Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5a32444-87c2-4f23-8d55-f6b0929e3941.roa
File: f5a32444-87c2-4f23-8d55-f6b0929e3941.roa (raw, json)
Hash identifier: N9dfHICCLuQd+fzkOz37LfBrRTNBeeyrdFXJzW/MJz4=
Subject key identifier: 6D:C0:F7:B9:57:68:D6:62:A1:39:3F:D2:65:6C:54:DA:38:DE:60:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 028C0401C3894B16787A32488AD2930167C1207D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5a32444-87c2-4f23-8d55-f6b0929e3941.roa
Signing time: Thu 17 Apr 2025 20:36:48 +0000
ROA not before: Thu 17 Apr 2025 20:36:48 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:8c:04:01:c3:89:4b:16:78:7a:32:48:8a:d2:93:01:67:c1:20:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:48 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=c3f79654888a2e842061f432c62dd32ea768fd80ea801db61b1f655b24a46edc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d2:d0:5a:87:54:6e:0d:0a:8c:f2:67:50:a2:
b8:9a:7e:ae:c8:c7:72:d7:d1:c0:31:60:84:18:3e:
d9:cf:f1:93:83:aa:6f:b3:1f:20:63:2c:ae:27:1b:
57:80:1a:6e:8d:ec:70:41:ff:02:c1:59:81:c9:b7:
da:0b:9e:84:c5:40:51:d1:91:6e:7c:e9:0c:0f:0f:
30:dc:e7:75:40:55:1b:4a:fa:e1:4a:a8:7b:e7:db:
68:39:50:59:c9:2d:84:bf:e9:e3:14:ed:21:08:97:
2b:99:8b:27:b8:aa:bc:0f:0b:ca:7b:f0:84:52:87:
5e:3f:1b:e8:38:d0:3c:d0:ff:3f:47:70:59:d4:a8:
6e:9b:0d:40:cf:4b:03:39:80:c0:0d:27:c1:bf:da:
5a:f5:ce:56:fe:1e:a2:cb:3d:fe:5e:14:42:a7:a9:
c7:30:b1:e7:5e:40:e4:27:9e:ca:1a:36:40:d2:2f:
4f:dc:ad:e5:37:0c:16:f7:c2:35:f9:15:40:f9:d3:
c9:92:5d:ad:0e:fc:08:82:db:f3:5a:2e:c9:9d:31:
63:75:94:a2:9c:5b:38:9f:68:0b:6a:c3:ae:d2:4a:
0e:86:7b:b5:88:f2:92:9f:56:77:b4:41:9b:f6:58:
6c:cf:ff:6e:ba:b1:37:b8:e7:76:59:a9:3a:86:55:
45:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C0:F7:B9:57:68:D6:62:A1:39:3F:D2:65:6C:54:DA:38:DE:60:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5a32444-87c2-4f23-8d55-f6b0929e3941.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
74:c4:27:29:a9:c5:00:bf:85:25:fd:3c:72:7a:88:c5:b8:be:
93:dc:7b:bd:9b:65:af:ba:d5:da:33:b1:53:e2:dc:76:be:d2:
42:2b:72:6e:19:70:55:0b:38:7e:a5:0c:51:21:40:72:03:15:
02:72:6b:77:e8:49:1d:49:f9:1c:aa:8f:f4:88:3e:4f:76:ea:
1f:2a:4d:77:43:fe:e9:0b:04:c8:9f:b9:9e:9b:95:af:33:16:
7a:be:12:d6:11:50:02:a6:ee:0b:f5:0e:48:d6:79:b4:3a:ab:
23:8c:e0:34:77:3b:3e:80:4b:69:77:9c:fb:1c:90:9c:78:d7:
a5:9d:77:51:46:f7:9f:15:4b:09:89:aa:29:9b:61:bb:a7:c0:
a9:bf:65:fe:52:8b:38:6f:2f:ae:4e:e5:fa:b3:eb:d7:ba:06:
25:36:07:db:53:58:2b:88:af:27:03:06:ec:8d:7b:02:ac:67:
b6:1e:da:9a:7f:f5:ad:0c:da:32:8e:af:a1:ac:2b:44:08:63:
23:03:8b:26:a4:52:4c:6d:f3:bb:f0:09:1b:3e:e6:69:31:87:
21:99:ad:97:a8:71:80:7b:d8:37:b8:d2:26:c6:3d:0c:6c:d6:
d3:72:0d:43:e1:09:6a:aa:5a:27:ae:dd:36:83:e8:f7:30:31:
8e:9e:d2:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAowEAcOJSxZ4ejJIitKTAWfBIH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NDhaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzZjc5NjU0ODg4YTJlODQyMDYxZjQzMmM2MmRkMzJlYTc2OGZkODBlYTgw
MWRiNjFiMWY2NTViMjRhNDZlZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDS0FqHVG4NCozyZ1CiuJp+rsjHctfRwDFghBg+2c/xk4Oqb7MfIGMsricb
V4Aabo3scEH/AsFZgcm32guehMVAUdGRbnzpDA8PMNzndUBVG0r64Uqoe+fbaDlQ
WckthL/p4xTtIQiXK5mLJ7iqvA8LynvwhFKHXj8b6DjQPND/P0dwWdSobpsNQM9L
AzmAwA0nwb/aWvXOVv4eoss9/l4UQqepxzCx515A5Ceeyho2QNIvT9yt5TcMFvfC
NfkVQPnTyZJdrQ78CILb81ouyZ0xY3WUopxbOJ9oC2rDrtJKDoZ7tYjykp9Wd7RB
m/ZYbM//brqxN7jndlmpOoZVRSsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtwPe5
V2jWYqE5P9JlbFTaON5gfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVhMzI0NDQtODdjMi00ZjIzLThkNTUtZjZiMDkyOWUzOTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FtA
MA0GCSqGSIb3DQEBCwUAA4IBAQB0xCcpqcUAv4Ul/TxyeojFuL6T3Hu9m2WvutXa
M7FT4tx2vtJCK3JuGXBVCzh+pQxRIUByAxUCcmt36EkdSfkcqo/0iD5PduofKk13
Q/7pCwTIn7mem5WvMxZ6vhLWEVACpu4L9Q5I1nm0OqsjjOA0dzs+gEtpd5z7HJCc
eNelnXdRRvefFUsJiaopm2G7p8Cpv2X+Uos4by+uTuX6s+vXugYlNgfbU1griK8n
AwbsjXsCrGe2Htqaf/WtDNoyjq+hrCtECGMjA4smpFJMbfO78AkbPuZpMYchma2X
qHGAe9g3uNImxj0MbNbTcg1D4Qlqqlonrt02g+j3MDGOntKn
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:08 2025 by rpki-client