Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
File: fbd3a3af-f307-4148-9e34-70199540a838.roa (raw, json)
Hash identifier: iv5HbLyr4qUgMUpPuNzEk6/yp6HyRKCWbnfKvmuaab4=
Subject key identifier: E8:E9:43:61:81:56:BB:26:8B:A5:17:03:4D:DA:A8:37:9F:EB:BD:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DB6620DCDDCF6976F237FD4C827DE66CCDE0215
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
Signing time: Fri 25 Apr 2025 18:51:19 +0000
ROA not before: Fri 25 Apr 2025 18:51:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:b6:62:0d:cd:dc:f6:97:6f:23:7f:d4:c8:27:de:66:cc:de:02:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f04dd29984f4d357ca29488d710411b4631e6dc53e4bbbb9df36a8add2587f91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a2:4d:01:89:14:1c:59:b8:5d:ab:a8:e3:69:
86:46:91:82:71:bd:88:c0:95:dd:6b:1d:9b:bf:e6:
42:3f:9a:25:d0:6d:45:15:9b:35:ba:6a:ae:6e:8c:
25:a2:12:7e:c4:d2:73:cd:09:74:57:4a:32:d9:2f:
52:b5:f6:e0:3d:da:15:18:d6:d3:74:35:aa:8a:f5:
1b:1e:a9:6e:22:32:8b:9e:37:1c:c3:b5:69:0a:81:
c6:5f:06:0c:49:18:e2:38:54:d7:5a:e5:fe:a4:ea:
ed:fc:79:8c:c6:52:ed:cc:f3:49:fc:d8:24:9b:bf:
1c:4c:7d:24:41:71:17:c9:13:f2:e6:4c:c7:7b:f1:
e1:eb:7d:95:64:8b:95:3e:88:b0:35:a3:26:b1:ae:
09:39:73:00:bb:34:3e:16:be:28:60:3d:92:d9:1f:
be:40:61:ec:a3:52:09:e9:2c:0c:f0:00:a3:93:d3:
cd:81:89:52:ce:f0:d4:a0:a4:01:10:37:41:26:81:
45:ea:41:e4:c0:2a:b2:4a:fe:e7:6d:ec:6d:1f:3e:
d4:3d:08:cf:ea:f0:69:c8:c8:75:59:64:66:16:5a:
59:b4:b1:33:32:ed:9d:95:90:f7:fd:22:9e:02:b1:
85:a9:38:97:04:de:a9:bd:91:40:d2:de:85:1b:5b:
66:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E9:43:61:81:56:BB:26:8B:A5:17:03:4D:DA:A8:37:9F:EB:BD:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:02:a5:52:a7:3b:89:ef:ad:3d:62:71:62:75:21:4f:5a:45:
be:06:56:e5:42:5c:22:77:a6:b0:72:56:7b:e9:34:7b:75:02:
fa:8a:c1:74:cb:86:20:2a:21:fb:65:0e:2f:83:d8:6d:fd:e3:
9e:4c:be:4a:1e:f6:cb:41:20:c8:fa:f6:5f:a1:07:93:62:c5:
c9:14:90:18:13:32:fa:8c:6c:e5:cd:54:6e:58:a8:05:5b:77:
cb:cc:f3:9e:d7:6c:2f:54:a9:3c:9e:14:a4:b1:55:95:72:5c:
07:c1:ed:0d:38:31:22:68:85:e1:f4:ce:35:19:9c:ac:78:73:
b4:08:49:38:35:da:46:61:79:e0:20:49:33:88:46:8d:f6:f3:
fb:57:61:a2:f2:6f:f1:2e:46:86:56:45:c4:56:66:d8:eb:92:
d0:39:e9:57:7f:98:37:02:d6:93:50:74:28:94:6d:af:6a:77:
c5:d7:c1:90:dd:e0:03:89:ee:c2:7d:d9:17:1c:4b:46:42:81:
f1:6c:64:54:3c:0d:60:25:52:ea:28:69:52:03:bf:c5:e6:89:
d6:d8:c7:d1:fd:9f:a0:d3:5d:ce:0e:3e:2d:13:e4:28:db:2a:
12:e5:5d:b9:82:9e:96:87:42:d8:4c:dc:d0:fd:95:5a:cb:69:
66:7f:cb:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXbZiDc3c9pdvI3/UyCfeZszeAhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwNGRkMjk5ODRmNGQzNTdjYTI5NDg4ZDcxMDQxMWI0NjMxZTZkYzUzZTRi
YmJiOWRmMzZhOGFkZDI1ODdmOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyiTQGJFBxZuF2rqONphkaRgnG9iMCV3Wsdm7/mQj+aJdBtRRWbNbpqrm6M
JaISfsTSc80JdFdKMtkvUrX24D3aFRjW03Q1qor1Gx6pbiIyi543HMO1aQqBxl8G
DEkY4jhU11rl/qTq7fx5jMZS7czzSfzYJJu/HEx9JEFxF8kT8uZMx3vx4et9lWSL
lT6IsDWjJrGuCTlzALs0Pha+KGA9ktkfvkBh7KNSCeksDPAAo5PTzYGJUs7w1KCk
ARA3QSaBRepB5MAqskr+523sbR8+1D0Iz+rwacjIdVlkZhZaWbSxMzLtnZWQ9/0i
ngKxhak4lwTeqb2RQNLehRtbZocCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTo6UNh
gVa7JoulFwNN2qg3n+u93zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmJkM2EzYWYtZjMwNy00MTQ4LTllMzQtNzAxOTk1NDBhODM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Diw
MA0GCSqGSIb3DQEBCwUAA4IBAQAOAqVSpzuJ7609YnFidSFPWkW+BlblQlwid6aw
clZ76TR7dQL6isF0y4YgKiH7ZQ4vg9ht/eOeTL5KHvbLQSDI+vZfoQeTYsXJFJAY
EzL6jGzlzVRuWKgFW3fLzPOe12wvVKk8nhSksVWVclwHwe0NODEiaIXh9M41GZys
eHO0CEk4NdpGYXngIEkziEaN9vP7V2Gi8m/xLkaGVkXEVmbY65LQOelXf5g3AtaT
UHQolG2vanfF18GQ3eADie7CfdkXHEtGQoHxbGRUPA1gJVLqKGlSA7/F5onW2MfR
/Z+g013ODj4tE+Qo2yoS5V25gp6Wh0LYTNzQ/ZVay2lmf8vd
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:37 2025 by rpki-client