Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
File: e5179068-cbcf-4f9a-864d-3c97430c84f4.roa (raw, json)
Hash identifier: OsQukhZlokUamLN7kBeryfjBc3cLWE2WokYdrxarv9o=
Subject key identifier: 17:24:D1:84:55:28:F2:64:BF:8C:95:65:B3:BB:95:7D:FA:55:E2:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35640F61CE129CBE50881509467AB6B35C072C5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
Signing time: Fri 25 Apr 2025 20:20:46 +0000
ROA not before: Fri 25 Apr 2025 20:20:46 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:64:0f:61:ce:12:9c:be:50:88:15:09:46:7a:b6:b3:5c:07:2c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:46 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=afdc490682c7ae4faefdff2622fd3819af00001d31824b91676e74416c5039c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3c:3b:bd:0a:9e:b1:e7:9f:91:a3:df:44:33:
dc:fa:51:87:17:80:db:99:35:6f:f4:5a:67:ee:99:
73:df:d4:41:bd:14:58:68:89:09:7d:6e:3c:d1:88:
67:8e:d6:d7:89:68:ee:b4:cf:f6:86:db:4a:80:5a:
16:ee:78:2c:87:ec:aa:2f:1c:4b:b1:58:97:cc:ad:
a9:54:ac:4b:9d:c5:d3:c0:86:f0:be:42:da:1a:06:
60:95:13:36:2b:34:d5:6c:5f:91:6c:80:32:cc:6b:
83:bf:ea:0a:4e:d2:95:eb:24:e6:f1:b4:a0:7a:a2:
f2:45:61:cb:7f:4c:88:24:2f:70:6c:47:72:c5:96:
eb:c8:57:2b:90:d5:11:42:6c:80:e0:ac:de:4b:ea:
b8:f3:6d:9b:c9:8f:a7:59:30:46:fa:87:65:71:17:
e7:0e:01:be:9d:bc:31:6f:b5:ba:d8:c7:aa:8a:71:
40:8f:52:80:09:b2:57:97:e2:92:1d:7c:b3:5f:9e:
cd:bb:63:d9:9a:69:81:b4:94:40:b9:c8:16:0f:87:
a6:a0:16:70:d0:60:7b:e0:83:5c:3a:8c:24:38:d7:
ca:56:c1:b5:bd:c8:7c:cb:f4:fe:f8:aa:88:e5:1f:
34:0e:d4:e6:a0:31:a8:4b:13:e2:8b:0a:3f:84:9c:
ff:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:24:D1:84:55:28:F2:64:BF:8C:95:65:B3:BB:95:7D:FA:55:E2:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/38
Signature Algorithm: sha256WithRSAEncryption
be:ed:0c:a2:82:ec:ca:00:2f:21:ae:5b:a0:8f:32:6a:57:83:
bd:03:c0:f4:ed:96:92:50:2b:28:d8:ec:75:60:d9:7f:03:c8:
85:6f:5b:62:c9:27:d1:bc:d7:51:9d:0a:e6:a7:ce:3f:a8:10:
a1:6d:08:c5:be:fe:69:ed:29:8e:c7:d3:98:5e:ab:7f:85:6e:
11:40:44:78:a2:0d:90:9b:e2:04:b5:5d:df:58:56:52:ce:cf:
a2:3c:18:d7:74:b9:a1:62:c4:7f:32:6c:85:1f:30:3f:12:30:
69:93:b2:fc:e3:a0:f2:32:e3:a3:07:3a:e2:bb:a0:93:71:b4:
0c:d6:34:c2:43:0e:fc:34:c6:b2:47:1d:c8:cd:14:58:82:28:
73:4a:47:1c:2f:28:49:e2:cc:8d:0a:79:0d:bc:9a:1c:86:a9:
3b:96:81:b1:52:5f:23:cd:ef:01:48:ae:ab:b1:62:29:4c:aa:
dd:d7:f3:91:97:12:c0:76:76:b9:d5:0d:1a:1f:4c:b4:81:d1:
1d:ea:35:84:5f:35:de:d6:fd:9a:65:31:74:6e:6a:40:c1:26:
55:ec:8c:e0:46:fc:f2:25:24:e3:76:c2:3e:c5:01:f0:ea:69:
c4:47:b3:94:22:93:28:d4:0a:5e:d0:2e:78:a7:93:31:c4:46:
61:40:36:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNWQPYc4SnL5QiBUJRnq2s1wHLFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwNDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZGM0OTA2ODJjN2FlNGZhZWZkZmYyNjIyZmQzODE5YWYwMDAwMWQzMTgy
NGI5MTY3NmU3NDQxNmM1MDM5YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJE8O70KnrHnn5Gj30Qz3PpRhxeA25k1b/RaZ+6Zc9/UQb0UWGiJCX1uPNGI
Z47W14lo7rTP9obbSoBaFu54LIfsqi8cS7FYl8ytqVSsS53F08CG8L5C2hoGYJUT
Nis01WxfkWyAMsxrg7/qCk7Slesk5vG0oHqi8kVhy39MiCQvcGxHcsWW68hXK5DV
EUJsgOCs3kvquPNtm8mPp1kwRvqHZXEX5w4Bvp28MW+1utjHqopxQI9SgAmyV5fi
kh18s1+ezbtj2ZppgbSUQLnIFg+HpqAWcNBge+CDXDqMJDjXylbBtb3IfMv0/viq
iOUfNA7U5qAxqEsT4osKP4Sc/+8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXJNGE
VSjyZL+MlWWzu5V9+lXiQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUxNzkwNjgtY2JjZi00ZjlhLTg2NGQtM2M5NzQzMGM4NGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQC+7QyiguzKAC8hrlugjzJqV4O9A8D07ZaSUCso
2Ox1YNl/A8iFb1tiySfRvNdRnQrmp84/qBChbQjFvv5p7SmOx9OYXqt/hW4RQER4
og2Qm+IEtV3fWFZSzs+iPBjXdLmhYsR/MmyFHzA/EjBpk7L846DyMuOjBzriu6CT
cbQM1jTCQw78NMayRx3IzRRYgihzSkccLyhJ4syNCnkNvJochqk7loGxUl8jze8B
SK6rsWIpTKrd1/ORlxLAdna51Q0aH0y0gdEd6jWEXzXe1v2aZTF0bmpAwSZV7Izg
RvzyJSTjdsI+xQHw6mnER7OUIpMo1Ape0C54p5MxxEZhQDYc
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:16 2025 by rpki-client