Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
File: 27140a0d-612c-4da4-a60a-55c28faff6fe.roa (raw, json)
Hash identifier: uXJfetzL1Bccv8oSlQo1I3r55wciqvN/cDq3dWKq/6U=
Subject key identifier: 41:2C:8A:AC:B2:37:25:F8:A9:43:EA:83:9B:DF:57:62:51:D0:79:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4175D59FFC84FC4CA6432DA2BF9B153C9ED1D40B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
Signing time: Mon 28 Apr 2025 15:41:14 +0000
ROA not before: Mon 28 Apr 2025 15:41:14 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:75:d5:9f:fc:84:fc:4c:a6:43:2d:a2:bf:9b:15:3c:9e:d1:d4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:41:14 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=2174e78b42f2d078ab8c640d42bc44f41b676c396038d4c2c1afea7c8c3729cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bb:52:7c:e4:e5:59:e8:c7:20:da:aa:07:bb:
3b:64:f5:12:3b:b3:90:b0:9d:33:c8:bd:f6:df:04:
58:07:f3:21:3d:d5:92:43:af:5d:0d:e0:e0:ad:d9:
1e:8e:a9:bc:69:1a:b1:01:0f:28:03:51:37:03:7c:
ac:c7:44:06:bd:20:e2:b8:2a:08:39:bd:80:0f:07:
db:8f:c6:37:9b:b6:28:45:39:d2:7c:a8:5c:ac:e8:
e5:a7:88:b7:30:52:07:ea:1c:72:0d:98:d2:59:bd:
aa:e9:7e:4e:de:0f:e2:f4:a2:96:8f:ed:04:5a:75:
00:6c:b9:5f:02:fb:90:fd:0b:aa:b0:42:20:00:8d:
9f:64:3e:98:3a:c9:49:c8:8b:dd:fc:2a:d3:03:49:
f0:ca:00:ae:5c:38:42:51:c0:15:69:28:d7:e8:47:
0b:e7:40:b4:11:f8:7e:ee:95:01:54:4b:e9:ee:1a:
32:87:a8:b9:74:4d:70:6d:30:e7:26:94:38:e5:a2:
50:ce:3b:ba:5c:01:54:44:60:8e:56:2a:7b:fd:3f:
ec:03:72:57:12:a1:2b:17:3c:c5:ce:f5:4f:2d:22:
1d:bc:51:98:23:93:fa:29:35:01:0b:6d:3a:57:d3:
27:f9:2d:11:eb:60:53:e0:ec:3b:d9:c5:e8:7a:9c:
d9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:2C:8A:AC:B2:37:25:F8:A9:43:EA:83:9B:DF:57:62:51:D0:79:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
69:8b:83:79:a9:d9:59:0f:ce:c7:e2:08:92:bd:4b:23:81:0b:
81:30:93:87:cd:8a:9c:0d:6c:69:d0:6e:cf:63:09:14:14:79:
76:b6:b4:c2:66:ca:57:0f:b5:c3:5a:88:a3:f1:51:15:22:42:
c9:d1:15:14:78:1c:8c:9c:c6:87:f1:f9:c8:4e:57:2a:68:7c:
07:3d:e9:79:c2:31:38:80:73:b6:9d:fe:7e:13:c2:a5:12:ee:
c9:a8:78:55:11:b3:5b:a5:9a:8f:2b:25:70:64:98:f5:e4:75:
5b:3c:0d:6c:9e:89:90:6b:94:d8:1e:82:37:26:e7:f4:2d:39:
8d:d5:19:d4:ef:f1:19:38:bf:4f:59:a4:1e:72:67:71:be:c4:
df:04:62:9c:fb:d8:05:b8:3a:b1:36:18:58:4d:4b:94:23:d1:
88:47:45:6e:ed:b7:09:26:eb:6e:7c:76:a3:7f:7a:67:13:2c:
d9:26:f2:c9:ca:bc:74:0f:8e:b6:0e:31:b2:65:c2:3f:28:d2:
2d:1e:4b:fd:23:26:e0:0f:06:19:5b:7c:44:78:df:a9:71:44:
87:0e:96:48:b3:fc:41:86:e8:f3:d1:2e:b5:73:74:b9:de:b0:
52:d1:9f:36:1d:d2:ac:78:90:17:7d:11:75:0d:d8:2f:45:d8:
e6:74:af:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQXXVn/yE/EymQy2iv5sVPJ7R1AswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQxMTRaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxNzRlNzhiNDJmMmQwNzhhYjhjNjQwZDQyYmM0NGY0MWI2NzZjMzk2MDM4
ZDRjMmMxYWZlYTdjOGMzNzI5Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALy7Unzk5VnoxyDaqge7O2T1EjuzkLCdM8i99t8EWAfzIT3VkkOvXQ3g4K3Z
Ho6pvGkasQEPKANRNwN8rMdEBr0g4rgqCDm9gA8H24/GN5u2KEU50nyoXKzo5aeI
tzBSB+occg2Y0lm9qul+Tt4P4vSilo/tBFp1AGy5XwL7kP0LqrBCIACNn2Q+mDrJ
SciL3fwq0wNJ8MoArlw4QlHAFWko1+hHC+dAtBH4fu6VAVRL6e4aMoeouXRNcG0w
5yaUOOWiUM47ulwBVERgjlYqe/0/7ANyVxKhKxc8xc71Ty0iHbxRmCOT+ik1AQtt
OlfTJ/ktEetgU+DsO9nF6Hqc2VcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBLIqs
sjcl+KlD6oOb31diUdB5+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjcxNDBhMGQtNjEyYy00ZGE0LWE2MGEtNTVjMjhmYWZmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBpi4N5qdlZD87H4giSvUsjgQuBMJOHzYqcDWxp
0G7PYwkUFHl2trTCZspXD7XDWoij8VEVIkLJ0RUUeByMnMaH8fnITlcqaHwHPel5
wjE4gHO2nf5+E8KlEu7JqHhVEbNbpZqPKyVwZJj15HVbPA1snomQa5TYHoI3Juf0
LTmN1RnU7/EZOL9PWaQecmdxvsTfBGKc+9gFuDqxNhhYTUuUI9GIR0Vu7bcJJutu
fHajf3pnEyzZJvLJyrx0D462DjGyZcI/KNItHkv9IybgDwYZW3xEeN+pcUSHDpZI
s/xBhujz0S61c3S53rBS0Z82HdKseJAXfRF1DdgvRdjmdK+8
-----END CERTIFICATE-----
Generated at Mon May 5 18:40:38 2025 by rpki-client