Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa
File: 4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa (raw, json)
Hash identifier: ugt5oMlkwfHlTuRDX5zDziUFewfNBuRLuPNmcvbdwUo=
Subject key identifier: 0F:62:53:E1:67:2B:CB:B2:F7:FB:DC:2C:E5:A9:B1:86:9E:52:56:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B8957A01444EF5C320AB3C66C38F9682D909FB1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa
Signing time: Mon 28 Apr 2025 15:40:04 +0000
ROA not before: Mon 28 Apr 2025 15:40:04 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:89:57:a0:14:44:ef:5c:32:0a:b3:c6:6c:38:f9:68:2d:90:9f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:04 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=4a77f210f5899957aa28ffc69e1d353d89c9582164f2deccc004b6b5315f5bc9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:46:3f:e8:09:f8:ab:1d:67:3a:32:d6:3c:59:
c3:a8:a3:27:6a:9d:d0:d7:bd:16:38:91:56:4f:42:
c1:d4:6b:d4:a3:a0:b5:14:17:bc:2e:91:fc:4f:a3:
b6:ee:0e:4d:96:36:ac:b2:12:ba:b0:a4:12:92:9b:
e5:db:46:d3:d7:59:87:76:60:ae:6e:77:fb:20:65:
8d:12:d4:14:4e:15:b1:fb:d8:6d:70:bc:10:c7:ca:
8a:be:b1:4d:d3:13:8e:5a:4f:23:c0:17:b4:84:a9:
41:36:8b:8b:b4:46:be:9c:80:d9:4e:f1:e4:36:d1:
49:53:e6:3b:3c:e2:51:71:a8:25:5a:e9:e8:c9:4e:
26:f9:21:6f:65:b0:59:46:c2:be:bf:8c:10:d4:c5:
e2:82:75:75:0f:e0:b3:ce:98:6d:a4:f4:95:2c:50:
b8:05:7b:1b:f6:ee:5d:d6:4c:c0:3d:f8:a9:85:22:
8c:c0:88:b9:e0:37:02:b8:8a:95:f5:c0:8f:70:13:
35:93:31:13:fb:7f:96:3e:0b:cf:f2:b5:01:4d:ff:
fa:1c:7f:29:13:4f:8f:6d:8a:de:c0:ec:11:4b:84:
55:9c:09:ee:f7:23:a7:5d:96:77:a4:f1:b2:f8:c6:
97:6d:9e:af:74:6e:5d:fc:d3:66:96:46:7e:be:aa:
2d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:62:53:E1:67:2B:CB:B2:F7:FB:DC:2C:E5:A9:B1:86:9E:52:56:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
37:f5:b8:d1:10:3f:04:b2:07:11:62:12:f2:b5:88:b7:52:f7:
34:34:3e:5c:0d:04:bd:ae:31:92:c6:3f:59:54:8a:9f:8f:9d:
92:17:dc:7d:32:76:a3:a2:d6:c8:83:96:86:11:88:0a:e3:90:
e1:97:bc:2a:99:26:bc:a9:f9:66:51:b8:85:52:05:93:60:9c:
00:aa:85:ef:60:db:5d:34:5b:97:ab:b8:19:44:73:c8:a6:ea:
1b:49:8a:0e:a6:13:6a:79:88:31:dc:27:0e:7c:59:a4:72:ea:
e1:59:35:e1:29:aa:9b:3d:21:3b:fa:87:62:4d:cc:dd:b4:35:
6d:3e:2c:9d:7c:71:74:d3:9c:e6:a8:1c:1f:7f:c9:58:e9:52:
bc:e0:9c:2a:f3:18:05:3a:32:17:76:f0:f3:07:d4:c9:9d:82:
35:c9:89:87:26:94:04:56:8b:3f:47:ce:55:1e:0a:38:99:83:
97:81:88:35:a0:45:f3:39:12:d0:79:18:76:46:3f:97:77:29:
ab:8d:67:c2:c3:77:50:99:4e:b9:8c:a6:ed:41:fe:32:c4:2a:
93:77:2a:64:29:ad:28:0e:e6:41:72:a4:32:08:82:b8:ba:86:
87:08:97:bf:d5:29:54:5e:79:61:d7:e8:33:b9:16:20:61:42:
ab:18:02:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC4lXoBRE71wyCrPGbDj5aC2Qn7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMDRaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNzdmMjEwZjU4OTk5NTdhYTI4ZmZjNjllMWQzNTNkODljOTU4MjE2NGYy
ZGVjY2MwMDRiNmI1MzE1ZjViYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOlGP+gJ+KsdZzoy1jxZw6ijJ2qd0Ne9FjiRVk9CwdRr1KOgtRQXvC6R/E+j
tu4OTZY2rLISurCkEpKb5dtG09dZh3Zgrm53+yBljRLUFE4VsfvYbXC8EMfKir6x
TdMTjlpPI8AXtISpQTaLi7RGvpyA2U7x5DbRSVPmOzziUXGoJVrp6MlOJvkhb2Ww
WUbCvr+MENTF4oJ1dQ/gs86YbaT0lSxQuAV7G/buXdZMwD34qYUijMCIueA3AriK
lfXAj3ATNZMxE/t/lj4Lz/K1AU3/+hx/KRNPj22K3sDsEUuEVZwJ7vcjp12Wd6Tx
svjGl22er3RuXfzTZpZGfr6qLeECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPYlPh
ZyvLsvf73CzlqbGGnlJW8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGUwY2JiMTUtM2NiNy00NDliLTk1M2EtYjQwOTQ5YmRjMzJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA39bjRED8EsgcRYhLytYi3Uvc0ND5cDQS9rjGS
xj9ZVIqfj52SF9x9MnajotbIg5aGEYgK45Dhl7wqmSa8qflmUbiFUgWTYJwAqoXv
YNtdNFuXq7gZRHPIpuobSYoOphNqeYgx3CcOfFmkcurhWTXhKaqbPSE7+odiTczd
tDVtPiydfHF005zmqBwff8lY6VK84Jwq8xgFOjIXdvDzB9TJnYI1yYmHJpQEVos/
R85VHgo4mYOXgYg1oEXzORLQeRh2Rj+XdymrjWfCw3dQmU65jKbtQf4yxCqTdypk
Ka0oDuZBcqQyCIK4uoaHCJe/1SlUXnlh1+gzuRYgYUKrGAIN
-----END CERTIFICATE-----
Generated at Mon May 5 23:31:29 2025 by rpki-client