Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json)
Hash identifier: 0sCZiLeQA+obzsYRxoEhTY2SLgNUVGI90tKOPzAmDio=
Subject key identifier: EB:35:41:11:68:58:52:84:6C:CC:73:65:02:3E:BC:21:97:FC:13:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E755BE18EA4F9456036A7EEE2F82EB72E6168B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
Signing time: Tue 29 Apr 2025 14:22:09 +0000
ROA not before: Tue 29 Apr 2025 14:22:09 +0000
ROA not after: Tue 03 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:75:5b:e1:8e:a4:f9:45:60:36:a7:ee:e2:f8:2e:b7:2e:61:68:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 29 14:22:09 2025 GMT
Not After : Jun 3 23:59:59 2025 GMT
Subject: serialNumber=12ca8bac38f1a679e1af0a793cd13c316d04fc56d94f1fbce18e63ca777ca204, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:29:4e:88:17:71:37:90:9d:8b:b3:f5:32:90:
03:d0:7b:63:70:a2:89:81:b1:3b:b7:a7:fc:73:88:
54:55:d1:6c:e8:31:84:20:35:eb:e4:ca:30:c0:aa:
81:31:29:e2:34:a5:24:94:03:13:4e:5a:94:ee:f7:
5e:27:09:ce:01:32:66:88:d1:fb:20:8c:5f:ed:b0:
24:09:34:71:f7:cd:c7:51:fb:5e:72:8e:32:79:1c:
74:0d:80:74:69:62:57:62:dc:11:fd:ed:81:5b:3c:
61:72:e0:c5:c5:6a:2d:25:cb:b6:a0:63:52:79:68:
1c:76:bd:76:3e:a5:0e:b4:bb:6d:4b:a4:32:bf:3a:
e3:f3:f3:33:bf:6c:1e:65:a9:49:0c:03:d8:5e:e1:
87:26:65:8a:b2:05:8e:72:17:14:37:bf:66:0b:d1:
af:5f:d5:8d:b0:c8:eb:75:ef:f3:1e:2b:8d:63:23:
f6:ed:48:84:64:56:e0:ce:fa:33:25:e6:a7:fc:be:
e9:c2:6a:e0:41:a3:f7:d8:57:4a:97:ee:52:88:65:
59:00:5f:36:f8:63:09:76:2a:78:bc:cb:5b:8b:17:
03:af:50:2c:57:56:87:40:db:26:75:be:a2:f8:15:
d4:04:26:9f:07:48:79:a5:17:05:73:a2:60:f4:9b:
99:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:35:41:11:68:58:52:84:6C:CC:73:65:02:3E:BC:21:97:FC:13:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1400::/38
Signature Algorithm: sha256WithRSAEncryption
38:09:ad:90:3f:16:88:73:53:0f:d5:4c:e4:86:04:f6:6a:b8:
f8:e0:d3:92:f0:ba:03:ac:5e:a6:33:62:2b:bf:7a:32:66:c6:
7a:7f:1c:0b:2d:eb:24:15:db:72:23:c7:a0:27:9f:a1:53:cc:
8d:11:13:93:cf:9a:9a:37:7e:56:f2:d4:4e:30:6f:c2:fe:b0:
b6:92:9d:62:56:b8:29:50:9b:df:77:d7:63:8b:e2:85:26:66:
23:b8:9a:4e:73:79:c5:f6:85:3f:f8:40:61:03:cf:c0:70:ef:
d5:60:a5:57:00:92:58:9b:68:00:9a:46:13:59:ab:c9:2c:cf:
9c:3c:e4:3e:85:92:6e:fa:6b:06:4e:4e:89:a9:36:3f:6b:fd:
eb:07:56:14:e2:2e:6a:ed:7c:c3:b3:82:9c:45:f5:2e:cb:50:
86:69:14:7f:d6:93:8e:47:2c:35:52:bb:71:2e:3f:85:0c:c6:
07:d8:d0:7e:ae:26:3e:32:1a:8f:08:3f:23:8d:ac:fe:b6:68:
af:04:6d:84:c8:e5:7a:d4:4e:73:79:30:6a:7c:d1:59:f2:af:
de:c0:f8:eb:79:70:c9:ab:7f:2c:13:9c:55:d2:60:c2:52:e7:
d8:6e:a4:5f:3e:0d:8a:f5:f6:d8:28:60:8d:13:85:e6:90:45:
4b:85:9f:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXnVb4Y6k+UVgNqfu4vguty5haLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjkxNDIyMDlaFw0yNTA2MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyY2E4YmFjMzhmMWE2NzllMWFmMGE3OTNjZDEzYzMxNmQwNGZjNTZkOTRm
MWZiY2UxOGU2M2NhNzc3Y2EyMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMpTogXcTeQnYuz9TKQA9B7Y3CiiYGxO7en/HOIVFXRbOgxhCA16+TKMMCq
gTEp4jSlJJQDE05alO73XicJzgEyZojR+yCMX+2wJAk0cffNx1H7XnKOMnkcdA2A
dGliV2LcEf3tgVs8YXLgxcVqLSXLtqBjUnloHHa9dj6lDrS7bUukMr864/PzM79s
HmWpSQwD2F7hhyZlirIFjnIXFDe/ZgvRr1/VjbDI63Xv8x4rjWMj9u1IhGRW4M76
MyXmp/y+6cJq4EGj99hXSpfuUohlWQBfNvhjCXYqeLzLW4sXA69QLFdWh0DbJnW+
ovgV1AQmnwdIeaUXBXOiYPSbmW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrNUER
aFhShGzMc2UCPrwhl/wTUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU
MA0GCSqGSIb3DQEBCwUAA4IBAQA4Ca2QPxaIc1MP1UzkhgT2arj44NOS8LoDrF6m
M2Irv3oyZsZ6fxwLLeskFdtyI8egJ5+hU8yNEROTz5qaN35W8tROMG/C/rC2kp1i
VrgpUJvfd9dji+KFJmYjuJpOc3nF9oU/+EBhA8/AcO/VYKVXAJJYm2gAmkYTWavJ
LM+cPOQ+hZJu+msGTk6JqTY/a/3rB1YU4i5q7XzDs4KcRfUuy1CGaRR/1pOORyw1
UrtxLj+FDMYH2NB+riY+MhqPCD8jjaz+tmivBG2EyOV61E5zeTBqfNFZ8q/ewPjr
eXDJq38sE5xV0mDCUufYbqRfPg2K9fbYKGCNE4XmkEVLhZ9q
-----END CERTIFICATE-----
Generated at Mon May 5 05:54:17 2025 by rpki-client