Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa
File: 4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa (raw, json)
Hash identifier: CbV0Mcj6RtyOAQ9MduxkM5cLmda6TvSEmxqcOTUnuos=
Subject key identifier: 90:8F:C7:93:F9:73:74:0C:11:B2:C4:4D:06:70:61:5F:D5:2E:10:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EE11A29B73D7E81DAA77D5F5CA4DEA768DFA315
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa
Signing time: Fri 25 Apr 2025 19:20:59 +0000
ROA not before: Fri 25 Apr 2025 19:20:59 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:e1:1a:29:b7:3d:7e:81:da:a7:7d:5f:5c:a4:de:a7:68:df:a3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:59 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=30231a8a803b42ff6b2c1aa2004d5f5ffac3fd21e5272e816000c7c8e81378eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:af:7d:e2:e2:a9:96:74:03:dc:6d:7b:ea:d3:
c8:52:d1:49:31:68:14:1c:c6:3c:8f:b5:11:3f:fd:
de:3c:71:19:84:c0:bf:eb:a9:02:ea:f8:11:e8:31:
e4:fe:d4:0e:8a:cc:32:e8:b2:7c:99:8f:6e:73:f8:
51:07:d6:90:51:f9:a1:4c:0a:4c:21:2e:d1:1a:c7:
29:be:d4:2b:16:52:8c:8a:78:34:b3:d5:b6:d5:1a:
66:b5:b7:10:35:c7:0d:7a:eb:d0:cc:47:2e:51:26:
41:82:4c:d0:7e:36:48:15:01:78:e6:45:26:a0:1f:
26:92:25:df:0f:5c:f1:7c:9e:6a:16:8e:b1:be:ba:
f3:8f:df:12:30:28:d3:49:73:4c:d0:3e:b2:e0:03:
a0:58:cb:e1:7c:9b:ee:3c:d9:33:68:df:37:60:3b:
f2:25:93:0a:ca:43:7e:1e:03:03:f1:f8:7d:7d:5c:
e8:0c:eb:d6:62:f5:55:c4:fe:7c:ee:65:75:3e:ed:
6e:3c:48:23:2b:ef:d4:91:04:9c:fe:9e:f8:ec:9a:
e3:14:ee:7a:e2:c4:59:c7:2d:c8:a1:d8:16:20:f1:
19:5f:43:7e:d9:1f:be:79:f7:c7:85:48:cf:6b:5d:
3f:7b:03:05:03:41:7b:85:ed:0e:67:2a:72:7f:73:
bc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8F:C7:93:F9:73:74:0C:11:B2:C4:4D:06:70:61:5F:D5:2E:10:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
75:8c:14:c2:c6:a4:05:0b:17:42:fe:91:98:99:c6:1d:ee:49:
b3:8b:64:cd:cf:b7:95:97:16:11:44:e2:94:16:52:94:02:53:
b6:97:7c:2c:be:6d:a4:52:24:f2:d9:d9:69:c6:11:99:c5:6d:
2e:b2:6d:a0:92:e7:3b:05:35:11:7e:ef:c9:f0:c7:0d:6d:b7:
ba:a8:cf:bb:88:45:80:ca:81:85:05:b2:15:42:38:49:d1:b9:
dd:f9:bc:20:b1:e0:a6:99:7d:90:91:4d:ae:ae:3d:13:cd:b6:
10:a2:bf:30:18:40:21:93:2b:ca:b8:a7:d9:b2:ba:81:78:df:
36:31:0b:66:95:3d:af:4a:dc:5c:da:1f:f1:9b:af:25:13:63:
5e:56:74:7d:37:15:64:a9:c9:5b:86:22:98:7c:7e:7c:b7:cd:
8f:a3:a4:ed:cb:96:4d:6a:04:9a:b2:7e:97:a7:ca:f4:3c:22:
9d:e5:48:56:a7:50:d7:a6:bc:27:38:40:8e:c1:14:ea:2a:e9:
03:a7:6c:1b:ba:03:08:2d:39:9c:c8:30:bf:a0:23:2f:21:7e:
43:6d:9c:4f:d6:cc:d7:47:1f:08:25:26:f4:e4:b8:87:4c:af:
a7:84:67:8e:27:a9:ab:28:e5:47:cb:ae:dc:3d:ab:da:35:42:
cc:db:ce:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHuEaKbc9foHap31fXKTep2jfoxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwNTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwMjMxYThhODAzYjQyZmY2YjJjMWFhMjAwNGQ1ZjVmZmFjM2ZkMjFlNTI3
MmU4MTYwMDBjN2M4ZTgxMzc4ZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKavfeLiqZZ0A9xte+rTyFLRSTFoFBzGPI+1ET/93jxxGYTAv+upAur4Eegx
5P7UDorMMuiyfJmPbnP4UQfWkFH5oUwKTCEu0RrHKb7UKxZSjIp4NLPVttUaZrW3
EDXHDXrr0MxHLlEmQYJM0H42SBUBeOZFJqAfJpIl3w9c8XyeahaOsb6684/fEjAo
00lzTNA+suADoFjL4Xyb7jzZM2jfN2A78iWTCspDfh4DA/H4fX1c6Azr1mL1VcT+
fO5ldT7tbjxIIyvv1JEEnP6e+Oya4xTueuLEWcctyKHYFiDxGV9Dftkfvnn3x4VI
z2tdP3sDBQNBe4XtDmcqcn9zvO0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQj8eT
+XN0DBGyxE0GcGFf1S4QNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1MjJiM2EtNDZjMC00ZTVhLTg2OTgtMjFiNDE0MThjOWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtA
MA0GCSqGSIb3DQEBCwUAA4IBAQB1jBTCxqQFCxdC/pGYmcYd7kmzi2TNz7eVlxYR
ROKUFlKUAlO2l3wsvm2kUiTy2dlpxhGZxW0usm2gkuc7BTURfu/J8McNbbe6qM+7
iEWAyoGFBbIVQjhJ0bnd+bwgseCmmX2QkU2urj0TzbYQor8wGEAhkyvKuKfZsrqB
eN82MQtmlT2vStxc2h/xm68lE2NeVnR9NxVkqclbhiKYfH58t82Po6Tty5ZNagSa
sn6Xp8r0PCKd5UhWp1DXprwnOECOwRTqKukDp2wbugMILTmcyDC/oCMvIX5DbZxP
1szXRx8IJSb05LiHTK+nhGeOJ6mrKOVHy67cPavaNULM2852
-----END CERTIFICATE-----
Generated at Mon May 5 05:58:09 2025 by rpki-client