Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json)
Hash identifier: KjbFN5UR5Cb1pMW+XH1ZwaUmKUxz3p5vdY8Pfl2sCBs=
Subject key identifier: E3:35:FD:06:35:D3:D0:AE:2E:F5:7E:F8:5A:C9:3B:6C:62:04:84:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64EFFC4D1A9E5F7CD4A60CFCBAEDD4C56E54C6F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
Signing time: Fri 25 Apr 2025 20:21:19 +0000
ROA not before: Fri 25 Apr 2025 20:21:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:ef:fc:4d:1a:9e:5f:7c:d4:a6:0c:fc:ba:ed:d4:c5:6e:54:c6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=4114805a8236ed62e93984180676d4a7676d48740654dd72248337c7d79b2628, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f3:b1:73:97:42:5f:f1:0e:1c:d7:ec:e7:d6:
bb:11:64:4d:b3:bf:f6:19:47:b4:db:58:f7:4c:3b:
2a:fa:41:5b:a9:ca:96:f0:48:69:d7:1d:2a:09:4b:
d3:69:65:e7:2f:df:f8:c9:e1:bf:25:b1:03:5c:22:
db:b6:ee:60:67:76:2c:d4:07:a1:aa:7f:5a:bf:77:
32:40:22:3f:98:66:11:20:7d:21:d1:2d:58:f7:ba:
6b:03:15:7d:9f:af:c2:27:4a:89:b6:3e:16:04:93:
dc:52:d1:7a:69:0f:88:47:e8:3f:b3:24:b4:38:45:
db:62:d0:e7:d3:7f:a7:97:49:bd:8a:3c:f3:a1:87:
78:2b:5e:66:6e:a8:55:4c:65:f9:ec:f4:4a:62:0b:
e5:61:24:a7:6a:30:6e:95:a5:35:18:79:17:ea:90:
55:f7:23:de:0d:18:26:b9:f3:d2:8f:21:e8:0b:4f:
00:16:59:bd:65:66:6a:ff:6c:58:26:fa:97:d7:0c:
7e:20:74:71:50:88:81:0c:4a:4e:60:cf:87:d2:e7:
97:08:b5:35:ba:39:22:71:f7:6f:9b:5b:2b:a2:73:
eb:e4:05:0a:16:60:5b:8e:4b:f9:82:c1:09:43:b9:
db:33:27:d0:ef:92:80:df:9b:e6:e0:49:fb:01:9b:
4f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:35:FD:06:35:D3:D0:AE:2E:F5:7E:F8:5A:C9:3B:6C:62:04:84:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/38
Signature Algorithm: sha256WithRSAEncryption
0f:e9:e4:b5:24:8c:8d:73:e7:20:97:7c:98:9e:3d:71:38:a8:
82:b6:29:20:9c:9e:c5:68:4c:5e:50:85:71:29:64:40:13:27:
7c:80:50:7b:7b:8d:dc:df:89:db:b4:08:00:98:b5:b9:5a:18:
f1:36:9d:49:5f:32:46:57:d7:5f:50:fe:ca:2d:2a:bc:b7:d5:
8c:ed:5c:41:e5:f9:ca:ae:c5:c1:f6:fd:76:86:68:07:6f:5b:
60:ee:74:1e:fe:51:1d:20:82:80:34:49:09:e0:07:e1:d4:2c:
32:1b:8e:1b:7c:ce:2f:e9:24:ae:6a:07:d6:c1:75:85:d8:b6:
5a:7b:85:8b:ac:a0:ed:3f:24:3d:1e:d8:41:5d:ae:69:f3:63:
a0:60:e5:c1:6b:41:f8:c7:73:07:46:df:c9:97:e2:5b:58:8f:
2a:49:f5:b7:a1:9c:21:f3:d3:94:34:3d:54:8b:c7:a5:70:8d:
37:30:5f:ff:06:9d:50:80:7e:54:67:d9:0c:06:4c:5a:69:98:
c9:c1:77:76:d3:88:eb:c2:1c:49:3b:d5:3c:49:1a:22:02:af:
e3:02:9a:cc:68:95:f5:7e:fb:4c:1c:1e:20:65:5b:8a:19:8b:
c8:0e:c3:16:c9:b5:3d:c2:a2:bd:0f:ec:2d:4f:70:a0:a4:b9:
96:39:7e:ec
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZO/8TRqeX3zUpgz8uu3UxW5UxvQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxMTQ4MDVhODIzNmVkNjJlOTM5ODQxODA2NzZkNGE3Njc2ZDQ4NzQwNjU0
ZGQ3MjI0ODMzN2M3ZDc5YjI2MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHzsXOXQl/xDhzX7OfWuxFkTbO/9hlHtNtY90w7KvpBW6nKlvBIadcdKglL
02ll5y/f+MnhvyWxA1wi27buYGd2LNQHoap/Wr93MkAiP5hmESB9IdEtWPe6awMV
fZ+vwidKibY+FgST3FLRemkPiEfoP7MktDhF22LQ59N/p5dJvYo886GHeCteZm6o
VUxl+ez0SmIL5WEkp2owbpWlNRh5F+qQVfcj3g0YJrnz0o8h6AtPABZZvWVmav9s
WCb6l9cMfiB0cVCIgQxKTmDPh9Lnlwi1Nbo5InH3b5tbK6Jz6+QFChZgW45L+YLB
CUO52zMn0O+SgN+b5uBJ+wGbT0UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjNf0G
NdPQri71fvhayTtsYgSE9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAP6eS1JIyNc+cgl3yYnj1xOKiCtikgnJ7FaExe
UIVxKWRAEyd8gFB7e43c34nbtAgAmLW5WhjxNp1JXzJGV9dfUP7KLSq8t9WM7VxB
5fnKrsXB9v12hmgHb1tg7nQe/lEdIIKANEkJ4Afh1CwyG44bfM4v6SSuagfWwXWF
2LZae4WLrKDtPyQ9HthBXa5p82OgYOXBa0H4x3MHRt/Jl+JbWI8qSfW3oZwh89OU
ND1Ui8elcI03MF//Bp1QgH5UZ9kMBkxaaZjJwXd204jrwhxJO9U8SRoiAq/jAprM
aJX1fvtMHB4gZVuKGYvIDsMWybU9wqK9D+wtT3CgpLmWOX7s
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:41 2025 by rpki-client