Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98ae6903-6674-49ca-b677-ce1e731619a3.roa
File: 98ae6903-6674-49ca-b677-ce1e731619a3.roa (raw, json)
Hash identifier: CYC4Bg1GjxtlTgB5JSy+cxM7Uo1cWT2PvmYUwRkMAiM=
Subject key identifier: 2F:28:4F:1B:CF:88:FE:83:FE:C7:0A:97:27:76:78:BE:6B:34:97:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04A73953BC25C3A35C816A3F9456AD9D84C55CF2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98ae6903-6674-49ca-b677-ce1e731619a3.roa
Signing time: Tue 29 Apr 2025 14:22:10 +0000
ROA not before: Tue 29 Apr 2025 14:22:10 +0000
ROA not after: Tue 03 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:a7:39:53:bc:25:c3:a3:5c:81:6a:3f:94:56:ad:9d:84:c5:5c:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 29 14:22:10 2025 GMT
Not After : Jun 3 23:59:59 2025 GMT
Subject: serialNumber=707b0a4383dae78f1101ca4e3cae0bcfc144f93609fb4177f35c22702f4abf65, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:67:55:ea:99:d5:ca:ee:e9:36:7d:d6:07:51:
01:31:1a:86:d4:c8:3d:bd:5d:52:17:8b:c0:8d:d4:
8f:93:fa:b5:b8:01:c9:6e:6c:09:98:0f:17:e2:67:
06:b4:93:af:e1:ff:78:04:a6:12:11:b9:7f:f5:b0:
40:ec:40:70:52:66:19:16:3d:c6:cb:05:49:a8:80:
52:21:37:e2:c6:fc:18:80:ca:e3:19:41:1a:8f:ac:
af:ca:60:19:bb:54:d5:2b:a9:23:71:44:a3:1b:28:
7a:ce:ef:10:17:db:26:33:96:fc:e3:04:ef:3c:64:
77:6f:91:85:0b:be:a1:7d:e4:cb:51:f0:57:ee:5a:
2a:ce:e6:b1:2e:4e:cb:a8:70:20:0e:43:46:a5:04:
71:ed:29:15:00:61:7f:03:19:f4:9d:01:c4:2a:57:
e5:81:e6:cd:a3:2d:a3:46:b0:d7:b7:59:18:f8:9e:
2b:cb:d2:58:08:de:66:5e:36:93:26:bd:fd:4e:c1:
70:c4:0e:15:08:91:f9:0d:bd:d7:c3:23:37:7a:39:
e1:b3:16:b1:a2:7f:be:8f:22:8d:d8:b9:f1:cd:26:
50:ff:26:9d:b3:83:52:5d:c4:1d:86:8e:26:68:12:
33:c8:b5:39:61:5f:89:b5:d4:ce:e9:89:04:e8:67:
04:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:28:4F:1B:CF:88:FE:83:FE:C7:0A:97:27:76:78:BE:6B:34:97:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98ae6903-6674-49ca-b677-ce1e731619a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1c00::/38
Signature Algorithm: sha256WithRSAEncryption
82:89:4a:8c:8e:0a:f7:63:f4:61:83:3c:13:06:a5:8a:82:ca:
76:36:dc:cb:7d:cb:37:c4:09:e0:6b:64:0b:9d:0d:1c:2e:c4:
1d:02:f6:0a:01:4a:73:dd:14:7d:b5:08:18:d7:8e:ff:e8:e9:
da:60:10:0d:0b:b5:76:db:9e:09:ef:2e:25:c6:4d:87:7d:30:
d6:88:f7:d8:76:b4:3c:3d:13:b3:50:f9:be:98:7d:21:19:7e:
d3:3e:50:8d:ee:15:a6:93:14:60:29:b2:58:bf:dd:67:89:4b:
45:ec:e8:bd:97:d7:4a:2a:53:71:5a:fc:e7:38:ba:f7:3e:35:
c8:a1:4c:57:47:35:3c:a5:66:9e:68:77:38:77:35:de:98:22:
11:d2:9f:cf:ff:ea:69:2a:b1:16:b1:bc:0d:f8:94:81:d2:a2:
f9:4c:c3:83:fe:8d:05:fc:7f:b0:ea:1a:29:ed:74:16:dd:ad:
13:f0:a8:36:95:f1:99:93:fc:87:93:52:c8:0a:13:2d:e3:00:
55:c9:67:3b:36:ed:25:b4:92:6a:d3:fa:22:7e:4b:b4:46:c5:
e2:cc:77:24:41:3d:c1:34:bf:9a:ae:b6:dd:29:51:2f:f9:e7:
e3:ec:9e:2a:de:d8:dd:c6:be:f3:3c:2c:5c:67:61:46:76:aa:
8c:ce:77:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBKc5U7wlw6NcgWo/lFatnYTFXPIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjkxNDIyMTBaFw0yNTA2MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwN2IwYTQzODNkYWU3OGYxMTAxY2E0ZTNjYWUwYmNmYzE0NGY5MzYwOWZi
NDE3N2YzNWMyMjcwMmY0YWJmNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtnVeqZ1cru6TZ91gdRATEahtTIPb1dUheLwI3Uj5P6tbgByW5sCZgPF+Jn
BrSTr+H/eASmEhG5f/WwQOxAcFJmGRY9xssFSaiAUiE34sb8GIDK4xlBGo+sr8pg
GbtU1SupI3FEoxsoes7vEBfbJjOW/OME7zxkd2+RhQu+oX3ky1HwV+5aKs7msS5O
y6hwIA5DRqUEce0pFQBhfwMZ9J0BxCpX5YHmzaMto0aw17dZGPieK8vSWAjeZl42
kya9/U7BcMQOFQiR+Q2918MjN3o54bMWsaJ/vo8ijdi58c0mUP8mnbODUl3EHYaO
JmgSM8i1OWFfibXUzumJBOhnBAMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvKE8b
z4j+g/7HCpcndni+azSXbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThhZTY5MDMtNjY3NC00OWNhLWI2NzctY2UxZTczMTYxOWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQc
MA0GCSqGSIb3DQEBCwUAA4IBAQCCiUqMjgr3Y/RhgzwTBqWKgsp2NtzLfcs3xAng
a2QLnQ0cLsQdAvYKAUpz3RR9tQgY147/6OnaYBANC7V2254J7y4lxk2HfTDWiPfY
drQ8PROzUPm+mH0hGX7TPlCN7hWmkxRgKbJYv91niUtF7Oi9l9dKKlNxWvznOLr3
PjXIoUxXRzU8pWaeaHc4dzXemCIR0p/P/+ppKrEWsbwN+JSB0qL5TMOD/o0F/H+w
6hop7XQW3a0T8Kg2lfGZk/yHk1LIChMt4wBVyWc7Nu0ltJJq0/oifku0RsXizHck
QT3BNL+arrbdKVEv+efj7J4q3tjdxr7zPCxcZ2FGdqqMzncN
-----END CERTIFICATE-----
Generated at Mon May 5 06:06:30 2025 by rpki-client