Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
File: 113e55fd-9531-4700-bcdc-5abe9a806b41.roa (raw, json)
Hash identifier: SDwcC/MECNcTpLmGznfeELfQZ9QS4bqg5vp5GARgbGk=
Subject key identifier: E4:D1:23:86:D4:4A:09:AF:16:96:A7:2A:3D:7E:98:A2:80:C2:DB:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 783C232416503ED461FED4262870AF762FA36B10
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
Signing time: Mon 21 Apr 2025 18:40:29 +0000
ROA not before: Mon 21 Apr 2025 18:40:29 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:3c:23:24:16:50:3e:d4:61:fe:d4:26:28:70:af:76:2f:a3:6b:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:29 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=d7d2ca179ea60f8b7fbe487a2ac4c9684e55546618d8cdf3d1097f07f862afab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ef:07:d5:29:1b:a6:6d:57:25:f5:86:51:f8:
38:ec:e9:8c:d9:d1:d4:42:11:e6:94:9d:76:1a:32:
76:08:f5:d9:26:97:f5:a5:0c:f3:18:96:0e:44:94:
e5:58:8f:3f:63:14:48:97:5a:8f:67:fd:be:08:64:
77:a6:e8:19:f4:f4:6d:26:98:06:30:51:aa:d4:05:
2e:2d:16:3e:2f:6c:1d:9e:50:72:44:fb:ce:96:09:
dd:c2:e9:0c:38:dc:2d:b8:81:6f:ff:92:41:8d:af:
8d:ce:46:66:a3:0c:22:75:14:72:ab:d1:77:ee:39:
ed:0b:87:b5:45:7d:f1:75:d8:b8:1b:ef:59:88:8f:
6b:ee:d4:81:c6:e7:ba:f6:5f:b4:78:b9:24:0f:5b:
c7:df:e5:64:20:e1:77:5d:5f:1d:2f:5d:de:d2:96:
d0:06:54:30:d6:e7:9d:a3:eb:09:1b:c2:63:56:1e:
4f:1d:00:7a:fb:f6:3a:fc:1a:bb:08:5e:31:48:2a:
96:a2:c4:6d:a0:da:5c:39:61:8b:2b:a1:a8:79:b1:
34:47:e5:d7:68:c1:0e:70:64:2a:ae:b0:2b:45:de:
74:7f:5b:70:d3:87:ef:ed:31:1a:72:31:39:59:3a:
34:c2:f6:ad:83:7d:de:52:44:82:3c:d8:03:8e:14:
bb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D1:23:86:D4:4A:09:AF:16:96:A7:2A:3D:7E:98:A2:80:C2:DB:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:800::/40
Signature Algorithm: sha256WithRSAEncryption
44:57:b1:74:9d:4a:cf:d9:38:83:0b:20:a6:dd:9f:24:15:f2:
db:95:ac:10:70:1b:fb:04:90:3c:9a:07:db:ba:98:a3:af:57:
63:df:ee:9d:c3:6b:bd:97:18:79:3f:bd:36:6c:7c:c0:50:0a:
7b:9b:c7:8a:99:c7:27:f2:9f:79:d6:07:e3:46:fb:e1:2d:96:
52:9c:98:f5:37:76:55:49:98:a4:0f:f1:c8:e1:d0:40:85:49:
f0:3c:cb:b6:50:bd:3f:e2:f4:f1:cd:d8:f2:4e:2f:92:12:ed:
58:71:71:25:3a:4a:5e:eb:7c:aa:70:08:43:d7:45:3f:4b:d7:
20:15:24:71:37:3a:d3:46:13:f7:b3:4c:39:a3:8d:36:1e:a9:
19:b5:f5:72:46:72:01:2f:b7:73:7f:ad:88:16:52:92:0e:ed:
38:51:ba:23:73:2e:06:c2:8e:9c:be:c7:4d:fd:6b:04:03:b3:
3b:d0:99:21:9a:ba:1e:9c:6b:56:af:06:cd:8f:87:86:dc:81:
18:44:8d:a5:cf:55:28:f8:14:20:7f:7d:76:48:30:88:44:78:
2b:36:fd:13:67:cc:c3:65:ee:59:30:2b:2f:0a:0c:7f:78:f4:
09:a8:0d:4d:75:2d:9e:05:4f:6b:05:25:f3:b2:cb:70:fd:be:
12:ae:5c:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeDwjJBZQPtRh/tQmKHCvdi+jaxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMjlaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3ZDJjYTE3OWVhNjBmOGI3ZmJlNDg3YTJhYzRjOTY4NGU1NTU0NjYxOGQ4
Y2RmM2QxMDk3ZjA3Zjg2MmFmYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/vB9UpG6ZtVyX1hlH4OOzpjNnR1EIR5pSddhoydgj12SaX9aUM8xiWDkSU
5ViPP2MUSJdaj2f9vghkd6boGfT0bSaYBjBRqtQFLi0WPi9sHZ5QckT7zpYJ3cLp
DDjcLbiBb/+SQY2vjc5GZqMMInUUcqvRd+457QuHtUV98XXYuBvvWYiPa+7Ugcbn
uvZftHi5JA9bx9/lZCDhd11fHS9d3tKW0AZUMNbnnaPrCRvCY1YeTx0Aevv2Ovwa
uwheMUgqlqLEbaDaXDlhiyuhqHmxNEfl12jBDnBkKq6wK0XedH9bcNOH7+0xGnIx
OVk6NML2rYN93lJEgjzYA44Uu8sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTk0SOG
1EoJrxaWpyo9fpiigMLbeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTEzZTU1ZmQtOTUzMS00NzAwLWJjZGMtNWFiZTlhODA2YjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYI
MA0GCSqGSIb3DQEBCwUAA4IBAQBEV7F0nUrP2TiDCyCm3Z8kFfLblawQcBv7BJA8
mgfbupijr1dj3+6dw2u9lxh5P702bHzAUAp7m8eKmccn8p951gfjRvvhLZZSnJj1
N3ZVSZikD/HI4dBAhUnwPMu2UL0/4vTxzdjyTi+SEu1YcXElOkpe63yqcAhD10U/
S9cgFSRxNzrTRhP3s0w5o402HqkZtfVyRnIBL7dzf62IFlKSDu04Ubojcy4Gwo6c
vsdN/WsEA7M70JkhmroenGtWrwbNj4eG3IEYRI2lz1Uo+BQgf312SDCIRHgrNv0T
Z8zDZe5ZMCsvCgx/ePQJqA1NdS2eBU9rBSXzsstw/b4SrlyV
-----END CERTIFICATE-----
Generated at Mon May 5 13:34:12 2025 by rpki-client