Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce994b51-2051-4114-a1f2-9e4d82f52f31.roa
File: ce994b51-2051-4114-a1f2-9e4d82f52f31.roa (raw, json)
Hash identifier: cAKAZFyEYRjHT+Lcwi17kI2vf22hnQHr4jeQ6R9zwFk=
Subject key identifier: 4B:E6:08:FA:49:1E:B3:97:4D:18:0D:EC:BB:09:8B:28:54:5B:30:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B04A39B404534006E73A7DDC4418EA8791129B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce994b51-2051-4114-a1f2-9e4d82f52f31.roa
Signing time: Fri 25 Apr 2025 19:40:44 +0000
ROA not before: Fri 25 Apr 2025 19:40:44 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:04:a3:9b:40:45:34:00:6e:73:a7:dd:c4:41:8e:a8:79:11:29:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:44 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3fb5b57acf9851acc62e85b0dc6e95aaac60dce09170718d03f72422d4931ef0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ae:55:45:fd:24:dc:d5:5d:6f:a6:61:30:a4:
62:ee:83:f7:45:51:b2:ef:e4:14:66:3b:e1:a8:3a:
8f:ac:3f:3d:71:a1:55:53:06:e5:31:80:57:d1:37:
24:05:e9:da:e5:a3:ae:a6:5b:20:d9:c2:f8:16:6c:
ba:12:6f:f3:28:7c:e2:85:db:98:34:43:38:fd:06:
cb:25:04:c8:d6:f6:a5:e5:d2:9e:b9:aa:55:d8:d3:
15:82:41:07:09:4c:e2:6c:01:a5:5f:36:5f:d2:61:
71:49:b5:84:17:15:f4:7c:0a:09:5b:14:46:60:3c:
1d:14:58:d1:f0:95:b4:d0:d2:e6:11:9b:8d:83:12:
08:46:61:b0:d8:c8:b0:b5:17:b8:2e:fb:fe:7c:d5:
38:0b:c9:51:37:6a:46:c6:0e:42:8d:15:32:a8:3e:
3f:ea:49:be:c4:5d:df:57:92:23:59:e0:64:6d:7b:
77:aa:68:68:e5:dc:20:3f:18:47:54:da:80:d5:7d:
80:7c:55:14:89:d4:55:b7:45:1e:e1:e2:39:b7:14:
bc:98:dc:9d:e6:79:75:da:59:73:cf:14:4e:8b:4c:
40:31:8d:e1:74:fc:ab:fc:05:aa:33:ba:96:b5:a0:
61:f4:16:86:f2:13:35:a3:d3:ff:0f:2c:3c:99:bb:
31:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E6:08:FA:49:1E:B3:97:4D:18:0D:EC:BB:09:8B:28:54:5B:30:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce994b51-2051-4114-a1f2-9e4d82f52f31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:27:18:a6:75:15:44:c8:53:73:4c:e1:8d:32:e4:1d:ec:be:
01:6f:2c:01:06:00:0a:3b:d5:0d:e8:06:dd:57:ba:80:9b:83:
d7:29:d5:fd:ff:7d:70:16:d2:b0:22:4c:e1:0a:3b:42:e5:e7:
2c:ad:0b:e9:a5:4d:5e:ea:92:a9:1c:4d:94:07:b6:73:30:6f:
33:77:db:71:18:5d:35:b7:b8:0f:5f:56:7c:37:ef:aa:8c:d3:
6c:fb:f3:9c:77:e1:10:0a:46:34:cc:b3:bf:55:45:2b:3b:c5:
dd:b7:8c:70:6e:16:ef:43:5a:b6:0a:60:6e:6b:5a:3b:22:8a:
d3:e1:74:03:7a:ad:60:91:47:b5:ed:ac:07:72:1a:40:5a:32:
d6:69:e7:50:b3:2a:94:cc:1e:e5:6e:42:c6:d4:ea:d4:81:30:
3c:5f:b9:d9:ff:66:27:a1:32:ea:40:0d:c6:f4:ba:e7:64:1f:
3e:96:f5:2e:70:21:06:d7:2c:a3:cb:3f:a1:69:24:d3:01:cf:
b3:7c:f5:8b:2d:78:93:1d:e9:27:93:2e:29:0a:75:3e:0c:ec:
60:d7:24:c1:2a:61:fd:77:15:a7:b0:22:de:84:c0:ba:4a:39:
8b:20:10:66:8d:03:9f:93:20:3e:28:b6:c6:87:7f:ed:35:c4:
97:4c:9d:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGwSjm0BFNABuc6fdxEGOqHkRKbUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwNDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmYjViNTdhY2Y5ODUxYWNjNjJlODViMGRjNmU5NWFhYWM2MGRjZTA5MTcw
NzE4ZDAzZjcyNDIyZDQ5MzFlZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWuVUX9JNzVXW+mYTCkYu6D90VRsu/kFGY74ag6j6w/PXGhVVMG5TGAV9E3
JAXp2uWjrqZbINnC+BZsuhJv8yh84oXbmDRDOP0GyyUEyNb2peXSnrmqVdjTFYJB
BwlM4mwBpV82X9JhcUm1hBcV9HwKCVsURmA8HRRY0fCVtNDS5hGbjYMSCEZhsNjI
sLUXuC77/nzVOAvJUTdqRsYOQo0VMqg+P+pJvsRd31eSI1ngZG17d6poaOXcID8Y
R1TagNV9gHxVFInUVbdFHuHiObcUvJjcneZ5ddpZc88UTotMQDGN4XT8q/wFqjO6
lrWgYfQWhvITNaPT/w8sPJm7MWMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRL5gj6
SR6zl00YDey7CYsoVFswOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2U5OTRiNTEtMjA1MS00MTE0LWExZjItOWU0ZDgyZjUyZjMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HfA
MA0GCSqGSIb3DQEBCwUAA4IBAQDEJximdRVEyFNzTOGNMuQd7L4BbywBBgAKO9UN
6AbdV7qAm4PXKdX9/31wFtKwIkzhCjtC5ecsrQvppU1e6pKpHE2UB7ZzMG8zd9tx
GF01t7gPX1Z8N++qjNNs+/Ocd+EQCkY0zLO/VUUrO8Xdt4xwbhbvQ1q2CmBua1o7
IorT4XQDeq1gkUe17awHchpAWjLWaedQsyqUzB7lbkLG1OrUgTA8X7nZ/2YnoTLq
QA3G9LrnZB8+lvUucCEG1yyjyz+haSTTAc+zfPWLLXiTHeknky4pCnU+DOxg1yTB
KmH9dxWnsCLehMC6SjmLIBBmjQOfkyA+KLbGh3/tNcSXTJ2C
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:34 2025 by rpki-client