Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: rSFKx9zpKoGXPwmF/QEUrIMcxfQkgDmvPYrjY+KWfqA=
Subject key identifier: 2D:5E:D5:3E:74:13:77:7E:A5:4E:9A:23:09:D6:FA:B3:FD:C9:9D:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29D9D3E1B606CBF8B3F63E5CF574A50572008425
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Mon 28 Apr 2025 15:40:59 +0000
ROA not before: Mon 28 Apr 2025 15:40:59 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:d9:d3:e1:b6:06:cb:f8:b3:f6:3e:5c:f5:74:a5:05:72:00:84:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:59 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=b51602d9df95f74dd1d52dd43048aee2511febf6e40d9b3f2bb3383627090d26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4b:6a:5a:e7:8f:d6:f0:05:80:19:ff:d7:13:
3e:69:44:9f:79:38:4b:49:a8:06:5e:99:9b:98:12:
82:47:88:14:2e:4a:0f:30:0a:41:f3:a3:54:7a:7c:
71:41:ad:85:dd:27:4b:3d:e3:27:90:b0:7e:09:49:
cf:f7:25:c2:35:5b:ca:07:8a:a1:8d:e8:cc:f2:94:
cd:4e:a5:9c:98:2d:31:08:94:b3:b7:f3:f7:7a:8b:
5e:c2:be:4f:8d:f3:7d:f4:f4:69:d9:e6:0d:f9:8f:
b0:99:fa:d4:8d:d3:6e:df:d5:67:73:d7:31:51:81:
05:a8:ac:f4:19:66:44:db:8f:2f:28:56:92:59:d0:
0e:e5:a2:54:71:ec:84:df:f3:9a:7b:cc:11:19:71:
b5:e7:25:01:5a:fd:83:f2:6b:7a:06:89:0c:05:d3:
26:30:89:dd:2c:eb:c7:a6:ac:f1:a8:7c:1c:ad:cd:
c5:98:f3:21:39:b4:8e:6b:be:4b:37:af:12:b2:c9:
3a:5b:82:69:6f:bd:3e:da:07:c0:47:61:da:3b:7f:
74:b7:43:7d:4d:28:51:57:d3:7f:d3:61:dc:29:c6:
70:d0:27:0a:a5:77:22:36:a9:79:1e:e1:e2:4d:2f:
28:ae:d5:0c:1e:f5:4d:71:66:38:ea:96:d8:ce:55:
93:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:5E:D5:3E:74:13:77:7E:A5:4E:9A:23:09:D6:FA:B3:FD:C9:9D:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
33:0f:29:2d:3c:89:e1:69:b8:f3:6f:d6:3d:82:e9:d9:41:44:
fa:1c:6d:7e:38:40:5c:e1:7d:e5:f6:9f:34:50:00:18:3d:b3:
05:07:27:64:b9:01:fa:b0:20:7f:5d:bb:08:8c:9b:6c:71:91:
b8:59:af:7a:57:2a:8d:72:10:23:68:e1:ea:6f:52:68:f6:9f:
5e:34:bf:9c:ac:0c:02:37:a4:0f:31:ba:5f:7f:ef:22:d5:9a:
f8:6c:68:c1:db:7a:21:55:8a:db:46:22:ee:92:77:3b:fd:c2:
eb:94:89:31:ca:66:dd:b7:4d:4c:11:b9:4b:6c:63:66:5a:3d:
5a:7c:7f:f0:ed:e3:72:c5:89:7d:d3:c2:53:76:9e:9e:1d:45:
9a:50:76:21:c1:69:1f:c2:13:ea:62:f4:38:73:e5:23:9f:ce:
21:3f:5d:ee:a1:c4:bf:64:3b:67:23:f2:55:a0:b9:42:47:0d:
b8:ff:6b:b7:22:33:77:af:60:6b:2d:e2:ac:d2:b1:3d:93:e7:
90:59:8c:fb:7f:54:e2:e8:60:a3:be:60:38:84:12:8b:53:ef:
e3:20:7d:fb:c1:68:2a:24:95:fc:2b:7a:b2:94:0a:9f:fa:58:
85:63:e2:f5:d8:fc:75:de:fc:6d:fe:ac:21:ee:7a:7b:9e:c2:
73:05:f5:08
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKdnT4bYGy/iz9j5c9XSlBXIAhCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwNTlaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1MTYwMmQ5ZGY5NWY3NGRkMWQ1MmRkNDMwNDhhZWUyNTExZmViZjZlNDBk
OWIzZjJiYjMzODM2MjcwOTBkMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRLalrnj9bwBYAZ/9cTPmlEn3k4S0moBl6Zm5gSgkeIFC5KDzAKQfOjVHp8
cUGthd0nSz3jJ5CwfglJz/clwjVbygeKoY3ozPKUzU6lnJgtMQiUs7fz93qLXsK+
T43zffT0adnmDfmPsJn61I3Tbt/VZ3PXMVGBBais9BlmRNuPLyhWklnQDuWiVHHs
hN/zmnvMERlxteclAVr9g/JregaJDAXTJjCJ3Szrx6as8ah8HK3NxZjzITm0jmu+
SzevErLJOluCaW+9PtoHwEdh2jt/dLdDfU0oUVfTf9Nh3CnGcNAnCqV3IjapeR7h
4k0vKK7VDB71TXFmOOqW2M5Vk8cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQtXtU+
dBN3fqVOmiMJ1vqz/cmdxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAzDyktPInhabjzb9Y9gunZQUT6HG1+OEBc4X3l
9p80UAAYPbMFBydkuQH6sCB/XbsIjJtscZG4Wa96VyqNchAjaOHqb1Jo9p9eNL+c
rAwCN6QPMbpff+8i1Zr4bGjB23ohVYrbRiLuknc7/cLrlIkxymbdt01MEblLbGNm
Wj1afH/w7eNyxYl908JTdp6eHUWaUHYhwWkfwhPqYvQ4c+Ujn84hP13uocS/ZDtn
I/JVoLlCRw24/2u3IjN3r2BrLeKs0rE9k+eQWYz7f1Ti6GCjvmA4hBKLU+/jIH37
wWgqJJX8K3qylAqf+liFY+L12Px13vxt/qwh7np7nsJzBfUI
-----END CERTIFICATE-----
Generated at Mon May 5 05:53:08 2025 by rpki-client