Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/548c7809-c2c8-4bf5-a33c-448c8e554df7.roa
File: 548c7809-c2c8-4bf5-a33c-448c8e554df7.roa (raw, json)
Hash identifier: w9TITCqS56WfToKg7yPmzN/1iRu7x/SlDWpT837c7NM=
Subject key identifier: D3:09:64:D7:1C:32:A7:D8:95:AD:06:9A:64:07:C9:40:D8:DF:C0:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 694E1CB0B8DAFD7687A794D260212CE3D58D4DF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/548c7809-c2c8-4bf5-a33c-448c8e554df7.roa
Signing time: Fri 25 Apr 2025 18:40:55 +0000
ROA not before: Fri 25 Apr 2025 18:40:55 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:4e:1c:b0:b8:da:fd:76:87:a7:94:d2:60:21:2c:e3:d5:8d:4d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:55 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2e8a2db3cef4997b25c1a807b3353ba08ebc52fbc4b9c755f86d26fe30da0f24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9e:d0:0c:a2:5d:31:5f:3b:ae:59:c5:44:47:
f2:8c:ca:0a:ec:10:ee:82:57:73:2b:01:0f:16:96:
61:57:d8:e8:93:78:7d:6b:86:6e:3a:6d:8c:d5:c7:
98:42:d0:ef:14:8f:90:63:1f:fa:c1:52:a7:14:3e:
c2:ac:ae:47:2f:45:2d:ae:e9:73:ef:40:ec:87:d0:
52:9e:ea:6f:03:87:e7:8b:5a:d5:9f:41:46:ef:87:
5d:49:75:f8:f2:48:ca:81:7b:0a:ab:ac:e0:f5:a4:
03:95:2b:74:48:70:c0:fc:ac:77:af:92:9b:df:e3:
4e:79:aa:96:c8:5b:7a:fb:65:cf:ef:e2:87:35:58:
fe:ce:52:69:95:8d:c9:a4:f4:cc:1d:7f:7a:6b:06:
87:90:ea:5b:99:7f:31:27:49:4d:36:6d:ef:5b:13:
89:27:19:0b:58:c7:a9:3e:28:fd:1c:73:5a:fd:9b:
9e:01:3f:cb:9d:2c:d7:1b:a3:e3:de:7e:3f:78:40:
bf:6f:16:ec:4a:d4:42:5d:c7:bc:ec:9b:64:76:eb:
a9:4e:9e:aa:9c:f0:bb:2d:e7:b6:1c:90:22:71:90:
20:3d:3b:1a:88:a0:97:76:59:e4:86:0d:2f:6c:10:
71:36:a9:b3:c0:34:8d:b3:08:7e:94:ae:10:f7:d5:
43:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:09:64:D7:1C:32:A7:D8:95:AD:06:9A:64:07:C9:40:D8:DF:C0:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/548c7809-c2c8-4bf5-a33c-448c8e554df7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
ac:2c:3e:de:8a:70:14:7f:4f:15:fd:bd:f6:52:71:88:76:2e:
1c:85:02:e6:7a:78:aa:a6:b8:48:81:96:5c:a7:01:e7:8b:4d:
33:0f:63:4a:10:af:e1:c7:f3:d2:03:00:f4:53:e9:ca:5f:8d:
78:c3:5d:e1:71:a3:90:3c:78:74:dd:7f:2f:6d:55:fb:5b:aa:
31:21:74:ae:78:1f:0f:8e:34:fd:a9:75:95:41:59:8d:93:b2:
8e:75:6b:39:4b:94:0a:a3:e8:3f:9c:73:1c:5f:0b:87:cc:9e:
c4:8c:b5:7a:13:af:c5:ea:45:bd:f4:37:00:6f:69:2f:08:e3:
2c:5d:f7:31:63:fb:88:23:1c:da:9b:d5:5a:c1:62:ba:30:d6:
62:93:9a:33:25:ad:de:f8:3e:23:7f:13:87:03:63:58:8e:c9:
f0:b8:3d:d5:9e:0a:e3:61:44:06:9e:e8:92:da:98:c5:2e:7e:
ff:62:dc:51:0d:96:c5:d5:e6:d3:46:b1:1a:b3:52:18:8c:6d:
74:70:7c:6b:34:40:5e:44:24:23:f0:de:d8:93:8f:0f:93:46:
14:ba:e2:c3:33:39:4a:34:87:12:c8:35:0e:7e:fe:d1:c8:3f:
0c:d3:8e:83:1b:2a:96:33:04:2b:b1:f8:46:f6:a3:fc:a1:9a:
8f:eb:4c:91
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaU4csLja/XaHp5TSYCEs49WNTfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwNTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlOGEyZGIzY2VmNDk5N2IyNWMxYTgwN2IzMzUzYmEwOGViYzUyZmJjNGI5
Yzc1NWY4NmQyNmZlMzBkYTBmMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMae0AyiXTFfO65ZxURH8ozKCuwQ7oJXcysBDxaWYVfY6JN4fWuGbjptjNXH
mELQ7xSPkGMf+sFSpxQ+wqyuRy9FLa7pc+9A7IfQUp7qbwOH54ta1Z9BRu+HXUl1
+PJIyoF7Cqus4PWkA5UrdEhwwPysd6+Sm9/jTnmqlshbevtlz+/ihzVY/s5SaZWN
yaT0zB1/emsGh5DqW5l/MSdJTTZt71sTiScZC1jHqT4o/RxzWv2bngE/y50s1xuj
495+P3hAv28W7ErUQl3HvOybZHbrqU6eqpzwuy3nthyQInGQID07Goigl3ZZ5IYN
L2wQcTaps8A0jbMIfpSuEPfVQw8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTTCWTX
HDKn2JWtBppkB8lA2N/ALzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ4Yzc4MDktYzJjOC00YmY1LWEzM2MtNDQ4YzhlNTU0ZGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSQ
wDANBgkqhkiG9w0BAQsFAAOCAQEArCw+3opwFH9PFf299lJxiHYuHIUC5np4qqa4
SIGWXKcB54tNMw9jShCv4cfz0gMA9FPpyl+NeMNd4XGjkDx4dN1/L21V+1uqMSF0
rngfD440/al1lUFZjZOyjnVrOUuUCqPoP5xzHF8Lh8yexIy1ehOvxepFvfQ3AG9p
LwjjLF33MWP7iCMc2pvVWsFiujDWYpOaMyWt3vg+I38ThwNjWI7J8Lg91Z4K42FE
Bp7oktqYxS5+/2LcUQ2WxdXm00axGrNSGIxtdHB8azRAXkQkI/De2JOPD5NGFLri
wzM5SjSHEsg1Dn7+0cg/DNOOgxsqljMEK7H4Rvaj/KGaj+tMkQ==
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:17 2025 by rpki-client