Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
File: 541034be-1844-4bf7-9c43-91bf5b83fa3d.roa (raw, json)
Hash identifier: MJpnEfHRx6Q5ZJQ28tlIDYA9uKWLX7lWXwbYHfC2x3I=
Subject key identifier: AE:D8:92:FB:22:B1:43:8E:8E:5C:20:28:D1:6D:02:78:85:1A:D9:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47EDD1E3F593700166D1F6ED3F8A2F30459BF50C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
Signing time: Tue 15 Apr 2025 15:01:01 +0000
ROA not before: Tue 15 Apr 2025 15:01:01 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ed:d1:e3:f5:93:70:01:66:d1:f6:ed:3f:8a:2f:30:45:9b:f5:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:01 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=53b6f9143549a4f10e719188e3db5b6ec0b8d717014eefe2ee978513f0adaec6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2f:19:a1:76:29:54:2c:e7:08:a9:87:72:f2:
ae:62:dd:fe:7a:d2:96:da:e2:10:f6:25:a4:1b:b3:
e6:a2:b6:6e:5c:4a:77:b2:6e:28:9b:54:c8:5c:98:
d8:89:25:77:d3:9d:b9:61:17:33:a9:aa:59:6c:a7:
da:ac:04:82:dc:1d:7a:df:e7:49:ee:56:2e:0f:b0:
06:cd:b6:eb:24:7d:31:ca:1a:0e:88:21:1f:93:a1:
fa:64:c3:28:ca:f9:1d:49:cf:6b:a3:ac:22:0b:3a:
da:ae:20:ae:ab:fb:fb:d5:cb:29:f6:ce:5e:a0:a3:
77:37:30:ab:87:18:f0:a7:f9:c3:b4:2f:41:aa:c9:
fe:98:e1:5b:28:dc:3e:79:c1:8f:e7:6e:d2:f0:d2:
83:a9:e0:e2:86:46:2d:ef:62:db:b7:10:48:16:58:
5e:d8:3e:e6:e3:b7:74:08:4e:e6:74:45:4a:26:a3:
3d:e5:69:ad:ca:b4:73:2b:bd:76:26:9e:1c:9f:a1:
b2:e1:be:e4:59:12:b8:09:42:42:db:26:da:be:d0:
0b:65:62:45:33:e4:f3:b0:a2:39:fa:65:14:ea:25:
48:f5:20:58:50:2d:5e:01:fd:27:41:19:20:43:2a:
68:b1:85:31:e8:6a:b3:78:3f:5c:92:bf:f1:57:38:
11:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D8:92:FB:22:B1:43:8E:8E:5C:20:28:D1:6D:02:78:85:1A:D9:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/40
Signature Algorithm: sha256WithRSAEncryption
45:7b:f6:d2:68:ee:6a:f1:9d:78:21:a2:51:ee:bc:1a:e3:d3:
7a:2c:37:27:1c:2f:b3:c4:43:82:90:ff:5a:18:9b:43:41:dc:
ca:a4:7d:ee:63:fc:77:f0:21:56:bb:2f:7a:4c:97:48:87:2e:
8f:06:dd:12:61:b2:c6:e5:ec:75:b1:97:ac:65:94:33:88:65:
e1:b6:af:fa:c5:28:00:9b:76:ad:b6:4b:45:c1:68:0a:72:34:
d6:b6:95:3c:df:76:4d:a9:78:45:2c:58:bc:7d:57:ee:93:64:
a3:ee:56:c2:98:8a:26:06:37:cc:c4:1b:0d:b2:88:06:0a:21:
7c:d2:43:68:5c:54:28:af:2c:d6:ec:b9:f7:ef:0d:88:cf:7f:
22:ea:2b:f7:0b:68:57:08:67:5a:f1:9f:2d:65:ca:b9:48:30:
ae:47:95:e2:80:b7:de:69:4c:60:11:df:07:d4:f9:0a:7a:3a:
0a:34:1c:be:6f:2a:f3:ff:ff:6c:50:9d:2f:74:2d:4d:ad:8b:
70:94:38:cd:86:b6:dc:18:4c:4d:22:07:1b:27:48:7e:82:22:
5d:f3:88:17:d1:35:64:c6:1d:50:78:23:39:3d:e2:35:19:e7:
53:97:b2:64:b4:9a:ac:70:70:0e:8c:e1:48:78:d0:ea:f1:f0:
2d:24:de:34
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR+3R4/WTcAFm0fbtP4ovMEWb9QwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMDFaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzYjZmOTE0MzU0OWE0ZjEwZTcxOTE4OGUzZGI1YjZlYzBiOGQ3MTcwMTRl
ZWZlMmVlOTc4NTEzZjBhZGFlYzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAvGaF2KVQs5wiph3LyrmLd/nrSltriEPYlpBuz5qK2blxKd7JuKJtUyFyY
2Ikld9OduWEXM6mqWWyn2qwEgtwdet/nSe5WLg+wBs226yR9McoaDoghH5Oh+mTD
KMr5HUnPa6OsIgs62q4grqv7+9XLKfbOXqCjdzcwq4cY8Kf5w7QvQarJ/pjhWyjc
PnnBj+du0vDSg6ng4oZGLe9i27cQSBZYXtg+5uO3dAhO5nRFSiajPeVprcq0cyu9
diaeHJ+hsuG+5FkSuAlCQtsm2r7QC2ViRTPk87CiOfplFOolSPUgWFAtXgH9J0EZ
IEMqaLGFMehqs3g/XJK/8Vc4Ee8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSu2JL7
IrFDjo5cICjRbQJ4hRrZCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQxMDM0YmUtMTg0NC00YmY3LTljNDMtOTFiZjViODNmYTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaA
MA0GCSqGSIb3DQEBCwUAA4IBAQBFe/bSaO5q8Z14IaJR7rwa49N6LDcnHC+zxEOC
kP9aGJtDQdzKpH3uY/x38CFWuy96TJdIhy6PBt0SYbLG5ex1sZesZZQziGXhtq/6
xSgAm3attktFwWgKcjTWtpU833ZNqXhFLFi8fVfuk2Sj7lbCmIomBjfMxBsNsogG
CiF80kNoXFQoryzW7Ln37w2Iz38i6iv3C2hXCGda8Z8tZcq5SDCuR5XigLfeaUxg
Ed8H1PkKejoKNBy+byrz//9sUJ0vdC1NrYtwlDjNhrbcGExNIgcbJ0h+giJd84gX
0TVkxh1QeCM5PeI1GedTl7JktJqscHAOjOFIeNDq8fAtJN40
-----END CERTIFICATE-----
Generated at Mon May 5 13:25:36 2025 by rpki-client