Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9177cdc-4634-4d34-9814-46c0484fcddb.roa
File: c9177cdc-4634-4d34-9814-46c0484fcddb.roa (raw, json)
Hash identifier: mvrGIAVxNBvbS1AmCvBoKpiptWvbSwHPHW8GklFcabc=
Subject key identifier: 1D:94:D5:80:4C:29:01:52:2C:9C:DD:44:4E:48:A4:C4:08:35:22:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E53392B055D0BE726B726EBBCB16B5753AB55CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9177cdc-4634-4d34-9814-46c0484fcddb.roa
Signing time: Mon 21 Apr 2025 18:30:28 +0000
ROA not before: Mon 21 Apr 2025 18:30:28 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:53:39:2b:05:5d:0b:e7:26:b7:26:eb:bc:b1:6b:57:53:ab:55:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:30:28 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=a77a234c384ab16fb538d22473810e24d90f6bdde58d03e81421be3923176dd0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:01:6c:c5:a0:15:50:9d:8d:ba:dd:ca:0f:b3:
f1:e0:c8:0e:c0:f7:f3:23:7a:42:18:57:06:4a:89:
a4:e6:d6:3f:a7:4d:33:e5:64:b9:b5:16:a0:e5:44:
b8:cd:ff:a2:74:a0:24:f0:ff:a8:df:81:29:4c:c9:
ec:a6:c8:96:a9:60:a0:71:3d:81:e6:e3:b3:9c:95:
d5:3f:9f:ea:08:9f:34:2d:0c:79:90:a7:8b:ff:9c:
89:49:7f:c6:8e:cc:f9:ae:4d:92:5e:0b:a9:f3:14:
03:e9:dc:6a:40:ab:da:21:55:ca:ab:09:4c:de:49:
4e:97:70:08:4e:e0:f4:72:4c:f8:73:8b:4e:d5:1e:
98:75:5b:a2:94:70:3e:7e:91:b1:bf:d4:75:33:b1:
c9:4a:8b:41:6d:46:f6:af:84:0c:cb:29:3c:bf:dc:
5f:98:6f:29:7b:60:c7:92:d6:50:52:f1:a9:e4:d2:
da:c9:58:ba:f9:bb:9c:48:30:fa:55:f2:ac:1a:4a:
ee:a3:c4:03:5d:8a:4b:2b:18:6d:6e:87:53:a6:7e:
00:ff:94:1e:02:98:d7:da:92:11:3a:3e:f0:c0:59:
bb:fc:d9:54:24:77:e1:62:b8:48:70:10:27:5c:fc:
37:80:4e:48:d3:43:99:3f:85:1a:b8:bb:da:d8:ed:
8d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:94:D5:80:4C:29:01:52:2C:9C:DD:44:4E:48:A4:C4:08:35:22:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9177cdc-4634-4d34-9814-46c0484fcddb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8c0::/46
Signature Algorithm: sha256WithRSAEncryption
99:19:01:ce:78:89:11:67:d1:08:45:55:c3:24:26:fc:26:4d:
b6:0a:0a:64:10:cf:d4:d6:8c:f6:62:c0:b0:5c:6b:b6:3c:e9:
65:4d:61:96:e3:7c:fe:a5:3d:f6:82:ad:29:5a:05:5e:eb:89:
1c:cc:a9:60:74:2c:25:dc:3e:68:30:4d:9d:d1:47:5a:c5:e9:
75:89:a6:e4:c7:76:67:41:fb:82:b3:0b:91:fa:8a:99:8b:cc:
bc:d3:e4:50:cd:a8:1f:f8:c9:f3:11:75:ec:b6:b8:ab:68:67:
e2:19:81:51:ce:13:a9:8c:c8:df:02:57:3f:05:c5:5c:50:2a:
69:5d:ba:98:89:98:8c:19:1f:b5:8d:ab:0e:cd:9a:23:d3:76:
d6:80:ae:b6:ae:34:31:46:12:72:c6:b2:18:62:e8:42:75:1b:
11:1d:ec:ce:18:e7:cb:7e:5d:d7:47:c3:95:6f:58:4e:aa:73:
8d:70:9b:d0:3d:2d:57:13:68:15:19:56:80:bd:0e:b1:5b:2f:
fb:b3:cc:35:8b:83:ef:60:76:53:06:3f:da:f0:c6:05:81:c1:
0d:65:f0:f5:52:25:41:c3:ae:e8:85:57:68:9d:80:04:7a:cb:
eb:7a:79:4b:d0:23:57:46:bd:af:07:c8:cb:f9:24:62:19:f3:
f8:9e:89:13
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPlM5KwVdC+cmtybrvLFrV1OrVcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMwMjhaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3N2EyMzRjMzg0YWIxNmZiNTM4ZDIyNDczODEwZTI0ZDkwZjZiZGRlNThk
MDNlODE0MjFiZTM5MjMxNzZkZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOwBbMWgFVCdjbrdyg+z8eDIDsD38yN6QhhXBkqJpObWP6dNM+VkubUWoOVE
uM3/onSgJPD/qN+BKUzJ7KbIlqlgoHE9gebjs5yV1T+f6gifNC0MeZCni/+ciUl/
xo7M+a5Nkl4LqfMUA+ncakCr2iFVyqsJTN5JTpdwCE7g9HJM+HOLTtUemHVbopRw
Pn6Rsb/UdTOxyUqLQW1G9q+EDMspPL/cX5hvKXtgx5LWUFLxqeTS2slYuvm7nEgw
+lXyrBpK7qPEA12KSysYbW6HU6Z+AP+UHgKY19qSETo+8MBZu/zZVCR34WK4SHAQ
J1z8N4BOSNNDmT+FGri72tjtjf8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQdlNWA
TCkBUiyc3UROSKTECDUiTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkxNzdjZGMtNDYzNC00ZDM0LTk4MTQtNDZjMDQ4NGZjZGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsI
wDANBgkqhkiG9w0BAQsFAAOCAQEAmRkBzniJEWfRCEVVwyQm/CZNtgoKZBDP1NaM
9mLAsFxrtjzpZU1hluN8/qU99oKtKVoFXuuJHMypYHQsJdw+aDBNndFHWsXpdYmm
5Md2Z0H7grMLkfqKmYvMvNPkUM2oH/jJ8xF17La4q2hn4hmBUc4TqYzI3wJXPwXF
XFAqaV26mImYjBkftY2rDs2aI9N21oCutq40MUYScsayGGLoQnUbER3szhjny35d
10fDlW9YTqpzjXCb0D0tVxNoFRlWgL0OsVsv+7PMNYuD72B2UwY/2vDGBYHBDWXw
9VIlQcOu6IVXaJ2ABHrL63p5S9AjV0a9rwfIy/kkYhnz+J6JEw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:04 2025 by rpki-client