Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
File: cb352ba2-1c61-4993-802d-895dc73880c2.roa (raw, json)
Hash identifier: DNgrBL9hx2Tu1w9KKtxW60fVGARbTVZnHMUn/P04T+E=
Subject key identifier: 0F:24:C2:A4:97:FE:A5:04:E0:A0:DF:BE:02:57:F8:05:03:85:EF:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20DFAB0AD7CB46F7C760C3B8A98855E62F477303
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
Signing time: Mon 21 Apr 2025 18:40:37 +0000
ROA not before: Mon 21 Apr 2025 18:40:37 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:df:ab:0a:d7:cb:46:f7:c7:60:c3:b8:a9:88:55:e6:2f:47:73:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:37 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=783d544c2312bf9a613577deed9fc805f7efa99c7a63f6e36a5c13745c9d52bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:22:88:af:0c:78:11:0e:64:99:c5:d4:09:8b:
09:0e:f7:54:eb:df:e5:ec:0e:1d:c3:df:5a:80:ac:
ab:73:d9:3d:75:0d:ea:e2:a1:6b:70:f5:63:b0:98:
37:68:4c:a0:b0:30:d0:55:7c:95:0e:60:a4:fe:64:
8a:fa:77:e5:87:76:f5:70:7e:0d:72:7e:53:0e:6d:
aa:9f:6a:0b:81:8b:40:3d:f4:7f:fb:07:c5:1d:aa:
c7:6c:5a:24:98:aa:5a:ed:60:94:a4:a2:6a:e1:f0:
13:54:6e:67:70:78:9a:8f:74:e4:de:b2:22:b4:f9:
90:f2:36:0d:53:50:ff:06:16:4d:39:61:06:bf:db:
a3:01:13:e6:b8:53:ac:ee:f5:af:cf:e4:38:b5:33:
ba:4a:fc:6b:ef:03:14:16:82:6e:7f:08:19:88:0e:
66:56:34:42:53:07:08:78:f7:fd:96:d2:51:c1:c7:
1f:d5:35:3e:b5:a6:91:cb:1c:da:56:f6:3d:dc:20:
25:ef:a4:28:1b:d1:e8:e2:19:5c:19:2e:57:76:39:
b1:5f:e2:a7:66:91:5c:0b:f7:6f:d0:e5:63:b8:f0:
f2:aa:eb:df:bf:22:63:45:3c:49:22:20:e5:f4:4a:
d4:a8:6d:5c:33:a4:26:16:0c:33:b8:36:49:1b:e4:
6c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:24:C2:A4:97:FE:A5:04:E0:A0:DF:BE:02:57:F8:05:03:85:EF:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:800::/40
Signature Algorithm: sha256WithRSAEncryption
b2:a7:aa:40:c2:b6:6c:7b:90:26:05:5c:8f:e4:ae:79:4c:16:
5d:7d:c1:17:da:af:da:12:74:d0:38:90:2b:b6:84:46:33:05:
16:f8:fb:c2:aa:c5:eb:bf:9a:67:76:a0:77:5d:c9:66:b9:de:
a1:09:22:2c:95:07:4c:0a:a1:2f:58:d7:5f:4d:f1:49:ee:33:
42:92:84:a7:d1:60:9a:2a:4d:ec:08:37:4f:b1:0a:2d:92:51:
c4:35:2e:29:50:f2:f7:75:a9:c4:ff:27:56:0e:4f:4c:cd:41:
c6:ce:81:eb:08:e2:f1:36:be:d8:9d:4b:58:29:ae:b3:28:a8:
6c:6d:48:d9:ca:6b:f1:7e:14:01:90:30:b0:e1:41:bd:c6:24:
1b:f2:93:f9:29:0d:88:6d:f4:e6:fa:c9:bb:f7:8b:02:9a:b8:
ec:f3:b5:16:71:a5:82:10:fc:88:8d:e6:51:35:a4:ae:f9:68:
fb:f1:e1:2d:f9:4e:29:58:0e:8d:0f:c8:b8:86:f9:11:ff:66:
c2:8c:5b:fd:e2:5f:3b:c1:f8:64:6d:03:68:08:8d:fe:8f:36:
a0:32:46:fb:7f:e2:91:0c:fd:85:a1:b8:ba:ce:b3:38:31:af:
28:8d:0e:9c:a7:04:84:53:65:a2:43:aa:d7:d5:86:4e:10:2a:
99:ee:b0:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIN+rCtfLRvfHYMO4qYhV5i9HcwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMzdaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4M2Q1NDRjMjMxMmJmOWE2MTM1NzdkZWVkOWZjODA1ZjdlZmE5OWM3YTYz
ZjZlMzZhNWMxMzc0NWM5ZDUyYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOkiiK8MeBEOZJnF1AmLCQ73VOvf5ewOHcPfWoCsq3PZPXUN6uKha3D1Y7CY
N2hMoLAw0FV8lQ5gpP5kivp35Yd29XB+DXJ+Uw5tqp9qC4GLQD30f/sHxR2qx2xa
JJiqWu1glKSiauHwE1RuZ3B4mo905N6yIrT5kPI2DVNQ/wYWTTlhBr/bowET5rhT
rO71r8/kOLUzukr8a+8DFBaCbn8IGYgOZlY0QlMHCHj3/ZbSUcHHH9U1PrWmkcsc
2lb2PdwgJe+kKBvR6OIZXBkuV3Y5sV/ip2aRXAv3b9DlY7jw8qrr378iY0U8SSIg
5fRK1KhtXDOkJhYMM7g2SRvkbAECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPJMKk
l/6lBOCg374CV/gFA4XvNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IzNTJiYTItMWM2MS00OTkzLTgwMmQtODk1ZGM3Mzg4MGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYI
MA0GCSqGSIb3DQEBCwUAA4IBAQCyp6pAwrZse5AmBVyP5K55TBZdfcEX2q/aEnTQ
OJArtoRGMwUW+PvCqsXrv5pndqB3Xclmud6hCSIslQdMCqEvWNdfTfFJ7jNCkoSn
0WCaKk3sCDdPsQotklHENS4pUPL3danE/ydWDk9MzUHGzoHrCOLxNr7YnUtYKa6z
KKhsbUjZymvxfhQBkDCw4UG9xiQb8pP5KQ2IbfTm+sm794sCmrjs87UWcaWCEPyI
jeZRNaSu+Wj78eEt+U4pWA6ND8i4hvkR/2bCjFv94l87wfhkbQNoCI3+jzagMkb7
f+KRDP2Fobi6zrM4Ma8ojQ6cpwSEU2WiQ6rX1YZOECqZ7rDD
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:21 2025 by rpki-client