Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
File: ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa (raw, json)
Hash identifier: oU/t73V5QD+SOoyx1n0+is1+IcRGS7OrwVQ8oWwKfYg=
Subject key identifier: 4B:F3:B9:22:1B:D1:B2:B0:53:E1:F2:83:FD:9B:F3:BF:55:93:22:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49C54089D141095E9A128C7EDD09BC8DF3CF50A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
Signing time: Fri 25 Apr 2025 19:00:53 +0000
ROA not before: Fri 25 Apr 2025 19:00:53 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:c5:40:89:d1:41:09:5e:9a:12:8c:7e:dd:09:bc:8d:f3:cf:50:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:53 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=fc387418af3d775e56a9371e1571cd19c5b10f017202c5b7a1b37daec8607a56, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:33:34:0d:69:27:55:85:78:e0:78:bb:17:21:
4d:5f:73:af:d3:71:82:be:75:19:f5:10:b7:49:3a:
e0:20:0b:54:b2:1c:ec:3d:c6:aa:0f:2a:e1:70:59:
59:f7:5f:25:ae:69:38:45:c1:bb:18:b1:ab:db:2e:
bb:29:64:60:7d:92:68:28:34:66:1a:a4:88:8f:be:
dc:89:d2:2c:f9:b3:98:29:0e:37:40:5e:65:42:b8:
94:74:4f:3a:f7:b1:78:23:f7:15:1d:fb:74:ad:25:
db:b2:fc:4b:f7:f4:2e:69:bb:e9:87:3d:11:cd:1c:
03:f7:e3:90:66:a6:88:b1:f2:d5:17:89:70:69:f7:
a3:8d:d1:79:ef:c8:02:7c:9c:5c:9f:2e:f0:54:28:
69:48:22:9e:8b:33:93:d1:a8:2f:b6:4a:8e:b8:c8:
89:27:cd:7e:4c:db:a7:d1:f7:12:33:5f:b1:fd:67:
a9:4a:4e:ac:5a:77:46:08:7d:7f:1f:45:a1:35:9f:
ec:6c:8a:fa:65:98:73:8f:89:0a:d6:40:b3:58:43:
ce:fa:60:34:28:5c:42:7e:77:ac:98:e9:1b:7e:10:
5a:3c:ac:86:bd:2e:75:0e:6b:ca:80:4c:3f:ed:76:
67:e7:15:4c:42:2f:f6:3e:5d:d1:87:36:24:af:01:
6d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F3:B9:22:1B:D1:B2:B0:53:E1:F2:83:FD:9B:F3:BF:55:93:22:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
19:6a:e8:5e:c2:cd:ef:c3:98:69:ac:90:e3:3e:8e:eb:11:11:
e0:c8:02:e4:f4:c0:be:18:0f:36:f0:3d:66:a4:d1:6a:10:16:
32:9e:ce:3e:9a:8a:0d:0f:9b:16:68:62:2a:9e:12:6c:c8:ba:
e1:97:2c:7a:14:08:01:0e:55:ba:bf:80:36:b4:70:31:41:18:
3a:b4:13:e2:b6:d7:08:d4:6e:08:4f:63:86:ac:87:28:a0:9b:
4c:e9:26:9e:f2:1a:24:b7:18:77:c6:41:0f:ac:85:5a:9d:a2:
3c:8e:ac:8b:6a:25:75:d0:aa:32:b3:4d:ae:1f:8e:47:6d:d1:
d5:7c:80:6b:99:2e:5f:c0:44:a6:e7:ac:ba:bf:0b:2f:e0:bb:
1c:00:75:5e:e9:1e:24:5d:9a:da:96:37:e6:6e:c9:62:45:28:
a3:ad:00:48:64:96:7c:8b:fa:91:2c:c0:ce:a1:12:ec:a6:72:
7c:6b:35:08:70:f2:74:0d:d9:75:c6:89:2b:82:24:4e:3d:07:
a0:d5:6b:0e:4d:ad:b8:67:5d:a0:cf:9d:b6:5f:45:de:b0:90:
6b:a3:f4:ce:5c:5e:91:50:8d:40:86:b2:af:83:25:e8:d3:15:
1e:b8:1e:cf:df:2c:03:0f:41:bb:49:14:1f:c0:ea:72:97:d1:
25:8f:2b:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUScVAidFBCV6aEox+3Qm8jfPPUKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAwNTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjMzg3NDE4YWYzZDc3NWU1NmE5MzcxZTE1NzFjZDE5YzViMTBmMDE3MjAy
YzViN2ExYjM3ZGFlYzg2MDdhNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMozNA1pJ1WFeOB4uxchTV9zr9Nxgr51GfUQt0k64CALVLIc7D3Gqg8q4XBZ
WfdfJa5pOEXBuxixq9suuylkYH2SaCg0ZhqkiI++3InSLPmzmCkON0BeZUK4lHRP
OvexeCP3FR37dK0l27L8S/f0Lmm76Yc9Ec0cA/fjkGamiLHy1ReJcGn3o43Ree/I
AnycXJ8u8FQoaUginoszk9GoL7ZKjrjIiSfNfkzbp9H3EjNfsf1nqUpOrFp3Rgh9
fx9FoTWf7GyK+mWYc4+JCtZAs1hDzvpgNChcQn53rJjpG34QWjyshr0udQ5ryoBM
P+12Z+cVTEIv9j5d0Yc2JK8BbRcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRL87ki
G9GysFPh8oP9m/O/VZMiCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzZjRkMTEtZGM2Yi00YTgyLWJlNjEtNjhmMWQ3ODM4ZjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAZauhews3vw5hprJDjPo7rERHgyALk9MC+GA82
8D1mpNFqEBYyns4+mooND5sWaGIqnhJsyLrhlyx6FAgBDlW6v4A2tHAxQRg6tBPi
ttcI1G4IT2OGrIcooJtM6Sae8hoktxh3xkEPrIVanaI8jqyLaiV10Koys02uH45H
bdHVfIBrmS5fwESm56y6vwsv4LscAHVe6R4kXZraljfmbsliRSijrQBIZJZ8i/qR
LMDOoRLspnJ8azUIcPJ0Ddl1xokrgiROPQeg1WsOTa24Z12gz522X0XesJBro/TO
XF6RUI1AhrKvgyXo0xUeuB7P3ywDD0G7SRQfwOpyl9Eljytj
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:02 2025 by rpki-client