Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c753331a-9b4d-4856-abb9-330765ad02d0.roa
File: c753331a-9b4d-4856-abb9-330765ad02d0.roa (raw, json)
Hash identifier: KHkszllWZ0Wz2quX53+yosdIGGr9/oBpe48T3HAFK7o=
Subject key identifier: F8:1D:22:16:9F:4D:5D:9E:DA:F8:E3:69:9F:81:3B:00:0D:E7:4E:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 106890DEE331E75B251428D88E28064924439303
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c753331a-9b4d-4856-abb9-330765ad02d0.roa
Signing time: Mon 21 Apr 2025 18:40:28 +0000
ROA not before: Mon 21 Apr 2025 18:40:28 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:68:90:de:e3:31:e7:5b:25:14:28:d8:8e:28:06:49:24:43:93:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:28 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=f604b90c0c37799c09acc03943981d3f9b3925a27e81a49a4d10abc862936575, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f4:52:c3:37:a0:11:09:3d:d6:a5:f6:dc:bf:
90:5e:07:1e:3c:b5:31:a2:93:bf:c6:98:9f:60:ac:
a7:3b:56:cc:35:ea:b8:65:bd:f0:d4:d6:f7:21:d7:
b8:11:a4:8d:08:b3:19:7d:3d:54:5a:ea:d3:9b:45:
43:f1:78:45:45:19:f8:7e:e8:f5:d7:f2:43:3a:54:
8d:0c:34:6b:de:4d:a5:b0:b6:a8:69:0a:56:f6:da:
58:6e:3c:6c:a8:d1:dc:a7:fd:0f:a1:b7:e8:4b:87:
7b:7d:bc:5b:57:16:04:4b:9e:71:53:68:20:0a:80:
0c:cf:00:3e:b0:b3:9c:2f:39:57:ba:53:63:ba:17:
7a:a4:c5:7d:91:f2:bf:6c:a3:6b:29:45:b5:d7:5a:
a2:88:fd:2a:d6:45:55:85:c4:e0:63:de:5e:e2:11:
f6:ea:da:1d:12:56:e6:69:1e:82:1e:f1:df:46:3b:
b0:92:34:07:ca:f8:93:64:93:a0:6f:9e:d0:24:68:
5a:b6:22:3d:7f:69:7e:8c:5e:17:ae:12:d9:22:70:
de:5f:05:52:f8:0e:81:3f:61:f7:f4:90:fe:cd:95:
fb:dc:cf:06:8e:65:7a:d0:58:c9:68:89:98:9d:cc:
d3:a1:b6:40:68:e7:f0:38:26:ed:74:56:85:9a:b0:
7f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:1D:22:16:9F:4D:5D:9E:DA:F8:E3:69:9F:81:3B:00:0D:E7:4E:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c753331a-9b4d-4856-abb9-330765ad02d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8c0::/46
Signature Algorithm: sha256WithRSAEncryption
1f:75:ae:b4:8a:2f:41:78:76:f3:02:12:8c:9d:da:82:a1:f1:
c2:7f:bb:0b:cf:29:4e:c5:95:83:2e:15:94:30:4b:f9:a1:79:
b2:24:cd:d3:82:11:df:56:35:04:de:99:c8:da:47:a4:74:5c:
1f:be:51:15:d6:2a:eb:73:0d:2f:d0:0c:20:ad:f6:aa:d8:46:
cd:fc:24:c9:29:f1:9d:c0:46:27:10:f3:d8:d0:2e:39:eb:12:
2c:5d:4a:b3:67:1e:93:e5:a5:7c:3a:e5:7b:a4:bb:92:dc:a1:
c8:5e:14:3a:00:c0:90:af:af:c1:86:12:26:83:32:e6:62:1f:
80:0b:5e:48:20:84:f5:95:1f:b2:a8:a0:84:4f:8c:8d:39:38:
ab:b7:9e:e7:1e:55:3d:fe:55:ce:2a:69:8b:dd:a6:01:e1:67:
97:df:21:ef:d3:a8:31:7e:2f:cf:89:7e:01:24:4d:29:40:32:
e5:fa:e4:e8:c0:91:e5:81:8a:39:23:9d:d1:ab:a6:34:21:7d:
c8:ec:77:e8:ee:8c:2a:15:6b:3d:88:43:64:8a:f1:17:87:46:
41:3a:e6:f2:60:31:e5:ac:19:58:1a:ed:8d:72:b3:2d:de:ec:
7b:49:80:00:62:29:57:b0:76:f8:81:4c:3e:c1:a7:73:d3:3a:
7e:e8:3b:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEGiQ3uMx51slFCjYjigGSSRDkwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMjhaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MDRiOTBjMGMzNzc5OWMwOWFjYzAzOTQzOTgxZDNmOWIzOTI1YTI3ZTgx
YTQ5YTRkMTBhYmM4NjI5MzY1NzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMn0UsM3oBEJPdal9ty/kF4HHjy1MaKTv8aYn2CspztWzDXquGW98NTW9yHX
uBGkjQizGX09VFrq05tFQ/F4RUUZ+H7o9dfyQzpUjQw0a95NpbC2qGkKVvbaWG48
bKjR3Kf9D6G36EuHe328W1cWBEuecVNoIAqADM8APrCznC85V7pTY7oXeqTFfZHy
v2yjaylFtddaooj9KtZFVYXE4GPeXuIR9uraHRJW5mkegh7x30Y7sJI0B8r4k2ST
oG+e0CRoWrYiPX9pfoxeF64S2SJw3l8FUvgOgT9h9/SQ/s2V+9zPBo5letBYyWiJ
mJ3M06G2QGjn8Dgm7XRWhZqwfwkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT4HSIW
n01dntr442mfgTsADedOHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc1MzMzMWEtOWI0ZC00ODU2LWFiYjktMzMwNzY1YWQwMmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUI
wDANBgkqhkiG9w0BAQsFAAOCAQEAH3WutIovQXh28wISjJ3agqHxwn+7C88pTsWV
gy4VlDBL+aF5siTN04IR31Y1BN6ZyNpHpHRcH75RFdYq63MNL9AMIK32qthGzfwk
ySnxncBGJxDz2NAuOesSLF1Ks2cek+WlfDrle6S7ktyhyF4UOgDAkK+vwYYSJoMy
5mIfgAteSCCE9ZUfsqighE+MjTk4q7ee5x5VPf5Vzippi92mAeFnl98h79OoMX4v
z4l+ASRNKUAy5frk6MCR5YGKOSOd0aumNCF9yOx36O6MKhVrPYhDZIrxF4dGQTrm
8mAx5awZWBrtjXKzLd7se0mAAGIpV7B2+IFMPsGnc9M6fug71w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:22 2025 by rpki-client