:fb:73:be:1c:08:6d:97:49:d0:
62:bd:2f:90:41:74:b7:fa:b9:3b:c5:95:06:bd:ce:89:a2:4b:
bc:d3:b3:95:55:85:c9:ab:af:5f:1d:02:95:e5:f9:fe:b5:1f:
13:0e:e1:f0:15:00:be:1a:53:af:2c:f9:d2:46:3d:ab:14:f7:
93:ba:9c:dd:44:92:15:ee:25:d3:e9:19:6a:c3:f3:3e:2d:57:
c8:ad:7e:3b:d9:fb:09:c0:46:f2:2a:10:ea:89:89:68:76:23:
df:00:0a:9b:db:76:56:d2:5f:23:e5:57:94:03:96:6c:2b:f0:
22:da:50:cc:f2:7d:26:b6:ee:09:b3:89:9b:bb:32:14:fc:b0:
f8:f3:0c:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHuELahJCxFwRIEig1mOJTQ8uDywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMzNaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2NmUzNDcwYjQ5ODRkMDA1NGU3ZDI5ZmE2MmRiMzNlNjhmM2Q0Yzg4YjVk
ZWY5ODIyYTdhNGNjZjNlNzNjYzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnRq0ihgL+d5G+A4+Me1/89pSWymMAHQh+P6kW42rt3T7CRhTVIMGwqBvJ5
RIft06rVT+l9JPGu57pi9TY5W6/T06HYQCwu54mKCZPDqBFmfNyVknd/BfHcgBYD
MXhP0NCD4F2XldojrOl143AHrpzEhXhPDc4y0fMDMnPhm+lY6TNQQdUZT5gyRT8f
abGO1pybHxMJNTp6H6pM2GEW6rjikOKyaZTrSYh/zqfckVXZLqQI58OBPcrvxC7M
6l8AwKULMmtIqbEsrdFwMXkOpB+8p7PBTvG2lEBYhRF7YhoATW2R1TjIXkrz57EL
3CCrqSAmiq717EjdolhnL4RRfyUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQaHqR1
oHPrCt7sf5rhUoLLD3EC5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM3MzY2NzMtNzA3Yi00ZGZjLWFjYTQtODhkY2JiNTJhOTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HgI
MA0GCSqGSIb3DQEBCwUAA4IBAQAymZJI7tw5tyHN5jnlHimPwK17VdVgFfEXQYmK
KQVJ3e5OCyejuRzYS7bx1B9W/HC02Czh+zkGS8PCSKSWH5LyisWvqSwkVvRKo4u6
tTiR7b3oX3qAiJi5LL57x1ZS/0YnjfaLjoOhQ6Ofx1au8YRr4Quc5T/7c74cCG2X
SdBivS+QQXS3+rk7xZUGvc6Joku807OVVYXJq69fHQKV5fn+tR8TDuHwFQC+GlOv
LPnSRj2rFPeTupzdRJIV7iXT6Rlqw/M+LVfIrX472fsJwEbyKhDqiYlodiPfAAqb
23ZW0l8j5VeUA5ZsK/Ai2lDM8n0mtu4Js4mbuzIU/LD48wzM
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:25 2025 by rpki-client