Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
File: ed0f44c7-c286-45c9-9156-5644f580ab41.roa (raw, json)
Hash identifier: vIzUSByyzP5frGwIKiGxuA++2n+9iyFyJezppx/IjmM=
Subject key identifier: 80:4A:D4:5F:D6:50:39:1C:1A:99:44:9F:BE:B5:51:DB:F3:EE:54:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7278479D80ECE279B264533927EB715166D4DDA8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
Signing time: Fri 25 Apr 2025 20:00:57 +0000
ROA not before: Fri 25 Apr 2025 20:00:57 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:78:47:9d:80:ec:e2:79:b2:64:53:39:27:eb:71:51:66:d4:dd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:00:57 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=00ddfeada61afb85a51164e33fcc1eb07b9b81f8865babf9193fa1c7d986be7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f5:36:88:20:91:ae:6c:c2:a1:b3:bc:70:cb:
8a:16:20:72:d8:c6:10:97:ff:04:d8:01:26:c6:74:
80:28:7b:4a:0b:5f:4a:7d:9f:0a:d5:be:f8:74:99:
73:cc:01:c8:51:24:39:ec:87:5e:f0:7c:7c:3d:6c:
7b:77:7a:5b:b7:d0:a4:2c:14:60:3a:c2:00:a6:ae:
6e:ed:86:ca:3a:e5:6e:9e:b2:a4:34:f2:8e:17:de:
1e:cb:66:ca:e4:2c:00:35:d3:30:82:95:5a:59:6b:
d8:5c:cc:9e:68:ec:9b:45:e7:7d:c4:a6:ed:f2:8e:
86:53:52:b8:db:66:7f:8d:35:01:4e:03:30:7a:be:
93:4d:44:4b:75:24:52:38:c2:6a:4f:17:0f:73:14:
41:6a:b4:a2:19:1f:35:1a:82:0b:7a:18:1f:a4:94:
0e:33:42:87:ed:d9:72:bc:9b:54:17:b2:bc:eb:56:
e0:9c:39:70:51:de:51:d7:11:7a:23:67:79:0a:2d:
20:67:e3:01:4c:05:3d:20:f7:64:b1:34:ce:47:5a:
3f:e5:6b:10:3e:46:8b:da:11:db:50:71:a6:9c:76:
3a:1f:0a:a7:a1:49:c7:6a:5e:85:0f:66:54:9f:ef:
5c:fa:5c:16:d3:02:75:62:81:bf:25:4e:39:7a:d5:
32:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4A:D4:5F:D6:50:39:1C:1A:99:44:9F:BE:B5:51:DB:F3:EE:54:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:b000::/40
Signature Algorithm: sha256WithRSAEncryption
6e:4a:76:e3:aa:8c:8a:15:b6:89:95:2f:31:d0:e5:1b:c3:f1:
85:c5:1b:99:bb:e6:35:7e:d3:af:1a:08:d8:f0:d1:05:48:8c:
b7:eb:9f:0f:57:1b:41:99:e1:74:70:d2:bd:c8:91:58:e3:dd:
48:57:69:25:41:6b:32:7c:b9:00:92:f6:e2:d4:fa:63:cb:2d:
1f:ee:ad:ea:d3:31:43:a9:19:fe:63:39:c2:83:74:f6:72:74:
b2:8b:ee:69:fc:ee:dd:68:32:68:08:8d:5d:4f:39:e5:22:fe:
5c:48:9c:92:4f:98:13:3a:77:d6:da:bd:39:3e:7a:7d:81:5e:
d8:bd:30:e9:fd:2a:b5:b0:49:b6:6a:9f:4e:8b:f9:5d:b8:06:
b5:ff:bb:21:b6:fe:de:f0:42:90:2f:4b:1e:4c:61:f9:e2:cc:
6f:e5:70:00:25:04:a7:f0:6f:4c:1f:8e:77:a5:9d:6c:1c:7f:
bb:81:4c:0e:b0:4d:c9:b1:1d:5e:99:d2:64:ff:e6:41:a4:e0:
54:c6:7c:03:c8:ec:ae:8d:1f:6e:0c:c6:ff:d7:d4:3b:34:e4:
c5:a8:c1:84:46:e0:4c:a1:4b:c7:4b:84:9d:53:64:5a:91:fe:
01:f0:6c:db:4d:3e:8a:d8:4f:d9:01:71:82:d5:59:66:e3:f6:
5c:43:5d:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcnhHnYDs4nmyZFM5J+txUWbU3agwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAwNTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwZGRmZWFkYTYxYWZiODVhNTExNjRlMzNmY2MxZWIwN2I5YjgxZjg4NjVi
YWJmOTE5M2ZhMWM3ZDk4NmJlN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMD1Noggka5swqGzvHDLihYgctjGEJf/BNgBJsZ0gCh7SgtfSn2fCtW++HSZ
c8wByFEkOeyHXvB8fD1se3d6W7fQpCwUYDrCAKaubu2Gyjrlbp6ypDTyjhfeHstm
yuQsADXTMIKVWllr2FzMnmjsm0XnfcSm7fKOhlNSuNtmf401AU4DMHq+k01ES3Uk
UjjCak8XD3MUQWq0ohkfNRqCC3oYH6SUDjNCh+3ZcrybVBeyvOtW4Jw5cFHeUdcR
eiNneQotIGfjAUwFPSD3ZLE0zkdaP+VrED5Gi9oR21Bxppx2Oh8Kp6FJx2pehQ9m
VJ/vXPpcFtMCdWKBvyVOOXrVMgsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAStRf
1lA5HBqZRJ++tVHb8+5UCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQwZjQ0YzctYzI4Ni00NWM5LTkxNTYtNTY0NGY1ODBhYjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fiw
MA0GCSqGSIb3DQEBCwUAA4IBAQBuSnbjqoyKFbaJlS8x0OUbw/GFxRuZu+Y1ftOv
GgjY8NEFSIy3658PVxtBmeF0cNK9yJFY491IV2klQWsyfLkAkvbi1Ppjyy0f7q3q
0zFDqRn+YznCg3T2cnSyi+5p/O7daDJoCI1dTznlIv5cSJyST5gTOnfW2r05Pnp9
gV7YvTDp/Sq1sEm2ap9Oi/lduAa1/7shtv7e8EKQL0seTGH54sxv5XAAJQSn8G9M
H453pZ1sHH+7gUwOsE3JsR1emdJk/+ZBpOBUxnwDyOyujR9uDMb/19Q7NOTFqMGE
RuBMoUvHS4SdU2Rakf4B8GzbTT6K2E/ZAXGC1Vlm4/ZcQ11s
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:11 2025 by rpki-client