Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
File: 15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa (raw, json)
Hash identifier: zqIM99eohmuyTDtJOb0OjJPupSA7t715pJjpmYzgaDg=
Subject key identifier: A7:96:88:27:15:D8:72:80:1A:D9:76:F4:62:77:15:71:E5:0B:2B:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3182923CEC90751F5D83E7D8A2D283D6ACA5BF91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
Signing time: Fri 25 Apr 2025 18:40:47 +0000
ROA not before: Fri 25 Apr 2025 18:40:47 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:82:92:3c:ec:90:75:1f:5d:83:e7:d8:a2:d2:83:d6:ac:a5:bf:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:47 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=5d44cd28c195a4fe6fbef50fa51ebb4809c95ed9c7303b0f4bb00962441a7c9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:16:8f:32:06:f3:5a:e1:bf:05:9b:49:a4:ad:
cf:72:01:93:0d:91:e4:c8:1b:06:fb:c5:02:12:e3:
1d:82:68:28:f6:55:14:36:fa:26:d6:0d:43:02:76:
cd:3e:00:a7:ee:75:e0:9b:cf:31:aa:7a:a5:af:b6:
99:4c:19:79:04:39:30:e7:60:a0:dd:09:12:0f:cc:
ae:ad:cd:bf:b1:9e:44:b0:78:0d:b9:da:aa:49:b9:
23:58:d3:c4:5a:c5:aa:e8:08:87:7a:73:62:35:69:
73:9c:51:05:a2:30:99:a2:f8:78:b6:7e:52:4f:ad:
bc:16:ea:02:d8:8b:a9:86:60:7f:37:8d:d6:1a:17:
8c:c1:73:8b:3d:a0:b4:42:62:60:dc:f7:54:f3:a4:
7b:4b:33:3b:96:20:d2:5e:d0:d2:1e:3b:90:6b:e2:
02:8b:06:aa:95:46:ee:7c:2f:60:63:e1:9f:79:08:
1c:4a:49:28:58:15:0d:5e:01:64:56:b0:83:25:32:
f7:7e:1a:64:f6:64:75:3c:1e:eb:29:8a:86:d9:8a:
f4:0d:ca:fd:8e:3d:0e:41:94:7a:eb:e1:78:a4:7b:
86:a7:9b:13:b3:7c:1b:53:d9:89:23:a7:75:ed:0d:
c3:25:cb:f1:9f:85:ab:b4:e2:b0:06:c9:e5:d7:ae:
58:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:96:88:27:15:D8:72:80:1A:D9:76:F4:62:77:15:71:E5:0B:2B:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
14:3a:fa:f5:2b:82:91:73:d6:fa:b2:61:0b:7e:d7:ad:36:ac:
35:93:76:08:f9:53:f9:f0:ae:c0:95:9e:b2:9c:18:62:3c:d2:
31:84:33:a4:ee:f6:59:d3:78:cd:36:8e:7e:2e:11:76:61:cb:
f9:fe:10:b5:27:9b:6d:89:03:91:42:53:2e:42:d4:fd:00:82:
a1:f2:50:84:be:43:4f:a9:82:21:54:4a:61:35:dd:5a:9e:7a:
5e:ea:e0:4b:27:dd:6b:24:9b:fc:4e:cf:48:cc:1d:b2:34:48:
8d:40:e1:0b:dc:1f:33:cb:dd:b8:69:3b:a3:c8:8e:7c:b1:22:
41:30:c1:3d:4c:6c:48:80:91:cb:d4:a4:5f:d3:bd:eb:cf:57:
a4:6a:2b:0f:39:a4:9d:bf:50:ad:4a:8e:6c:b6:76:60:e4:0a:
ac:34:77:20:67:f7:b2:aa:c9:f0:30:e4:90:d5:f4:50:14:3a:
55:bd:9f:15:97:00:76:2b:42:5c:2c:d2:1d:5a:e9:e6:a2:62:
c6:24:4e:e2:9f:be:55:e6:e3:ee:a3:ac:d8:6d:7b:17:50:d4:
01:ca:ea:32:98:6a:a0:47:35:b3:45:c4:fb:1f:b7:85:23:42:
c5:96:d0:5f:e0:fa:44:22:92:0d:01:fc:8b:11:f5:6d:14:c9:
66:a9:ca:7f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMYKSPOyQdR9dg+fYotKD1qylv5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwNDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkNDRjZDI4YzE5NWE0ZmU2ZmJlZjUwZmE1MWViYjQ4MDljOTVlZDljNzMw
M2IwZjRiYjAwOTYyNDQxYTdjOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgWjzIG81rhvwWbSaStz3IBkw2R5MgbBvvFAhLjHYJoKPZVFDb6JtYNQwJ2
zT4Ap+514JvPMap6pa+2mUwZeQQ5MOdgoN0JEg/Mrq3Nv7GeRLB4Dbnaqkm5I1jT
xFrFqugIh3pzYjVpc5xRBaIwmaL4eLZ+Uk+tvBbqAtiLqYZgfzeN1hoXjMFziz2g
tEJiYNz3VPOke0szO5Yg0l7Q0h47kGviAosGqpVG7nwvYGPhn3kIHEpJKFgVDV4B
ZFawgyUy934aZPZkdTwe6ymKhtmK9A3K/Y49DkGUeuvheKR7hqebE7N8G1PZiSOn
de0NwyXL8Z+Fq7TisAbJ5deuWPECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSnlogn
FdhygBrZdvRidxVx5QsrkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTVkZTAwNGItY2QwZi00NGExLTk5YjEtNGUyZTcxZmYwN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
wDANBgkqhkiG9w0BAQsFAAOCAQEAFDr69SuCkXPW+rJhC37XrTasNZN2CPlT+fCu
wJWespwYYjzSMYQzpO72WdN4zTaOfi4RdmHL+f4QtSebbYkDkUJTLkLU/QCCofJQ
hL5DT6mCIVRKYTXdWp56XurgSyfdaySb/E7PSMwdsjRIjUDhC9wfM8vduGk7o8iO
fLEiQTDBPUxsSICRy9SkX9O9689XpGorDzmknb9QrUqObLZ2YOQKrDR3IGf3sqrJ
8DDkkNX0UBQ6Vb2fFZcAditCXCzSHVrp5qJixiRO4p++Vebj7qOs2G17F1DUAcrq
MphqoEc1s0XE+x+3hSNCxZbQX+D6RCKSDQH8ixH1bRTJZqnKfw==
-----END CERTIFICATE-----
Generated at Mon May 5 10:33:27 2025 by rpki-client