Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
File: e20afb98-f3fb-45c2-9398-65129b8874f0.roa (raw, json)
Hash identifier: 5U/b/yU/LMGZNZmoIytJG5Y3HBd6ZujZQ2FuMPtfE5o=
Subject key identifier: 75:52:93:86:7B:61:52:3D:CA:CD:0B:D3:5B:D2:3F:DB:45:7C:86:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B6A3297211320975A8850327418299FB45662
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
Signing time: Fri 25 Apr 2025 18:21:23 +0000
ROA not before: Fri 25 Apr 2025 18:21:23 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:6a:32:97:21:13:20:97:5a:88:50:32:74:18:29:9f:b4:56:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:21:23 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=97848ed8d769c7484a5e5c3e6af0e80fa89923b7ebd30309f9a5388d84c8b898, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f6:49:72:e1:9a:ed:4b:a0:f0:ef:b5:70:d5:
5b:44:05:e9:69:4f:e5:9d:41:d5:6c:6d:34:0c:e0:
41:ef:fc:20:4f:f9:a8:d9:76:05:07:0d:28:08:00:
f3:fd:b4:19:3d:17:05:c5:7a:9c:25:7c:76:23:9e:
89:ac:74:b4:8d:64:40:4e:6f:b7:5f:41:cb:17:c1:
03:de:e2:f1:2a:02:2d:96:84:32:74:62:f6:dc:5c:
8f:16:df:61:a8:19:65:69:59:15:f8:dd:35:43:5d:
8b:e6:cd:30:c1:bf:fc:b8:48:3e:47:c0:bf:40:aa:
31:1a:97:e0:73:89:92:c4:01:a9:c9:81:09:34:06:
8b:66:b0:17:44:08:f6:e5:f3:62:a5:fe:c3:f2:7a:
42:c1:78:dc:85:e3:a9:1a:2b:27:d3:9e:e7:04:cd:
b1:eb:fa:85:d1:94:91:ad:b9:de:51:31:ae:19:c0:
b7:82:09:c9:43:9a:c6:90:88:57:13:d6:f1:b8:91:
50:6d:72:1d:5b:c5:58:01:5c:4d:3d:8f:f2:7c:4c:
f7:4b:49:ae:0c:6c:01:b3:25:37:92:ba:d0:e4:e1:
5a:a4:56:da:5b:36:54:39:1d:3d:44:61:36:0d:3b:
54:1d:67:5f:c6:01:9f:06:c5:2c:d9:24:14:0f:59:
3f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:52:93:86:7B:61:52:3D:CA:CD:0B:D3:5B:D2:3F:DB:45:7C:86:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:6c:84:86:e0:dc:6d:e4:71:d0:5c:a6:7d:b3:f8:6c:2c:50:
5f:23:f4:1f:b6:b6:c7:46:d8:08:0d:b3:45:49:db:36:3e:6f:
77:ae:1d:17:2a:2e:ef:9f:f2:54:22:47:1d:57:a3:72:9b:7b:
7e:04:0b:75:8a:33:dc:83:6b:16:d0:50:f1:50:12:c0:81:74:
0d:5b:56:c0:f5:d4:b7:1d:cc:46:a2:6d:77:2f:47:ad:15:10:
21:93:39:0b:c8:03:87:8c:9d:9d:05:01:2d:66:4e:3f:e1:a4:
8e:38:9f:18:e8:6d:d3:4b:a7:40:f3:30:30:6a:0b:48:ca:c0:
38:43:46:a1:40:ee:3f:1b:8f:ed:17:d9:9e:8b:fe:a3:18:8f:
9a:28:6c:3b:e1:0c:81:5c:7c:d6:e3:ff:6a:44:4a:cc:82:a8:
0a:bf:10:91:11:9d:f8:23:1f:18:9a:75:09:92:a6:ef:d6:c7:
80:b3:f8:de:54:d2:92:b5:e6:c2:cd:cd:9a:4f:d3:2c:f9:69:
0f:27:5d:24:35:69:fb:b9:8f:7f:3b:67:00:d5:e7:43:0d:f3:
90:a8:3b:ce:25:2e:bd:c3:10:93:b1:c5:63:3f:33:1b:d3:61:
30:a6:6b:db:0d:87:bc:ca:ce:b2:08:3a:34:e9:07:b1:31:eb:
7d:4d:0b:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITS2oylyETIJdaiFAydBgpn7RWYjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDQyNTE4MjEyM1oXDTI1MDUzMDIzNTk1OVowejFJMEcGA1UE
BRNAOTc4NDhlZDhkNzY5Yzc0ODRhNWU1YzNlNmFmMGU4MGZhODk5MjNiN2ViZDMw
MzA5ZjlhNTM4OGQ4NGM4Yjg5ODEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt/ZJcuGa7Uug8O+1cNVbRAXpaU/lnUHVbG00DOBB7/wgT/mo2XYFBw0oCADz
/bQZPRcFxXqcJXx2I56JrHS0jWRATm+3X0HLF8ED3uLxKgItloQydGL23FyPFt9h
qBllaVkV+N01Q12L5s0wwb/8uEg+R8C/QKoxGpfgc4mSxAGpyYEJNAaLZrAXRAj2
5fNipf7D8npCwXjcheOpGisn057nBM2x6/qF0ZSRrbneUTGuGcC3ggnJQ5rGkIhX
E9bxuJFQbXIdW8VYAVxNPY/yfEz3S0muDGwBsyU3krrQ5OFapFbaWzZUOR09RGE2
DTtUHWdfxgGfBsUs2SQUD1k/awIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFHVSk4Z7
YVI9ys0L01vSP9tFfIY1MB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9l
MjBhZmI5OC1mM2ZiLTQ1YzItOTM5OC02NTEyOWI4ODc0ZjAucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgXQMeDA
MA0GCSqGSIb3DQEBCwUAA4IBAQB7bISG4Nxt5HHQXKZ9s/hsLFBfI/QftrbHRtgI
DbNFSds2Pm93rh0XKi7vn/JUIkcdV6Nym3t+BAt1ijPcg2sW0FDxUBLAgXQNW1bA
9dS3HcxGom13L0etFRAhkzkLyAOHjJ2dBQEtZk4/4aSOOJ8Y6G3TS6dA8zAwagtI
ysA4Q0ahQO4/G4/tF9mei/6jGI+aKGw74QyBXHzW4/9qRErMgqgKvxCREZ34Ix8Y
mnUJkqbv1seAs/jeVNKStebCzc2aT9Ms+WkPJ10kNWn7uY9/O2cA1edDDfOQqDvO
JS69wxCTscVjPzMb02EwpmvbDYe8ys6yCDo06QexMet9TQu2
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:17 2025 by rpki-client