Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: 3vZAYHBsTOYyvkHJcjdnC4XYy63daybnnBT2+TU/CpI=
Subject key identifier: 96:ED:1A:42:10:D2:F4:DA:20:09:E7:69:C1:E0:E7:9E:94:C6:E9:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B1FD6E0AD1B2BDD8D0F94529533BEE1C2CA96EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Fri 25 Apr 2025 20:00:21 +0000
ROA not before: Fri 25 Apr 2025 20:00:21 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:1f:d6:e0:ad:1b:2b:dd:8d:0f:94:52:95:33:be:e1:c2:ca:96:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:00:21 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1f2356c6d29a7e84b31e203655d35e622e9e43efd65e1a27dfd17e8658ac64e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:be:ae:22:f0:0c:8e:f6:68:23:6f:f9:6a:af:
c5:96:29:c9:b7:4a:4b:e0:c8:9b:cc:dc:b6:62:7f:
1b:c8:90:dc:bb:dc:4c:aa:3b:ba:a6:ab:a0:24:d8:
41:f5:46:71:7c:77:f2:81:07:c4:90:d9:b4:3a:f5:
91:70:d5:3d:66:f5:76:d7:c7:92:12:d4:99:75:84:
cc:52:b8:75:23:38:5b:a6:c1:f2:9b:78:1e:cf:6d:
be:c1:1c:9d:19:17:9f:d4:fb:0d:8e:93:80:64:7e:
5f:37:81:ec:bc:82:67:6c:05:88:98:f4:5a:d2:9d:
3e:de:23:2e:44:4f:0f:17:cc:dd:97:77:e0:71:73:
ee:f3:ff:fa:f1:a0:58:8b:8d:5e:04:48:12:50:a3:
a9:70:eb:44:8a:5e:c0:1c:87:90:db:f6:55:d8:c8:
ec:d6:39:13:aa:25:ef:47:e9:19:97:4a:91:a0:96:
6d:d8:b5:6e:2f:32:01:93:60:79:3b:26:33:95:f7:
1b:0a:70:64:65:0e:ed:13:a6:20:8a:c8:54:85:61:
56:bb:e2:d0:4a:9e:43:dd:9a:f9:f7:5e:77:35:5c:
50:ff:4a:8a:0e:a6:68:69:79:55:a1:dc:d8:ec:a0:
be:84:60:2d:7f:44:64:83:82:a6:a7:31:3c:95:3a:
12:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:ED:1A:42:10:D2:F4:DA:20:09:E7:69:C1:E0:E7:9E:94:C6:E9:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
06:5f:14:d2:c1:5c:28:93:59:18:e7:e9:f1:3e:63:4b:a4:94:
8c:79:14:46:cb:02:e1:52:7f:ed:42:8e:72:0e:14:2e:19:ee:
83:30:04:3e:59:20:68:1b:9c:77:c9:49:8d:56:a6:57:2e:de:
ba:94:62:0b:19:4e:ef:40:a8:1e:a0:fe:17:db:de:28:da:7c:
59:22:55:6e:6b:f5:e6:f1:4a:8b:59:2a:19:8c:f9:3a:c9:86:
1c:15:de:e3:78:28:9b:d4:f1:2c:ee:eb:4c:2a:4f:2b:9a:60:
6e:38:f2:a8:bd:35:0c:5e:1b:01:b4:dc:02:73:bd:0e:65:e6:
92:73:37:b0:b5:99:e7:c7:99:1f:e6:33:d6:2a:3f:bc:17:47:
15:f5:c1:52:bb:9a:4a:7a:73:ff:a1:cd:7d:91:c6:77:20:49:
35:49:72:f1:8a:74:f8:64:e9:83:b2:05:cf:5a:32:8a:6a:cd:
73:e9:52:7e:7f:81:11:3b:dc:d6:9b:ea:61:86:20:a7:b4:7f:
fb:ba:88:a4:fc:a0:20:06:32:3d:fc:99:f1:83:ee:54:dd:9f:
89:57:99:a9:26:d5:8c:cc:15:f4:f5:c9:a8:36:d7:7c:0b:86:
b5:d7:30:86:91:3d:bb:ec:5e:91:6b:ed:ce:d1:24:ca:2d:b3:
72:f6:1b:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSx/W4K0bK92ND5RSlTO+4cLKluswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAwMjFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmMjM1NmM2ZDI5YTdlODRiMzFlMjAzNjU1ZDM1ZTYyMmU5ZTQzZWZkNjVl
MWEyN2RmZDE3ZTg2NThhYzY0ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6+riLwDI72aCNv+WqvxZYpybdKS+DIm8zctmJ/G8iQ3LvcTKo7uqaroCTY
QfVGcXx38oEHxJDZtDr1kXDVPWb1dtfHkhLUmXWEzFK4dSM4W6bB8pt4Hs9tvsEc
nRkXn9T7DY6TgGR+XzeB7LyCZ2wFiJj0WtKdPt4jLkRPDxfM3Zd34HFz7vP/+vGg
WIuNXgRIElCjqXDrRIpewByHkNv2VdjI7NY5E6ol70fpGZdKkaCWbdi1bi8yAZNg
eTsmM5X3GwpwZGUO7ROmIIrIVIVhVrvi0EqeQ92a+fdedzVcUP9Kig6maGl5VaHc
2OygvoRgLX9EZIOCpqcxPJU6ErUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSW7RpC
ENL02iAJ52nB4OeelMbpnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQAGXxTSwVwok1kY5+nxPmNLpJSMeRRGywLhUn/t
Qo5yDhQuGe6DMAQ+WSBoG5x3yUmNVqZXLt66lGILGU7vQKgeoP4X294o2nxZIlVu
a/Xm8UqLWSoZjPk6yYYcFd7jeCib1PEs7utMKk8rmmBuOPKovTUMXhsBtNwCc70O
ZeaSczewtZnnx5kf5jPWKj+8F0cV9cFSu5pKenP/oc19kcZ3IEk1SXLxinT4ZOmD
sgXPWjKKas1z6VJ+f4ERO9zWm+phhiCntH/7uoik/KAgBjI9/Jnxg+5U3Z+JV5mp
JtWMzBX09cmoNtd8C4a11zCGkT277F6Ra+3O0STKLbNy9ht1
-----END CERTIFICATE-----
Generated at Mon May 5 05:53:00 2025 by rpki-client