Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
File: 03f51c56-79aa-48ca-895c-790a431bbd73.roa (raw, json)
Hash identifier: ARV3u6YY+W5hVtPLGEU8hIIio+2FfKi9w+Kr42z0wYY=
Subject key identifier: 86:BD:E4:5E:A1:81:A6:CF:85:9A:C9:71:15:B6:27:65:C5:E8:4E:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C844FD7CC14A1C763ED5C19E823DA8564EDC3CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
Signing time: Mon 21 Apr 2025 18:40:36 +0000
ROA not before: Mon 21 Apr 2025 18:40:36 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:84:4f:d7:cc:14:a1:c7:63:ed:5c:19:e8:23:da:85:64:ed:c3:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:36 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=b36d9fd4245905f9d7ac521ad1ba4b476617977c9167c8be0c288d09bdcbd182, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3e:02:ca:f8:30:33:9e:06:6d:91:ca:76:c8:
8f:f2:a4:c7:2a:97:78:15:ac:0e:bc:9f:8f:49:41:
3c:01:90:bd:05:a6:34:eb:42:a8:a8:7d:d5:e2:2f:
35:93:a8:d8:66:c0:f4:4e:0f:e6:c8:64:90:37:80:
b2:94:11:ad:f5:2a:d4:1c:0d:c7:d3:58:14:e8:54:
11:e5:1c:55:b4:36:8a:99:ce:7e:1f:14:1d:1e:6a:
43:44:24:2b:e2:35:9e:5c:c4:4b:61:71:7e:94:08:
f2:95:e0:28:95:c5:70:fe:c8:e4:cf:bf:34:d3:05:
06:30:7c:33:97:9c:7b:3d:6b:49:f2:bb:f8:4e:a6:
86:44:24:39:3f:9b:88:20:4d:05:4d:2d:ec:59:31:
9e:06:a2:b3:b0:3f:70:51:5a:68:9c:d3:65:c0:98:
5a:eb:2f:be:60:eb:23:87:22:fe:9b:f3:d8:4f:f3:
66:99:d5:35:86:67:35:4d:f5:28:77:89:8a:4b:3b:
aa:29:98:78:d8:e7:d6:dc:73:e4:bf:e1:c7:d1:2a:
f0:13:e9:e0:b1:b8:ad:2b:48:b3:5c:19:c0:6b:f5:
15:c9:45:b2:5d:9e:89:0a:1b:c0:ea:a0:df:33:2a:
94:9c:7f:7d:a3:e9:3b:9a:db:16:33:c8:f9:53:cf:
4c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BD:E4:5E:A1:81:A6:CF:85:9A:C9:71:15:B6:27:65:C5:E8:4E:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:800::/40
Signature Algorithm: sha256WithRSAEncryption
c1:96:b0:f3:68:69:e4:29:b3:78:26:06:92:e4:55:38:fb:cd:
a7:a2:6c:bd:a1:3d:3b:6a:f5:89:ae:12:68:f1:92:bf:20:c5:
f7:7d:76:84:28:4e:0d:84:2b:cd:d0:23:7d:1b:66:08:0b:49:
2a:5a:12:ff:d8:67:bd:b1:ad:1e:c4:45:27:4c:0e:fe:3a:20:
e5:97:2f:41:78:59:83:18:5c:d9:28:47:64:30:7a:30:e0:eb:
58:b4:35:9e:72:c6:fd:67:d5:20:fc:e8:9f:25:68:71:2d:d9:
ff:58:dc:11:e6:99:33:42:28:4c:21:38:23:07:75:f8:5e:b2:
5c:dd:bd:bc:5a:6b:68:9f:dd:6f:c8:d0:f2:b0:b3:e9:82:f9:
60:01:a3:c0:ec:c9:90:ff:be:3e:da:25:bd:5c:00:73:46:9b:
e9:81:f9:52:22:68:00:be:43:a0:bf:e8:c3:c1:9a:dd:89:06:
02:66:73:3a:87:97:fb:cb:2f:5c:be:e2:be:ff:98:9a:c3:25:
44:37:c6:18:6a:76:db:6f:ba:7e:56:20:d1:6d:75:41:ee:60:
ac:cd:cd:95:43:ae:ba:97:8a:24:37:89:75:e8:91:e7:1c:c3:
be:85:c7:2d:a0:4f:59:da:e4:7a:37:69:1c:83:34:e8:68:29:
09:36:2a:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDIRP18wUocdj7VwZ6CPahWTtw88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMzZaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNmQ5ZmQ0MjQ1OTA1ZjlkN2FjNTIxYWQxYmE0YjQ3NjYxNzk3N2M5MTY3
YzhiZTBjMjg4ZDA5YmRjYmQxODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0+Asr4MDOeBm2RynbIj/KkxyqXeBWsDryfj0lBPAGQvQWmNOtCqKh91eIv
NZOo2GbA9E4P5shkkDeAspQRrfUq1BwNx9NYFOhUEeUcVbQ2ipnOfh8UHR5qQ0Qk
K+I1nlzES2FxfpQI8pXgKJXFcP7I5M+/NNMFBjB8M5ecez1rSfK7+E6mhkQkOT+b
iCBNBU0t7Fkxngais7A/cFFaaJzTZcCYWusvvmDrI4ci/pvz2E/zZpnVNYZnNU31
KHeJiks7qimYeNjn1txz5L/hx9Eq8BPp4LG4rStIs1wZwGv1FclFsl2eiQobwOqg
3zMqlJx/faPpO5rbFjPI+VPPTOkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGveRe
oYGmz4WayXEVtidlxehOijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNmNTFjNTYtNzlhYS00OGNhLTg5NWMtNzkwYTQzMWJiZDczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUI
MA0GCSqGSIb3DQEBCwUAA4IBAQDBlrDzaGnkKbN4JgaS5FU4+82nomy9oT07avWJ
rhJo8ZK/IMX3fXaEKE4NhCvN0CN9G2YIC0kqWhL/2Ge9sa0exEUnTA7+OiDlly9B
eFmDGFzZKEdkMHow4OtYtDWecsb9Z9Ug/OifJWhxLdn/WNwR5pkzQihMITgjB3X4
XrJc3b28Wmton91vyNDysLPpgvlgAaPA7MmQ/74+2iW9XABzRpvpgflSImgAvkOg
v+jDwZrdiQYCZnM6h5f7yy9cvuK+/5iawyVEN8YYanbbb7p+ViDRbXVB7mCszc2V
Q666l4okN4l16JHnHMO+hcctoE9Z2uR6N2kcgzToaCkJNio9
-----END CERTIFICATE-----
Generated at Mon May 5 06:05:27 2025 by rpki-client