Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa
File: 4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa (raw, json)
Hash identifier: +BTUmx9mDUSfctWG1KPjFC+deKFSozPFrrpjNeTQ4B4=
Subject key identifier: 7E:3E:82:29:FE:46:76:A2:61:BA:88:C6:B9:E7:DF:52:7F:D9:A1:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72151031F049B87AF7A679E34B44592BBC75590D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa
Signing time: Fri 25 Apr 2025 19:21:31 +0000
ROA not before: Fri 25 Apr 2025 19:21:31 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:15:10:31:f0:49:b8:7a:f7:a6:79:e3:4b:44:59:2b:bc:75:59:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:21:31 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3ddab9afcbe24c221468ddfc7db3e8f735714df7f4d92318363f9f653bb33669, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f4:fd:f4:ac:74:be:e0:96:95:a6:cf:2e:f3:
84:f8:34:32:59:6e:90:c6:bd:6f:bc:32:34:dc:e9:
d8:fc:a2:a5:00:6b:ad:91:1d:48:52:be:e1:f0:f2:
71:cb:fb:07:eb:73:07:10:0a:e6:bb:74:dd:26:79:
6a:ea:fb:c0:97:66:3f:d3:0e:95:2c:bf:20:8b:82:
96:0a:61:37:70:16:2d:25:f2:09:87:e0:e7:b3:3f:
bd:c9:08:47:d7:5b:b0:35:70:a1:05:d6:a9:21:42:
3e:3d:c6:7c:63:42:a2:ca:8c:97:d1:51:0d:9c:8e:
55:f5:9d:81:9d:b9:84:69:1d:65:00:e8:d3:33:e9:
8e:2f:5b:ad:e8:dc:c5:ef:7f:ac:df:37:e7:2b:7a:
2d:78:f9:87:91:c4:8e:ec:7a:c9:41:ce:31:9c:e1:
b4:37:87:fb:67:0e:c1:0d:0b:ed:14:83:a1:c7:44:
3f:ef:86:3f:e3:d4:dd:fb:1e:3f:6b:e1:16:b1:cb:
53:ca:ba:ca:e0:60:3e:a9:c9:b1:2c:91:9e:3d:44:
a5:55:a3:37:61:dc:7d:d4:b3:01:96:a5:56:5f:e1:
6f:6f:86:cb:46:18:17:21:35:bd:8f:90:71:f8:c2:
63:9e:ce:8d:c8:f7:7f:ee:0a:be:ff:4d:10:1b:53:
e1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:3E:82:29:FE:46:76:A2:61:BA:88:C6:B9:E7:DF:52:7F:D9:A1:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4080::/46
Signature Algorithm: sha256WithRSAEncryption
c5:69:c9:3f:e5:4b:cb:89:89:8f:20:29:2f:32:7c:74:9a:dc:
7c:57:8f:aa:93:28:aa:58:ca:aa:57:1c:44:0a:ba:53:36:05:
0e:0b:04:c1:7a:56:33:d0:bf:e4:c0:5d:54:0c:9f:c1:dc:6e:
2c:fb:17:89:98:9c:b4:30:61:6b:26:81:43:60:2e:9e:de:22:
36:a4:87:88:da:8f:83:05:a7:8e:88:53:7b:a8:72:33:7c:82:
3d:04:69:ba:d3:48:b7:d4:c7:39:57:7d:b4:6c:7f:85:37:8c:
19:59:c1:a1:05:d3:f5:df:15:d4:f2:b5:fe:59:ee:2c:ba:7a:
a2:0a:9a:c8:7c:0f:2b:a8:f9:7a:5b:89:ca:6a:12:7c:fa:58:
92:6d:de:6e:64:a3:89:f0:64:df:da:2d:bb:a2:11:b6:94:82:
33:24:e3:5f:10:45:11:eb:ee:bb:0d:37:51:ca:93:8f:17:57:
9e:5d:77:05:c9:cc:5d:a9:1c:29:1f:7a:e3:7d:96:a0:28:2b:
4a:ee:e7:3c:1c:6e:62:f8:fc:56:f1:25:c5:ba:91:d0:96:b1:
3f:c7:c9:f0:c6:05:be:b1:bf:1d:25:63:62:66:46:80:7f:b9:
02:8a:f7:6a:de:a2:9c:52:c2:bd:a4:56:7d:ae:db:49:24:97:
86:b7:26:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUchUQMfBJuHr3pnnjS0RZK7x1WQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIxMzFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkZGFiOWFmY2JlMjRjMjIxNDY4ZGRmYzdkYjNlOGY3MzU3MTRkZjdmNGQ5
MjMxODM2M2Y5ZjY1M2JiMzM2NjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMz0/fSsdL7glpWmzy7zhPg0MllukMa9b7wyNNzp2PyipQBrrZEdSFK+4fDy
ccv7B+tzBxAK5rt03SZ5aur7wJdmP9MOlSy/IIuClgphN3AWLSXyCYfg57M/vckI
R9dbsDVwoQXWqSFCPj3GfGNCosqMl9FRDZyOVfWdgZ25hGkdZQDo0zPpji9brejc
xe9/rN835yt6LXj5h5HEjux6yUHOMZzhtDeH+2cOwQ0L7RSDocdEP++GP+PU3fse
P2vhFrHLU8q6yuBgPqnJsSyRnj1EpVWjN2HcfdSzAZalVl/hb2+Gy0YYFyE1vY+Q
cfjCY57Ojcj3f+4Kvv9NEBtT4RcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR+PoIp
/kZ2omG6iMa5599Sf9mhSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA5N2I2YjQtNDc1Zi00Zjk2LTlkNWUtODhjMDhmMmM1ODA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVA
gDANBgkqhkiG9w0BAQsFAAOCAQEAxWnJP+VLy4mJjyApLzJ8dJrcfFePqpMoqljK
qlccRAq6UzYFDgsEwXpWM9C/5MBdVAyfwdxuLPsXiZictDBhayaBQ2Aunt4iNqSH
iNqPgwWnjohTe6hyM3yCPQRputNIt9THOVd9tGx/hTeMGVnBoQXT9d8V1PK1/lnu
LLp6ogqayHwPK6j5eluJymoSfPpYkm3ebmSjifBk39otu6IRtpSCMyTjXxBFEevu
uw03UcqTjxdXnl13BcnMXakcKR96432WoCgrSu7nPBxuYvj8VvElxbqR0JaxP8fJ
8MYFvrG/HSVjYmZGgH+5Aor3at6inFLCvaRWfa7bSSSXhrcmQw==
-----END CERTIFICATE-----
Generated at Mon May 5 05:54:45 2025 by rpki-client