Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
File: 57b964c4-07ca-4501-bd01-5cb8936846cc.roa (raw, json)
Hash identifier: JR+rPxp1PJr+AfawTYX9DCABjJy4dqq9KR/QGax5SnI=
Subject key identifier: 3B:18:87:3E:FC:9E:51:BC:37:16:BD:B2:F8:99:74:01:48:AE:12:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AFEFC9EA9DC0F6D53F027A9C9A45F0CBC972C2F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
Signing time: Mon 28 Apr 2025 15:40:05 +0000
ROA not before: Mon 28 Apr 2025 15:40:05 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:fe:fc:9e:a9:dc:0f:6d:53:f0:27:a9:c9:a4:5f:0c:bc:97:2c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:05 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=49699223e5bd0fd610497c29950a4a341ca4607e92c7db69dc6afb577992d9ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:83:80:c9:3b:e4:96:2a:a2:29:cb:46:c5:a2:
be:6f:bd:26:22:b4:14:bb:e8:68:e5:57:27:c2:64:
9d:db:5c:ad:d6:be:3b:8c:14:bc:94:d3:f1:e5:e9:
5f:07:2b:06:40:da:2f:6e:5a:40:b5:7e:ff:94:95:
0d:a6:fd:9f:7a:03:bd:7b:58:ad:2f:7d:46:c8:2f:
a2:03:7f:7d:23:b1:9f:eb:48:21:32:3c:b7:10:47:
8d:71:3a:44:2e:4f:65:84:f7:d1:86:e5:f8:e0:c6:
fa:be:c0:7f:53:c3:89:2b:45:64:50:b0:c5:46:6e:
6a:45:da:38:5b:10:2e:6a:73:e9:94:5c:ef:12:16:
d2:eb:84:3d:58:86:45:f1:87:2c:e8:77:11:5e:35:
02:f2:90:0e:e4:fe:36:b7:45:57:11:ba:f9:6e:41:
d4:41:96:2f:ff:d9:72:3f:eb:b4:ed:0f:3a:e0:44:
ed:c3:76:f5:4b:f4:96:43:3d:cb:01:4f:14:9b:fd:
b5:bf:4c:8b:01:cc:29:1b:54:6d:8e:f0:30:0b:79:
68:a6:ec:ea:e0:78:17:4a:42:dd:ba:b2:66:b7:29:
81:4f:0c:97:76:f5:10:f9:91:1b:d6:4f:26:d2:95:
08:4a:53:c6:34:d6:0b:15:f6:08:1c:01:88:90:70:
15:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:18:87:3E:FC:9E:51:BC:37:16:BD:B2:F8:99:74:01:48:AE:12:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:1a:4c:c1:cc:31:1d:67:81:d5:05:b5:c8:da:a2:d6:73:15:
4d:f6:c8:12:c2:8b:1b:79:4e:2f:09:97:63:e9:e7:a4:ba:24:
0b:df:09:da:c3:fd:6d:a0:84:d5:57:39:7f:ce:2d:c4:7c:2b:
02:65:3c:f2:29:f1:d8:65:9d:16:77:e9:bd:09:b3:3d:f2:4a:
60:4b:a1:0a:6b:f6:7c:4a:5e:5c:ba:47:ac:83:fb:88:13:e1:
d1:34:6c:29:c7:55:25:da:35:17:b4:ac:ab:43:33:49:b2:03:
c5:d0:8e:72:0f:ab:c8:f5:da:a2:ec:07:60:f7:89:a2:f8:8d:
3f:c3:12:2b:cd:4e:73:9f:bb:57:ea:22:20:6e:6e:5f:09:fc:
e3:a2:22:0a:fd:50:34:84:ba:f7:d3:92:f1:f3:4a:65:7f:ab:
02:3a:47:8f:2f:41:b6:81:ee:f9:37:ce:f9:6b:38:c4:94:fc:
a8:3c:0e:79:18:45:a0:e6:85:dc:2d:4d:fd:dd:73:a7:c1:e7:
89:77:a2:ac:ae:d8:9e:58:66:ed:11:74:d8:aa:35:ca:9c:76:
f4:91:5c:26:7e:95:e9:a4:38:f5:18:38:33:14:51:d2:1f:a8:
b3:a0:77:0a:66:cd:7e:ed:ba:67:58:04:cb:94:3a:d2:88:8c:
e5:14:1c:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKv78nqncD21T8CepyaRfDLyXLC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMDVaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5Njk5MjIzZTViZDBmZDYxMDQ5N2MyOTk1MGE0YTM0MWNhNDYwN2U5MmM3
ZGI2OWRjNmFmYjU3Nzk5MmQ5ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWDgMk75JYqoinLRsWivm+9JiK0FLvoaOVXJ8Jkndtcrda+O4wUvJTT8eXp
XwcrBkDaL25aQLV+/5SVDab9n3oDvXtYrS99RsgvogN/fSOxn+tIITI8txBHjXE6
RC5PZYT30Ybl+ODG+r7Af1PDiStFZFCwxUZuakXaOFsQLmpz6ZRc7xIW0uuEPViG
RfGHLOh3EV41AvKQDuT+NrdFVxG6+W5B1EGWL//Zcj/rtO0POuBE7cN29Uv0lkM9
ywFPFJv9tb9MiwHMKRtUbY7wMAt5aKbs6uB4F0pC3bqyZrcpgU8Ml3b1EPmRG9ZP
JtKVCEpTxjTWCxX2CBwBiJBwFdECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ7GIc+
/J5RvDcWvbL4mXQBSK4SGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdiOTY0YzQtMDdjYS00NTAxLWJkMDEtNWNiODkzNjg0NmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQDHGkzBzDEdZ4HVBbXI2qLWcxVN9sgSwosbeU4v
CZdj6eekuiQL3wnaw/1toITVVzl/zi3EfCsCZTzyKfHYZZ0Wd+m9CbM98kpgS6EK
a/Z8Sl5cukesg/uIE+HRNGwpx1Ul2jUXtKyrQzNJsgPF0I5yD6vI9dqi7Adg94mi
+I0/wxIrzU5zn7tX6iIgbm5fCfzjoiIK/VA0hLr305Lx80plf6sCOkePL0G2ge75
N875azjElPyoPA55GEWg5oXcLU393XOnweeJd6KsrtieWGbtEXTYqjXKnHb0kVwm
fpXppDj1GDgzFFHSH6izoHcKZs1+7bpnWATLlDrSiIzlFBwv
-----END CERTIFICATE-----
Generated at Mon May 5 10:39:16 2025 by rpki-client