Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa
File: c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa (raw, json)
Hash identifier: lmhWFT0RIntpyQgS0jiFNhXrZRzg17JVOztM1s1sZmY=
Subject key identifier: E2:6E:D3:AF:50:F5:3C:09:0C:7F:5A:51:52:10:86:5F:17:A9:58:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 217A308CFA624730580532C3E5856997A63B6381
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa
Signing time: Fri 25 Apr 2025 18:51:12 +0000
ROA not before: Fri 25 Apr 2025 18:51:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:7a:30:8c:fa:62:47:30:58:05:32:c3:e5:85:69:97:a6:3b:63:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=38f638809f1b38ba906f1cccf149e5be2dc6f876222578a349e70392468642ac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f1:24:e4:7f:68:05:42:0e:0d:6c:03:58:ed:
17:4c:6a:21:71:21:bb:64:f2:9b:01:f1:0b:53:fd:
e3:c6:72:0d:95:c5:5d:1c:ba:10:b6:21:2b:c0:b4:
90:7c:db:ff:0a:95:7b:bb:d5:71:7e:3c:8e:1c:89:
6f:01:d5:c9:82:ae:73:aa:38:2c:d9:50:3e:3e:0b:
d5:15:fe:db:cc:9c:a5:98:37:82:ca:d8:cd:35:4d:
a9:01:52:35:e0:ca:7f:cb:d0:e0:2c:7a:87:07:96:
e8:21:04:8d:96:9f:8e:1e:b7:37:a8:e5:88:a7:08:
bf:45:ed:36:a2:44:6e:9c:9a:4f:a4:cc:b7:58:12:
79:ab:11:7b:95:29:6f:25:3a:59:c9:a7:4a:a5:fc:
73:aa:17:50:ea:c1:d5:2e:d3:63:3e:2c:ad:99:03:
ba:34:28:2b:10:52:1a:74:bd:a3:33:d3:23:4d:f6:
ec:5e:d3:10:da:4d:29:69:35:5b:21:1a:67:32:32:
2f:40:c8:0a:de:62:78:50:d6:1c:00:45:0d:07:f0:
90:17:1e:fe:e6:77:0b:39:0a:cc:ae:9b:f1:35:94:
41:8b:2b:30:95:cb:7d:ca:c7:b7:ca:4c:da:de:eb:
e4:7b:4e:ff:1c:78:1a:32:2b:0e:cc:26:e8:18:3a:
c6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6E:D3:AF:50:F5:3C:09:0C:7F:5A:51:52:10:86:5F:17:A9:58:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5000::/40
Signature Algorithm: sha256WithRSAEncryption
44:67:89:a9:78:87:1e:81:9e:e7:71:21:38:f7:18:3f:9a:b6:
a7:5d:74:29:98:da:10:0b:a1:6a:e5:bc:2f:56:b7:07:6b:9d:
52:db:05:6c:4b:c1:a5:5c:d4:98:6d:5f:7d:3f:b8:3f:9c:eb:
9f:7a:df:ef:95:75:9d:88:b5:be:ea:b5:fc:14:43:03:45:59:
a1:37:8c:66:6b:b3:a3:52:1f:a5:02:31:28:87:04:0d:68:06:
82:23:37:16:c3:10:79:23:d2:a4:0c:e9:e2:dd:de:0f:ad:38:
a4:26:50:20:84:8f:66:64:7b:a9:87:7e:c9:5c:9c:06:64:06:
ab:ce:1e:53:7c:c8:a0:ab:51:5d:c1:82:a8:cb:a6:24:5c:ac:
0c:26:10:0e:a2:c3:a9:fa:8a:0c:16:f3:ee:c7:03:d0:88:ae:
1f:ee:32:81:42:2b:6a:45:5d:e8:c6:97:6e:e4:c6:68:84:72:
a4:3d:b6:9c:cf:86:a7:ac:ae:c8:a8:47:f5:22:e5:29:db:7e:
60:ce:8b:10:8b:75:bb:3c:b5:2b:a5:ce:5d:7c:77:39:5d:78:
21:41:ce:c8:ff:a0:26:e5:9e:e6:f7:8a:bb:ea:91:50:18:15:
74:68:a4:49:a0:fa:ae:91:c9:3c:3d:f7:50:d5:fd:8e:e9:a9:
4d:ba:5b:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIXowjPpiRzBYBTLD5YVpl6Y7Y4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4ZjYzODgwOWYxYjM4YmE5MDZmMWNjY2YxNDllNWJlMmRjNmY4NzYyMjI1
NzhhMzQ5ZTcwMzkyNDY4NjQyYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLxJOR/aAVCDg1sA1jtF0xqIXEhu2TymwHxC1P948ZyDZXFXRy6ELYhK8C0
kHzb/wqVe7vVcX48jhyJbwHVyYKuc6o4LNlQPj4L1RX+28ycpZg3gsrYzTVNqQFS
NeDKf8vQ4Cx6hweW6CEEjZafjh63N6jliKcIv0XtNqJEbpyaT6TMt1gSeasRe5Up
byU6WcmnSqX8c6oXUOrB1S7TYz4srZkDujQoKxBSGnS9ozPTI0327F7TENpNKWk1
WyEaZzIyL0DICt5ieFDWHABFDQfwkBce/uZ3CzkKzK6b8TWUQYsrMJXLfcrHt8pM
2t7r5HtO/xx4GjIrDswm6Bg6xm8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTibtOv
UPU8CQx/WlFSEIZfF6lYGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzYxY2IyYTItMTQwNi00OWM5LTlmZWMtYTQ4ZTc2OTUwZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBEZ4mpeIcegZ7ncSE49xg/mranXXQpmNoQC6Fq
5bwvVrcHa51S2wVsS8GlXNSYbV99P7g/nOufet/vlXWdiLW+6rX8FEMDRVmhN4xm
a7OjUh+lAjEohwQNaAaCIzcWwxB5I9KkDOni3d4PrTikJlAghI9mZHuph37JXJwG
ZAarzh5TfMigq1FdwYKoy6YkXKwMJhAOosOp+ooMFvPuxwPQiK4f7jKBQitqRV3o
xpdu5MZohHKkPbacz4anrK7IqEf1IuUp235gzosQi3W7PLUrpc5dfHc5XXghQc7I
/6Am5Z7m94q76pFQGBV0aKRJoPqukck8PfdQ1f2O6alNulu5
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:21 2025 by rpki-client