Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
File: d84b5798-b167-465e-8272-054986363200.roa (raw, json)
Hash identifier: 5oNB5logKdtgKUr5HEX8JNd5jGPOu7bKute7JyX+pMY=
Subject key identifier: 03:EE:D2:45:86:AE:BF:56:BB:76:09:17:04:40:30:0E:DA:D4:E0:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CDA44724D925910B31BF8208476E43FA0C13FC5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
Signing time: Fri 25 Apr 2025 19:01:38 +0000
ROA not before: Fri 25 Apr 2025 19:01:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:da:44:72:4d:92:59:10:b3:1b:f8:20:84:76:e4:3f:a0:c1:3f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:01:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ddf5ccec2e2e537139c98887e3f7df4e35a70cbd7797d28abc6b014850ff5516, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f9:33:1f:95:50:7b:0c:90:bf:91:99:28:08:
41:d4:5e:7e:e2:0a:cb:0e:fc:ec:b9:28:85:bc:3c:
0f:7d:7e:8d:43:f9:19:56:95:1b:6e:7c:45:52:dc:
dc:79:ca:6f:9b:19:c0:8c:bf:65:78:56:b1:db:2b:
c7:f4:86:2d:0c:ff:21:2c:18:4c:5f:f0:ec:c2:f1:
ed:b9:b3:95:02:f6:ec:2a:32:ef:d5:ec:dc:1c:ca:
40:c9:c6:01:7c:7c:b2:1c:d3:b5:9f:ed:ca:a7:30:
d7:c7:c7:a5:55:a7:3d:51:72:e4:ad:9f:9b:52:bb:
a3:22:9b:bd:03:f9:ad:d6:83:aa:2a:dc:a9:fe:30:
bd:42:19:6f:fe:0f:cb:9b:88:1d:84:4f:8c:51:0c:
f3:ea:b0:4b:65:08:bf:d1:a8:d4:b8:ee:82:93:ba:
a3:b5:57:32:ea:f2:ea:39:6d:0e:ad:79:2d:77:e2:
c6:33:c2:d9:5f:c5:13:f3:66:81:4c:20:5a:58:39:
08:a5:4c:f3:1d:83:b4:f1:8d:3b:10:f3:8c:c4:97:
ab:50:52:43:9a:53:58:13:95:47:3b:99:b1:65:ea:
92:d0:87:95:6c:ab:2e:7f:81:f9:b5:17:a7:63:f8:
78:d3:a9:ec:7e:b0:41:34:f5:62:db:c2:5a:79:f5:
fa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:EE:D2:45:86:AE:BF:56:BB:76:09:17:04:40:30:0E:DA:D4:E0:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
ba:96:0b:bb:97:4d:8e:ae:37:cf:a5:ec:d4:50:31:d7:02:d9:
04:90:ab:c0:04:a8:0c:1e:75:67:3c:ea:e4:96:a0:5e:67:bf:
8e:54:d2:f5:5c:a5:db:73:7d:c4:28:45:37:75:0a:85:a9:c1:
a8:ae:98:d9:4b:cd:47:f6:17:19:4d:99:37:33:4e:44:8b:92:
45:90:d6:93:14:ad:9b:8b:6b:a9:dd:21:39:b2:e3:94:46:f5:
85:5a:32:77:78:98:92:64:d5:40:e3:36:c2:17:4f:94:8f:27:
de:be:60:76:67:40:4a:58:d2:f5:b0:c8:ef:0b:29:76:e0:54:
ba:87:12:83:44:83:4e:72:7e:d7:16:f4:27:39:d7:4d:94:7f:
f7:92:78:1c:03:10:1b:19:99:c5:ce:a7:ce:f6:5e:88:dc:4d:
bc:25:dd:f3:52:cb:fe:30:84:06:60:71:f9:53:41:3c:59:b6:
cc:a4:8e:1c:65:9e:d9:2c:2f:24:06:61:1d:d5:26:9c:22:99:
a7:d1:19:18:ff:03:0a:46:45:fe:ef:8d:7c:40:4c:92:6e:2d:
c2:99:77:1f:9c:8a:9c:68:15:16:7a:20:a6:a4:03:cf:f7:94:
e5:45:21:c2:f5:57:f6:d1:2b:8e:bd:77:6c:64:8f:62:bf:ce:
8f:c2:b0:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPNpEck2SWRCzG/gghHbkP6DBP8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAxMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkZjVjY2VjMmUyZTUzNzEzOWM5ODg4N2UzZjdkZjRlMzVhNzBjYmQ3Nzk3
ZDI4YWJjNmIwMTQ4NTBmZjU1MTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKL5Mx+VUHsMkL+RmSgIQdRefuIKyw787Lkohbw8D31+jUP5GVaVG258RVLc
3HnKb5sZwIy/ZXhWsdsrx/SGLQz/ISwYTF/w7MLx7bmzlQL27Coy79Xs3BzKQMnG
AXx8shzTtZ/tyqcw18fHpVWnPVFy5K2fm1K7oyKbvQP5rdaDqircqf4wvUIZb/4P
y5uIHYRPjFEM8+qwS2UIv9Go1LjugpO6o7VXMury6jltDq15LXfixjPC2V/FE/Nm
gUwgWlg5CKVM8x2DtPGNOxDzjMSXq1BSQ5pTWBOVRzuZsWXqktCHlWyrLn+B+bUX
p2P4eNOp7H6wQTT1YtvCWnn1+lECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQD7tJF
hq6/Vrt2CRcEQDAO2tTgaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg0YjU3OTgtYjE2Ny00NjVlLTgyNzItMDU0OTg2MzYzMjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
wDANBgkqhkiG9w0BAQsFAAOCAQEAupYLu5dNjq43z6Xs1FAx1wLZBJCrwASoDB51
Zzzq5JagXme/jlTS9Vyl23N9xChFN3UKhanBqK6Y2UvNR/YXGU2ZNzNORIuSRZDW
kxStm4trqd0hObLjlEb1hVoyd3iYkmTVQOM2whdPlI8n3r5gdmdASljS9bDI7wsp
duBUuocSg0SDTnJ+1xb0JznXTZR/95J4HAMQGxmZxc6nzvZeiNxNvCXd81LL/jCE
BmBx+VNBPFm2zKSOHGWe2SwvJAZhHdUmnCKZp9EZGP8DCkZF/u+NfEBMkm4twpl3
H5yKnGgVFnogpqQDz/eU5UUhwvVX9tErjr13bGSPYr/Oj8KwFg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:09 2025 by rpki-client