Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json)
Hash identifier: bSZvufn3mI6SSNK4C0jUtpe8KwO9lKp9ZJIZ20AxmHo=
Subject key identifier: 27:EB:D8:46:0E:86:D5:F2:7B:D4:06:31:21:F2:DA:47:1D:50:F2:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4352D665F0363314A4A364055CBAD597BE64BECB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
Signing time: Fri 25 Apr 2025 20:20:19 +0000
ROA not before: Fri 25 Apr 2025 20:20:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:52:d6:65:f0:36:33:14:a4:a3:64:05:5c:ba:d5:97:be:64:be:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a8fd87efb3a4565ac2aefe8f3d6454eed6a8e5d73158180ca40ea6aaefb0de6c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7d:c5:8b:2c:dd:2f:2c:6c:24:43:b3:f1:1d:
ef:6a:b6:af:94:e7:d7:4c:f0:ac:da:26:9c:9c:ae:
50:b4:68:3c:57:25:19:47:1f:bc:61:0e:6b:0b:0d:
d0:d0:df:30:ea:6b:a9:22:29:8b:7a:1f:0e:af:05:
81:35:d7:17:13:2c:4d:35:1c:9d:6f:f3:bc:1b:59:
86:83:a5:8d:ab:d7:76:38:0d:c3:6c:fd:d2:37:8b:
62:f9:38:08:57:c9:c4:fe:b5:e3:e8:7e:c9:37:29:
d5:0d:2e:82:32:94:48:c4:f8:71:95:04:66:41:c0:
e9:94:ee:54:03:52:46:67:fa:a7:36:d6:db:87:3c:
95:2f:26:38:52:9b:0a:94:b5:ed:29:2c:c2:66:6a:
63:57:27:28:53:16:a3:79:c4:3b:36:01:8f:01:cf:
64:fc:4d:01:cf:1a:d4:38:3c:35:eb:fd:bb:02:8e:
ed:41:78:6a:53:3c:af:e7:8f:33:5a:dc:fe:7d:a7:
c0:9e:22:f9:d7:46:06:c4:28:bd:f0:cf:60:b2:4a:
80:d1:d2:c2:7f:42:c0:e5:06:da:30:41:f5:8b:f1:
31:5c:df:cc:5d:7e:3b:fd:cf:3b:66:25:47:c0:6f:
91:e8:74:5d:5f:06:78:80:50:ed:3f:db:44:59:31:
de:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:EB:D8:46:0E:86:D5:F2:7B:D4:06:31:21:F2:DA:47:1D:50:F2:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
99:d1:73:f3:75:34:89:b1:6b:b2:80:b5:ce:ce:c4:d5:00:da:
21:b9:11:36:ec:f1:9a:9e:42:e1:ba:4b:6c:4b:c0:af:55:85:
7e:b0:cf:27:de:99:4f:9c:50:06:c4:11:4c:60:57:9d:37:12:
a3:cd:a7:fc:a5:7f:a5:63:42:3e:8f:da:2d:3b:4e:f4:66:9c:
32:6c:3b:c6:84:dc:42:6d:c8:1d:ce:ea:fd:d4:0c:f6:b6:6b:
48:0d:09:07:ba:65:8a:43:80:c8:89:af:4a:36:7d:57:64:e6:
8b:be:c9:b1:82:8a:c6:2c:74:b4:32:12:82:4f:5d:47:78:3f:
6f:f9:ef:b6:02:7f:66:f4:22:72:b7:34:b0:98:32:3a:b9:64:
94:49:7f:df:ba:cd:7b:0f:40:a5:d5:77:fe:f4:ae:de:53:6c:
8c:ad:d0:6e:fd:7a:bf:2c:32:9f:7c:12:70:40:ad:e1:83:10:
34:de:12:55:7a:7a:96:f0:7b:cc:0d:c8:e3:f6:1c:1f:11:9f:
e0:b0:89:fd:88:00:ac:4a:64:35:f6:48:bd:c3:1d:4d:a4:87:
a2:38:81:bf:5d:3a:fa:d3:c8:21:d8:cb:74:1e:d7:aa:cf:f8:
07:de:f3:cb:b9:e6:d3:23:7d:d3:d8:b5:f9:21:28:91:1f:35:
0d:62:c1:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ1LWZfA2MxSko2QFXLrVl75kvsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ZmQ4N2VmYjNhNDU2NWFjMmFlZmU4ZjNkNjQ1NGVlZDZhOGU1ZDczMTU4
MTgwY2E0MGVhNmFhZWZiMGRlNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJh9xYss3S8sbCRDs/Ed72q2r5Tn10zwrNomnJyuULRoPFclGUcfvGEOawsN
0NDfMOprqSIpi3ofDq8FgTXXFxMsTTUcnW/zvBtZhoOljavXdjgNw2z90jeLYvk4
CFfJxP614+h+yTcp1Q0ugjKUSMT4cZUEZkHA6ZTuVANSRmf6pzbW24c8lS8mOFKb
CpS17SkswmZqY1cnKFMWo3nEOzYBjwHPZPxNAc8a1Dg8Nev9uwKO7UF4alM8r+eP
M1rc/n2nwJ4i+ddGBsQovfDPYLJKgNHSwn9CwOUG2jBB9YvxMVzfzF1+O/3PO2Yl
R8Bvkeh0XV8GeIBQ7T/bRFkx3okCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQn69hG
DobV8nvUBjEh8tpHHVDywDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ0XPzdTSJsWuygLXOzsTVANohuRE27PGankLh
uktsS8CvVYV+sM8n3plPnFAGxBFMYFedNxKjzaf8pX+lY0I+j9otO070ZpwybDvG
hNxCbcgdzur91Az2tmtIDQkHumWKQ4DIia9KNn1XZOaLvsmxgorGLHS0MhKCT11H
eD9v+e+2An9m9CJytzSwmDI6uWSUSX/fus17D0Cl1Xf+9K7eU2yMrdBu/Xq/LDKf
fBJwQK3hgxA03hJVenqW8HvMDcjj9hwfEZ/gsIn9iACsSmQ19ki9wx1NpIeiOIG/
XTr608gh2Mt0Hteqz/gH3vPLuebTI33T2LX5ISiRHzUNYsFJ
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:09 2025 by rpki-client