Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
File: 5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa (raw, json)
Hash identifier: qdgZisQtFTtz97dB5q5XDScEa9GCNzWWXtZD2yr1iaA=
Subject key identifier: 6B:FD:7C:D7:55:C1:AA:9D:9A:4B:B6:0D:0C:EC:36:37:EB:1F:41:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 178DEB4A42373050010935E81A925D3BE0D1AD05
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
Signing time: Wed 30 Apr 2025 00:10:12 +0000
ROA not before: Wed 30 Apr 2025 00:10:12 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:8d:eb:4a:42:37:30:50:01:09:35:e8:1a:92:5d:3b:e0:d1:ad:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 30 00:10:12 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=a1bd7af2042abb8648e9e5a88b3030e78030a8034791a4a94b84d26778c2299b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5c:76:35:a2:42:20:b5:e4:80:56:f8:0f:0a:
51:e0:d9:a2:ba:c1:a9:65:81:d5:cd:f0:88:b7:6b:
1f:ed:c4:00:db:94:38:b6:31:9c:6a:00:d3:49:aa:
58:89:ee:8d:e1:2c:9a:d0:e9:1f:cd:0f:e0:cb:8f:
ed:2c:fc:cd:8b:be:f3:fc:e2:6e:7d:28:b0:10:2b:
5e:e8:04:66:62:8a:07:6c:c3:70:bf:53:9b:98:fb:
01:74:ac:6a:c5:ea:54:93:e7:5a:8a:5f:dc:e6:87:
c3:44:e1:dc:59:19:99:84:b7:88:39:16:87:18:b2:
56:01:e0:03:fd:75:7a:e0:69:09:a4:8c:45:ed:0c:
5a:3b:5f:a0:1c:12:c9:6d:55:bd:74:3b:6e:29:67:
51:6c:76:90:a5:f7:5f:8d:e3:53:0f:d3:9c:b0:f8:
38:e0:ed:d1:b2:27:fb:21:2f:f1:3b:63:9b:d6:25:
11:ad:b4:6e:1f:e7:e6:cd:f8:2b:3f:03:e4:54:cd:
21:32:ed:b6:68:42:a9:4c:72:20:f4:5f:31:63:75:
37:de:e8:42:cc:09:85:0d:db:55:16:46:92:e6:66:
20:42:e3:73:18:ad:50:70:37:cf:de:61:26:03:f9:
93:37:86:ef:82:e5:b1:58:f8:f6:50:fb:dd:75:d9:
61:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:FD:7C:D7:55:C1:AA:9D:9A:4B:B6:0D:0C:EC:36:37:EB:1F:41:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f:800::/37
Signature Algorithm: sha256WithRSAEncryption
83:7c:55:33:e7:7c:fe:50:f4:45:72:d1:fa:b1:87:13:d6:33:
62:d0:16:8b:18:88:5f:f8:f0:ac:5b:4f:db:c9:cd:d5:90:4e:
b8:97:b4:7e:f8:5a:a9:0c:58:46:13:b2:f8:ce:aa:75:ec:65:
2d:5e:b9:af:26:47:b3:ab:dd:bd:33:eb:45:b0:36:29:41:2a:
d2:9a:d4:2c:a2:c3:dd:df:f8:ec:33:44:20:bc:04:63:19:50:
9a:46:f4:f2:e4:d1:75:af:ec:9c:bc:ee:9e:9b:15:a6:d3:3e:
10:c5:2e:85:3b:80:59:5d:a4:25:28:08:fa:37:8a:a4:2a:a3:
11:20:ef:ff:6a:d0:de:c2:5b:71:72:da:63:39:33:9e:50:44:
7d:a7:7e:e7:e3:a6:58:19:0a:7d:54:c6:6b:40:1b:ae:14:4e:
7f:07:c2:fd:bc:28:bf:23:19:a5:56:70:ba:47:27:3e:fd:32:
fd:b7:ae:17:81:3e:9c:5e:1a:d8:0f:e0:e4:6f:2d:bd:41:15:
8d:52:23:e3:66:26:28:50:4a:7e:5b:34:55:15:db:14:04:86:
a4:50:82:10:a9:17:d7:7c:9e:89:27:ea:07:c7:bf:de:09:c1:
80:82:6a:1f:f5:4a:a5:8d:fd:f0:f7:16:14:f0:29:3d:d6:4e:
87:d7:67:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF43rSkI3MFABCTXoGpJdO+DRrQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MzAwMDEwMTJaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGExYmQ3YWYyMDQyYWJiODY0OGU5ZTVhODhiMzAzMGU3ODAzMGE4MDM0Nzkx
YTRhOTRiODRkMjY3NzhjMjI5OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtcdjWiQiC15IBW+A8KUeDZorrBqWWB1c3wiLdrH+3EANuUOLYxnGoA00mq
WInujeEsmtDpH80P4MuP7Sz8zYu+8/zibn0osBArXugEZmKKB2zDcL9Tm5j7AXSs
asXqVJPnWopf3OaHw0Th3FkZmYS3iDkWhxiyVgHgA/11euBpCaSMRe0MWjtfoBwS
yW1VvXQ7bilnUWx2kKX3X43jUw/TnLD4OODt0bIn+yEv8Ttjm9YlEa20bh/n5s34
Kz8D5FTNITLttmhCqUxyIPRfMWN1N97oQswJhQ3bVRZGkuZmIELjcxitUHA3z95h
JgP5kzeG74LlsVj49lD73XXZYRUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRr/XzX
VcGqnZpLtg0M7DY36x9BSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTIzOGMxM2YtYjJhNS00M2Q5LTk2MjQtZDJlNzE0YTliZjUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0C8I
MA0GCSqGSIb3DQEBCwUAA4IBAQCDfFUz53z+UPRFctH6sYcT1jNi0BaLGIhf+PCs
W0/byc3VkE64l7R++FqpDFhGE7L4zqp17GUtXrmvJkezq929M+tFsDYpQSrSmtQs
osPd3/jsM0QgvARjGVCaRvTy5NF1r+ycvO6emxWm0z4QxS6FO4BZXaQlKAj6N4qk
KqMRIO//atDewltxctpjOTOeUER9p37n46ZYGQp9VMZrQBuuFE5/B8L9vCi/Ixml
VnC6Ryc+/TL9t64XgT6cXhrYD+Dkby29QRWNUiPjZiYoUEp+WzRVFdsUBIakUIIQ
qRfXfJ6JJ+oHx7/eCcGAgmof9Uqljf3w9xYU8Ck91k6H12ff
-----END CERTIFICATE-----
Generated at Tue May 6 13:49:51 2025 by rpki-client