Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
File: a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa (raw, json)
Hash identifier: 61sSxAzg7BQ7fVLPFzGt9jQvDs8lf31WIj4kipDOzH4=
Subject key identifier: 0B:F4:D9:12:75:78:C3:2B:60:03:80:AC:4A:91:3A:E6:17:D4:65:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2670374F52F4989475C3CBC1643940C7C9E37D17
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
Signing time: Fri 25 Apr 2025 18:51:14 +0000
ROA not before: Fri 25 Apr 2025 18:51:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:70:37:4f:52:f4:98:94:75:c3:cb:c1:64:39:40:c7:c9:e3:7d:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=4ff48d27cfcf8991fd42b88604f880fdc225392d7ec5afb2fd72a97bd7dd4b91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d2:9d:22:75:5d:98:ea:d3:ea:51:d8:f7:46:
04:10:08:2c:a3:2a:0b:bb:d8:24:2c:02:f6:09:58:
63:dd:e9:6b:7e:c5:4c:e6:b1:b9:be:7d:2d:f1:5e:
72:f0:6a:58:92:10:de:0f:e7:6c:33:71:b6:df:04:
ec:e3:fb:1c:45:94:f4:1b:bb:8d:9f:63:36:2b:60:
ef:25:39:92:3f:54:02:aa:5f:8d:a6:03:e3:20:ec:
94:06:16:c5:74:d6:63:9d:cf:52:76:e5:14:86:f7:
c3:ea:06:17:fd:a9:2f:60:37:07:bf:1d:11:c7:3b:
0f:cc:25:24:dc:1a:df:19:54:86:7f:71:57:8f:96:
06:af:96:91:3a:3d:8d:3d:51:64:cf:ae:85:c9:46:
94:ee:35:fb:c6:85:9e:51:be:4e:41:5d:ed:73:9f:
9b:e9:a8:6e:0e:53:a5:fe:9f:41:6c:37:0c:ee:6e:
14:2d:cf:64:0d:e2:e8:9b:2f:ed:57:d9:34:19:d2:
f4:16:8f:f4:f6:8e:23:de:3f:58:5d:cd:99:ac:e9:
fc:86:fa:1e:1b:5d:e0:7f:42:ac:7a:9a:28:fd:34:
a8:36:46:ba:86:75:43:92:e1:86:a9:b5:ed:bc:20:
04:32:f0:fe:0b:7a:78:26:3f:ca:90:fe:3c:cc:83:
8e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F4:D9:12:75:78:C3:2B:60:03:80:AC:4A:91:3A:E6:17:D4:65:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6080::/48
Signature Algorithm: sha256WithRSAEncryption
94:0f:9d:34:be:5f:37:1f:b9:5e:22:21:88:5c:6c:12:5a:49:
e6:0d:41:f5:b4:cd:bd:0c:58:2c:76:df:fe:59:c0:2e:93:ec:
6b:32:40:b6:b5:b9:49:44:1f:f7:2f:d3:4f:69:10:ac:0b:07:
f5:5e:48:5a:f3:37:b2:62:d3:2a:b9:46:6a:92:f2:53:eb:80:
e0:3a:96:d2:ae:af:86:37:ae:d2:36:07:dc:ab:78:42:8a:f6:
c9:b8:07:48:d4:e5:0c:a2:a3:dc:85:52:d9:15:2f:28:d6:f8:
1a:4e:e1:e3:ae:c8:22:fe:56:a8:4f:3d:99:43:b2:ba:90:b6:
4c:47:1c:57:e4:3c:e3:d0:89:b6:8e:27:3e:43:5b:af:7f:e0:
9e:66:e3:b1:d1:6c:ff:54:47:06:ad:94:e0:09:37:e9:84:90:
71:49:82:c9:52:85:c9:30:90:0e:c6:78:7e:6e:8d:2e:f6:de:
df:11:35:c8:7b:18:c3:a9:65:ac:b2:a1:33:cb:5e:14:f1:6e:
e9:24:81:84:7a:b4:72:c8:de:8a:6a:46:73:79:23:ff:d5:a5:
51:f6:bd:a2:40:dc:1f:5c:77:cd:4a:b5:db:26:54:f2:86:7b:
45:b3:9a:bc:c0:5e:f1:9a:8c:8c:63:f7:c4:e2:98:e0:4f:5c:
ad:a0:91:72
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJnA3T1L0mJR1w8vBZDlAx8njfRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmZjQ4ZDI3Y2ZjZjg5OTFmZDQyYjg4NjA0Zjg4MGZkYzIyNTM5MmQ3ZWM1
YWZiMmZkNzJhOTdiZDdkZDRiOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjSnSJ1XZjq0+pR2PdGBBAILKMqC7vYJCwC9glYY93pa37FTOaxub59LfFe
cvBqWJIQ3g/nbDNxtt8E7OP7HEWU9Bu7jZ9jNitg7yU5kj9UAqpfjaYD4yDslAYW
xXTWY53PUnblFIb3w+oGF/2pL2A3B78dEcc7D8wlJNwa3xlUhn9xV4+WBq+WkTo9
jT1RZM+uhclGlO41+8aFnlG+TkFd7XOfm+mobg5Tpf6fQWw3DO5uFC3PZA3i6Jsv
7VfZNBnS9BaP9PaOI94/WF3Nmazp/Ib6Hhtd4H9CrHqaKP00qDZGuoZ1Q5Lhhqm1
7bwgBDLw/gt6eCY/ypD+PMyDjhUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQL9NkS
dXjDK2ADgKxKkTrmF9RlATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQwZTJjZjItZDZlNC00ODEzLWE1YWEtNjIzZWRhODkyNmU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
gDANBgkqhkiG9w0BAQsFAAOCAQEAlA+dNL5fNx+5XiIhiFxsElpJ5g1B9bTNvQxY
LHbf/lnALpPsazJAtrW5SUQf9y/TT2kQrAsH9V5IWvM3smLTKrlGapLyU+uA4DqW
0q6vhjeu0jYH3Kt4Qor2ybgHSNTlDKKj3IVS2RUvKNb4Gk7h467IIv5WqE89mUOy
upC2TEccV+Q849CJto4nPkNbr3/gnmbjsdFs/1RHBq2U4Ak36YSQcUmCyVKFyTCQ
DsZ4fm6NLvbe3xE1yHsYw6llrLKhM8teFPFu6SSBhHq0csjeimpGc3kj/9WlUfa9
okDcH1x3zUq12yZU8oZ7RbOavMBe8ZqMjGP3xOKY4E9craCRcg==
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:34 2025 by rpki-client