Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa
File: 32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa (raw, json)
Hash identifier: 62F+B8+56SCYO6h2XdxuI0pYnMzhiYpteyzLDiSJEsM=
Subject key identifier: 0D:12:23:23:3F:4F:71:52:8B:E2:99:84:36:10:74:E5:24:32:48:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A34CE11B5EC9DF5A9FB8C1CF82F6A1F12BB0300
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa
Signing time: Fri 25 Apr 2025 19:41:20 +0000
ROA not before: Fri 25 Apr 2025 19:41:20 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:34:ce:11:b5:ec:9d:f5:a9:fb:8c:1c:f8:2f:6a:1f:12:bb:03:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:20 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=4e3029e02aed2bc2f4623c6d0b343a128192d725eb37f1cb19ef4d5251f9fde8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:45:44:4c:e8:d6:4e:5c:9c:96:02:f1:35:27:
99:a9:ec:79:54:98:bc:7b:06:87:4c:2b:43:9f:3e:
b3:f2:d9:74:54:61:96:fe:11:e6:d3:bd:d3:3c:aa:
89:3f:17:ce:2a:7b:92:90:eb:66:52:01:10:f6:ee:
bf:ab:89:ba:13:7d:4a:13:a4:f9:0f:fa:76:8c:86:
8d:99:8f:8f:ba:1a:e2:c5:49:12:ba:99:44:cd:7c:
74:9e:e4:34:21:ef:f5:5d:66:2c:15:7e:21:ea:9e:
42:c0:1f:73:98:a2:7f:4e:86:8d:a2:2b:ba:20:33:
97:fd:7e:60:fa:d5:7c:46:cd:d7:29:41:4b:d2:dd:
f3:07:0f:c7:09:76:91:d8:dd:4a:a1:97:aa:f5:c0:
e7:fe:b4:ad:15:60:fd:d7:f8:b7:61:5a:36:74:8b:
7a:af:cc:70:4c:a3:cd:73:8e:00:1f:e7:a3:70:09:
51:4b:60:d8:8e:8e:5d:2d:ec:ad:76:44:43:a9:82:
f8:c2:a1:27:9a:a6:3a:b4:55:c6:c5:f8:94:4e:8a:
32:6f:8d:b2:dd:2a:94:59:f5:9a:4e:b2:19:03:1d:
e8:68:0b:d5:e3:e6:f7:63:4e:58:58:8c:0e:52:eb:
72:d6:77:0d:29:93:5a:49:62:c3:b7:f1:43:66:f7:
1e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:12:23:23:3F:4F:71:52:8B:E2:99:84:36:10:74:E5:24:32:48:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e080::/46
Signature Algorithm: sha256WithRSAEncryption
38:c8:08:d3:c1:08:51:b5:f9:9f:63:cc:d7:e2:7d:dc:a6:fb:
ed:2f:b7:f9:29:7d:ba:41:20:9f:d2:92:55:94:df:a8:7f:00:
62:cc:84:9e:4e:b3:fd:6a:38:08:bc:17:88:fb:a4:18:82:a8:
11:d6:0d:2b:84:67:62:70:27:b8:0e:36:45:39:f4:86:1b:14:
99:58:a8:d2:dc:61:57:c5:62:c7:00:5f:0d:7f:77:44:dc:86:
1c:5a:d7:0c:c2:c3:a9:fc:5f:93:ae:36:9b:3f:1e:56:85:f3:
a5:83:8b:82:3b:5a:bb:7a:fe:13:34:3b:f0:29:81:94:c3:1a:
70:43:28:94:14:3e:dc:f5:38:07:81:b3:18:54:6b:80:ad:53:
0b:8f:ed:35:8b:b5:e4:09:ee:bb:73:38:09:54:0c:9e:d7:0d:
55:1f:2f:a3:9c:bc:fa:c7:a9:35:0a:38:57:a4:49:c8:ec:71:
b4:0b:78:ac:d9:99:98:cc:fd:54:2d:0d:73:f9:72:61:b4:c7:
5f:1f:64:c9:c0:49:94:b2:5c:ae:0f:49:7d:3b:08:a8:8c:32:
42:9f:b8:51:10:18:ea:40:74:66:1d:ce:ee:b5:04:9b:56:91:
05:de:6c:66:91:7e:7b:7a:eb:43:4d:34:d3:54:03:20:2b:40:
a2:c3:f7:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKjTOEbXsnfWp+4wc+C9qHxK7AwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMjBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMzAyOWUwMmFlZDJiYzJmNDYyM2M2ZDBiMzQzYTEyODE5MmQ3MjVlYjM3
ZjFjYjE5ZWY0ZDUyNTFmOWZkZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJBFREzo1k5cnJYC8TUnmanseVSYvHsGh0wrQ58+s/LZdFRhlv4R5tO90zyq
iT8Xzip7kpDrZlIBEPbuv6uJuhN9ShOk+Q/6doyGjZmPj7oa4sVJErqZRM18dJ7k
NCHv9V1mLBV+IeqeQsAfc5iif06GjaIruiAzl/1+YPrVfEbN1ylBS9Ld8wcPxwl2
kdjdSqGXqvXA5/60rRVg/df4t2FaNnSLeq/McEyjzXOOAB/no3AJUUtg2I6OXS3s
rXZEQ6mC+MKhJ5qmOrRVxsX4lE6KMm+Nst0qlFn1mk6yGQMd6GgL1ePm92NOWFiM
DlLrctZ3DSmTWkliw7fxQ2b3HnkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQNEiMj
P09xUovimYQ2EHTlJDJIATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzJiNzQxNzktZGI3MC00YjVlLWE5YWEtZTZhZTg1MzkyYTJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXg
gDANBgkqhkiG9w0BAQsFAAOCAQEAOMgI08EIUbX5n2PM1+J93Kb77S+3+Sl9ukEg
n9KSVZTfqH8AYsyEnk6z/Wo4CLwXiPukGIKoEdYNK4RnYnAnuA42RTn0hhsUmVio
0txhV8VixwBfDX93RNyGHFrXDMLDqfxfk642mz8eVoXzpYOLgjtau3r+EzQ78CmB
lMMacEMolBQ+3PU4B4GzGFRrgK1TC4/tNYu15Anuu3M4CVQMntcNVR8vo5y8+sep
NQo4V6RJyOxxtAt4rNmZmMz9VC0Nc/lyYbTHXx9kycBJlLJcrg9JfTsIqIwyQp+4
URAY6kB0Zh3O7rUEm1aRBd5sZpF+e3rrQ00001QDICtAosP3uQ==
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:20 2025 by rpki-client