Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
File: cead5bc0-2620-45bc-b97b-adb00020a426.roa (raw, json)
Hash identifier: 16bDQPXWu8mBBFH1OAnZjUTBAvJkEJL5ighzvRmbWx4=
Subject key identifier: A7:9E:D7:F2:81:87:24:6F:E0:31:E9:E9:51:8D:21:11:71:C0:70:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10D9A9AB7B3EE145DCE7EB4FAB174E12724988B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
Signing time: Fri 25 Apr 2025 19:00:51 +0000
ROA not before: Fri 25 Apr 2025 19:00:51 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:d9:a9:ab:7b:3e:e1:45:dc:e7:eb:4f:ab:17:4e:12:72:49:88:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:51 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=18ac3ebb8329f3127cbe6bb68e8c3e00130dfac364ef3f1aa9196906d0ad29a1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c0:6a:b5:95:b4:92:a1:b9:ff:31:be:f0:4d:
31:3c:5b:68:5c:5c:10:10:77:a3:b9:47:76:2b:e8:
06:5c:16:e5:8f:a0:71:14:69:4c:dd:53:15:1e:c0:
04:ab:9f:71:69:e2:43:62:8d:34:4c:98:33:6d:e5:
8e:cc:4d:a6:5e:db:e7:10:da:4e:0c:7f:cf:27:28:
24:82:70:30:22:d8:a1:3c:06:ea:bf:39:42:6d:71:
88:91:ae:f3:5a:26:de:4a:22:42:3a:dd:00:35:52:
32:14:22:45:55:d3:99:ab:46:b1:21:11:0a:af:7a:
ad:18:11:1b:76:76:67:30:6a:7f:e2:93:8a:a1:f4:
9f:d5:4e:53:71:6e:a8:d9:6d:fc:2b:25:9a:d8:f3:
21:f5:a1:e1:7e:3f:77:ef:5e:bb:df:4f:0f:9e:6b:
4a:4a:09:e5:af:91:5d:ba:aa:3d:0e:38:4b:1e:79:
1a:21:df:9d:f5:1a:e2:68:fd:53:5f:85:83:7d:a6:
c9:5d:8a:9b:55:98:ef:14:09:40:fb:47:7b:f8:8f:
d8:1b:49:73:3c:17:0c:27:7c:be:d9:cd:3f:fd:ee:
96:66:3d:82:63:3f:56:ca:2c:75:4c:97:d2:f0:ec:
81:8d:f9:21:ae:4c:59:49:3e:ea:e5:2c:e0:5c:f4:
4e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9E:D7:F2:81:87:24:6F:E0:31:E9:E9:51:8D:21:11:71:C0:70:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e080::/48
Signature Algorithm: sha256WithRSAEncryption
67:28:e3:fb:a2:1c:4e:e0:c3:a9:9a:39:1c:bd:8e:79:ca:4e:
4e:64:e6:e3:72:b7:fc:5c:4a:36:06:b7:0a:de:09:49:55:09:
83:9f:c1:d9:35:d9:22:16:5f:12:b0:a4:12:76:b6:da:d2:1e:
d7:2d:ea:42:2a:de:a3:d7:76:d1:ee:07:2e:07:50:27:69:b9:
f7:5b:de:e8:4d:5a:1c:6d:ce:7d:0d:ab:7e:3c:4b:60:eb:50:
bf:59:08:3f:2d:75:1f:6a:a0:ee:47:81:a6:c7:af:bc:cf:44:
d4:d4:d1:60:cd:9c:ee:07:40:c5:27:5c:39:2f:c2:8d:96:57:
d0:08:e7:d4:38:1c:76:f6:94:fc:08:1c:a0:86:e6:2f:b0:5d:
f4:1d:f0:e8:ef:2e:01:9e:b3:c5:2a:cb:55:83:01:cc:71:90:
c4:31:f7:fe:55:be:24:8c:da:33:56:7f:74:73:c7:24:71:38:
7f:1c:8b:94:5d:1a:a9:fa:7f:ce:7b:99:d1:b2:fe:41:f8:1b:
f5:4c:95:b1:55:cf:64:15:ab:d3:d6:e9:2e:55:e8:88:d4:33:
36:23:0f:f1:05:45:20:35:f6:23:91:e4:cf:c1:7b:2e:93:b5:
5f:8f:53:09:1a:35:1c:fe:24:e7:72:38:b4:e9:f0:a5:0f:21:
71:ea:8e:0a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUENmpq3s+4UXc5+tPqxdOEnJJiLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAwNTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4YWMzZWJiODMyOWYzMTI3Y2JlNmJiNjhlOGMzZTAwMTMwZGZhYzM2NGVm
M2YxYWE5MTk2OTA2ZDBhZDI5YTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPAarWVtJKhuf8xvvBNMTxbaFxcEBB3o7lHdivoBlwW5Y+gcRRpTN1TFR7A
BKufcWniQ2KNNEyYM23ljsxNpl7b5xDaTgx/zycoJIJwMCLYoTwG6r85Qm1xiJGu
81om3koiQjrdADVSMhQiRVXTmatGsSERCq96rRgRG3Z2ZzBqf+KTiqH0n9VOU3Fu
qNlt/CslmtjzIfWh4X4/d+9eu99PD55rSkoJ5a+RXbqqPQ44Sx55GiHfnfUa4mj9
U1+Fg32myV2Km1WY7xQJQPtHe/iP2BtJczwXDCd8vtnNP/3ulmY9gmM/VsosdUyX
0vDsgY35Ia5MWUk+6uUs4Fz0TmcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSnntfy
gYckb+Ax6elRjSERccBwzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2VhZDViYzAtMjYyMC00NWJjLWI5N2ItYWRiMDAwMjBhNDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
gDANBgkqhkiG9w0BAQsFAAOCAQEAZyjj+6IcTuDDqZo5HL2OecpOTmTm43K3/FxK
Nga3Ct4JSVUJg5/B2TXZIhZfErCkEna22tIe1y3qQireo9d20e4HLgdQJ2m591ve
6E1aHG3OfQ2rfjxLYOtQv1kIPy11H2qg7keBpsevvM9E1NTRYM2c7gdAxSdcOS/C
jZZX0Ajn1DgcdvaU/AgcoIbmL7Bd9B3w6O8uAZ6zxSrLVYMBzHGQxDH3/lW+JIza
M1Z/dHPHJHE4fxyLlF0aqfp/znuZ0bL+Qfgb9UyVsVXPZBWr09bpLlXoiNQzNiMP
8QVFIDX2I5Hkz8F7LpO1X49TCRo1HP4k53I4tOnwpQ8hceqOCg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:36 2025 by rpki-client