Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
File: e279c5e7-6144-440a-9f1d-2013fb96d06a.roa (raw, json)
Hash identifier: FxkFPEnb4VOWGqjPbNhq228j0T35Ffnirdlsx/R4Zas=
Subject key identifier: C9:9F:73:04:15:C1:92:DB:4B:86:B4:29:01:69:82:0C:56:CD:88:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14E79343C97173893824C520C1550269B23C04BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
Signing time: Fri 25 Apr 2025 19:51:43 +0000
ROA not before: Fri 25 Apr 2025 19:51:43 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:e7:93:43:c9:71:73:89:38:24:c5:20:c1:55:02:69:b2:3c:04:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:43 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9c01a096e0985c1ae39118e3cd5dae3e7f2f8d2474f480b739d10004f61893ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9c:dd:a1:95:3d:37:54:4d:95:1b:bc:bd:32:
5d:82:d9:ae:d0:5a:97:f9:c3:bf:a5:eb:f8:9c:db:
3b:68:b6:c5:87:69:fc:51:31:ee:78:49:e8:05:25:
8f:b6:ac:96:c5:e2:6e:eb:bf:70:5a:fa:ce:a6:b0:
6f:70:bf:87:ed:e9:16:43:11:49:a5:78:b5:ec:ad:
6e:53:c8:4f:ca:d3:d2:c6:0e:d6:73:55:a3:24:77:
47:63:39:f2:7a:a7:80:46:30:7d:d4:82:89:c5:37:
62:b2:e9:31:76:38:f3:c3:fa:91:1e:3e:90:bb:3a:
4f:e2:65:c7:74:d7:4d:ee:eb:88:fb:38:48:c3:98:
6a:3d:9f:19:63:ba:41:70:4a:6e:f9:67:6e:fb:a4:
72:37:08:73:4c:ca:18:d3:e6:5e:7e:e6:7b:a7:96:
13:7c:4e:14:99:25:38:c4:f9:f9:74:e5:b1:ec:fb:
c6:87:f7:95:69:00:42:c7:2a:8a:b0:c4:fe:50:c5:
e9:a3:71:04:ef:13:96:43:57:cb:4a:43:a9:73:52:
67:84:69:2a:55:35:2c:4f:1b:96:1f:f2:d4:3e:0c:
3f:95:3c:7e:b7:1b:66:fc:b3:06:5e:61:88:de:b1:
84:de:dc:e4:42:1d:ba:92:90:b1:70:dc:4f:35:db:
9a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:9F:73:04:15:C1:92:DB:4B:86:B4:29:01:69:82:0C:56:CD:88:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:2000::/40
Signature Algorithm: sha256WithRSAEncryption
17:e3:54:45:3d:fe:0d:13:b3:b1:37:09:62:02:69:0e:69:87:
e6:43:18:2b:64:ca:9d:7c:4c:cd:7d:3b:b0:c2:76:ba:5c:30:
7f:9d:ae:4d:99:2f:76:69:cd:1c:9c:7f:ea:55:ee:ab:0e:d7:
e1:cd:52:12:94:b4:71:57:ca:3d:f7:3f:58:e0:3c:87:9c:8c:
c2:30:e5:2f:e8:b4:78:8a:71:60:98:d6:35:2d:5f:ea:fa:9e:
56:97:0b:7c:fa:6c:a7:8d:75:06:ef:40:b7:ea:18:fb:e0:da:
ba:5a:16:6e:16:94:cf:3e:20:fb:47:0e:de:84:87:42:02:3b:
1b:8e:b8:74:37:2b:d4:f3:22:27:83:03:9d:e0:e7:97:ed:a0:
19:06:0d:09:0b:34:90:67:57:34:9a:f4:ae:37:44:44:50:1e:
14:05:c6:2d:87:c1:33:1b:da:f4:c2:4e:33:2c:39:e2:be:4b:
8e:fc:d2:f4:fc:98:ac:99:ba:91:1f:e6:61:52:ad:0f:0f:ae:
1e:3c:4b:3a:43:72:32:60:08:fc:54:a6:90:a2:b2:20:44:92:
84:1b:20:e1:0a:db:e6:b2:52:5d:b8:95:8d:41:82:e1:c1:7d:
bf:81:8b:2b:6b:d6:19:78:da:29:2e:55:05:04:a3:13:9b:14:
a0:e5:39:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFOeTQ8lxc4k4JMUgwVUCabI8BLswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxNDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDljMDFhMDk2ZTA5ODVjMWFlMzkxMThlM2NkNWRhZTNlN2YyZjhkMjQ3NGY0
ODBiNzM5ZDEwMDA0ZjYxODkzZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2c3aGVPTdUTZUbvL0yXYLZrtBal/nDv6Xr+JzbO2i2xYdp/FEx7nhJ6AUl
j7aslsXibuu/cFr6zqawb3C/h+3pFkMRSaV4teytblPIT8rT0sYO1nNVoyR3R2M5
8nqngEYwfdSCicU3YrLpMXY488P6kR4+kLs6T+Jlx3TXTe7riPs4SMOYaj2fGWO6
QXBKbvlnbvukcjcIc0zKGNPmXn7me6eWE3xOFJklOMT5+XTlsez7xof3lWkAQscq
irDE/lDF6aNxBO8TlkNXy0pDqXNSZ4RpKlU1LE8blh/y1D4MP5U8frcbZvyzBl5h
iN6xhN7c5EIdupKQsXDcTzXbmjMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJn3ME
FcGS20uGtCkBaYIMVs2I1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTI3OWM1ZTctNjE0NC00NDBhLTlmMWQtMjAxM2ZiOTZkMDZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIg
MA0GCSqGSIb3DQEBCwUAA4IBAQAX41RFPf4NE7OxNwliAmkOaYfmQxgrZMqdfEzN
fTuwwna6XDB/na5NmS92ac0cnH/qVe6rDtfhzVISlLRxV8o99z9Y4DyHnIzCMOUv
6LR4inFgmNY1LV/q+p5Wlwt8+mynjXUG70C36hj74Nq6WhZuFpTPPiD7Rw7ehIdC
Ajsbjrh0NyvU8yIngwOd4OeX7aAZBg0JCzSQZ1c0mvSuN0REUB4UBcYth8EzG9r0
wk4zLDnivkuO/NL0/JismbqRH+ZhUq0PD64ePEs6Q3IyYAj8VKaQorIgRJKEGyDh
CtvmslJduJWNQYLhwX2/gYsra9YZeNopLlUFBKMTmxSg5Tly
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:28 2025 by rpki-client