Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
File: a7031a07-12ba-45f8-a53b-6bd5b713c999.roa (raw, json)
Hash identifier: bzKynDuuE/z86k2XDSKPRv5C0wX8MUYbyXUXqaODGVI=
Subject key identifier: 5F:0A:2E:32:2A:57:58:7C:6A:85:08:D4:74:44:C1:36:D1:94:95:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C74D10253C91C4101DE15614814A52FA1112CC3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
Signing time: Fri 25 Apr 2025 20:11:05 +0000
ROA not before: Fri 25 Apr 2025 20:11:05 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:74:d1:02:53:c9:1c:41:01:de:15:61:48:14:a5:2f:a1:11:2c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:11:05 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ca9d70c7d3da63fa36fa4b9d0477c01e7c93cf2040c2321c7f890014d3e6e9d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:05:46:41:b1:bd:2e:8f:8e:06:a1:66:ac:f6:
c7:e2:d2:f8:d5:89:8f:40:e3:d7:a6:37:e8:41:23:
12:58:32:f6:3c:ec:9d:11:08:1a:ce:b7:bf:6c:31:
b1:6b:f4:b2:28:9e:d5:de:f5:0f:db:9c:24:72:fa:
1f:2c:a4:7c:5d:5e:61:a6:44:61:14:5c:06:67:49:
be:3c:9c:ba:cd:e6:af:00:b9:76:8a:20:aa:8b:2e:
57:72:95:1f:fb:de:88:82:45:bd:51:7e:8d:58:8d:
b2:d9:b5:9f:1b:8c:63:89:8a:8f:89:ae:cb:2e:b0:
f4:03:e5:6b:82:b2:33:cb:13:6b:c1:8c:03:47:06:
04:14:01:f8:8b:ea:d9:8c:22:11:fe:40:34:e4:0c:
2b:7b:e9:53:dc:7e:e0:b8:9f:f6:ed:32:de:27:53:
43:fa:3e:1e:c2:b3:89:78:78:cf:2a:d1:31:04:80:
1d:00:a1:00:d3:89:29:b6:30:d2:4e:22:74:83:1b:
0e:60:79:6d:59:97:41:85:82:c0:18:38:32:5f:69:
ed:c6:a6:14:d3:6e:96:57:22:17:3c:4f:63:fa:83:
5e:75:3a:22:8d:c5:16:0c:f6:c2:f0:e5:4c:e5:ad:
39:43:3c:de:ff:c9:9e:a4:96:b9:1f:f1:af:af:cc:
03:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0A:2E:32:2A:57:58:7C:6A:85:08:D4:74:44:C1:36:D1:94:95:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:400::/38
Signature Algorithm: sha256WithRSAEncryption
1e:ac:4c:ba:0e:c9:91:66:dd:52:63:fd:ca:eb:6a:12:01:56:
44:17:b8:af:8c:de:9f:21:29:77:c2:f2:08:04:d1:9d:2b:7f:
4e:68:38:8e:bb:60:49:65:ca:9a:b8:4f:fb:6a:a3:74:f0:72:
04:a4:08:d3:c7:55:40:4c:c2:c5:95:10:6b:bb:81:67:be:dc:
98:e1:43:49:8e:59:b9:dd:39:6c:5d:48:12:17:a4:e2:50:19:
2e:65:ea:77:a5:4d:bc:61:50:e7:4c:0c:56:b7:f6:d3:bb:2e:
7c:05:4f:b7:25:45:e8:f5:fb:bd:14:7d:a8:0f:68:14:0e:f4:
3e:e4:8a:6f:17:29:e0:76:ae:f9:c1:07:b1:52:98:2f:0b:ea:
21:57:c6:57:eb:99:95:c2:84:2b:12:c1:73:15:c1:cd:8e:1a:
78:1b:81:c2:cd:03:ce:f3:e3:35:6d:8c:43:43:8e:b9:80:c5:
7d:c4:b1:60:06:91:69:1b:6e:ef:c5:d0:e5:2b:67:7d:db:9e:
07:27:b4:1f:87:f6:a0:20:1f:0c:fe:f6:38:01:96:21:ac:42:
e9:85:8f:27:26:ea:6a:2a:34:24:19:35:fc:75:b8:83:d3:8d:
ee:15:39:c5:ca:2a:1e:2a:d0:75:1a:4e:7a:4d:b4:8d:4e:1e:
d4:6e:ce:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULHTRAlPJHEEB3hVhSBSlL6ERLMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDExMDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhOWQ3MGM3ZDNkYTYzZmEzNmZhNGI5ZDA0NzdjMDFlN2M5M2NmMjA0MGMy
MzIxYzdmODkwMDE0ZDNlNmU5ZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQFRkGxvS6PjgahZqz2x+LS+NWJj0Dj16Y36EEjElgy9jzsnREIGs63v2wx
sWv0siie1d71D9ucJHL6HyykfF1eYaZEYRRcBmdJvjycus3mrwC5doogqosuV3KV
H/veiIJFvVF+jViNstm1nxuMY4mKj4muyy6w9APla4KyM8sTa8GMA0cGBBQB+Ivq
2YwiEf5ANOQMK3vpU9x+4Lif9u0y3idTQ/o+HsKziXh4zyrRMQSAHQChANOJKbYw
0k4idIMbDmB5bVmXQYWCwBg4Ml9p7camFNNullciFzxPY/qDXnU6Io3FFgz2wvDl
TOWtOUM83v/JnqSWuR/xr6/MA2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfCi4y
KldYfGqFCNR0RME20ZSV6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcwMzFhMDctMTJiYS00NWY4LWE1M2ItNmJkNWI3MTNjOTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoE
MA0GCSqGSIb3DQEBCwUAA4IBAQAerEy6DsmRZt1SY/3K62oSAVZEF7ivjN6fISl3
wvIIBNGdK39OaDiOu2BJZcqauE/7aqN08HIEpAjTx1VATMLFlRBru4FnvtyY4UNJ
jlm53TlsXUgSF6TiUBkuZep3pU28YVDnTAxWt/bTuy58BU+3JUXo9fu9FH2oD2gU
DvQ+5IpvFyngdq75wQexUpgvC+ohV8ZX65mVwoQrEsFzFcHNjhp4G4HCzQPO8+M1
bYxDQ465gMV9xLFgBpFpG27vxdDlK2d9254HJ7Qfh/agIB8M/vY4AZYhrELphY8n
JupqKjQkGTX8dbiD043uFTnFyioeKtB1Gk56TbSNTh7Ubs6O
-----END CERTIFICATE-----
Generated at Mon May 5 23:28:36 2025 by rpki-client