Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa
File: d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa (raw, json)
Hash identifier: XXSyEFoR2zPu7PDNY1X8cXZvDsmTCM46L6UaErXCZi0=
Subject key identifier: 5D:35:1D:DD:C7:28:DE:B3:D3:2D:59:60:40:92:FC:B0:94:80:38:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 789EA8829422AB870443B09730EEB1C284A0554B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa
Signing time: Tue 29 Apr 2025 14:22:10 +0000
ROA not before: Tue 29 Apr 2025 14:22:10 +0000
ROA not after: Tue 03 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:9e:a8:82:94:22:ab:87:04:43:b0:97:30:ee:b1:c2:84:a0:55:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 29 14:22:10 2025 GMT
Not After : Jun 3 23:59:59 2025 GMT
Subject: serialNumber=3b2ba9f7e8d10aead10a79f4aaa02f4e32f342a53e3584fdd2989299be09af0b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1d:b0:26:d3:53:b8:ed:d6:32:2b:68:d6:16:
9e:be:47:35:d0:3a:e6:ca:85:5c:78:ee:a8:d5:92:
1a:6c:82:f6:21:ba:f2:73:c7:a4:3a:79:da:c0:70:
1a:cb:9f:8c:28:e5:d6:95:d0:ee:c7:95:f5:bf:f6:
4a:9c:11:40:40:76:ae:bd:65:18:70:c8:47:07:40:
d4:68:97:19:68:f1:49:49:89:ef:74:4f:01:5b:cb:
14:8d:2f:83:bb:b2:91:19:91:9e:f6:40:75:26:d3:
be:26:af:d3:0b:42:42:4f:11:d9:05:85:1f:4d:f6:
c6:39:22:75:cd:0b:ca:f6:1e:c7:27:2c:b4:1c:cd:
a6:21:7f:71:04:49:8c:3a:54:98:f0:95:b9:29:26:
63:ad:55:4e:bd:f0:35:55:4e:3e:4f:8c:fb:15:c3:
c7:c1:df:4c:af:56:3d:34:0a:49:ad:aa:25:8f:f6:
23:f7:e7:99:13:8d:90:0b:af:e7:47:55:87:45:8d:
ef:29:13:5e:af:ff:36:d5:0d:82:67:2a:93:40:ea:
e5:81:f8:df:61:0c:99:95:0d:2d:88:a1:5a:49:27:
3e:92:4f:04:8a:ec:da:5b:3a:a0:a7:06:e8:b2:e2:
2b:fd:8a:e6:9b:6c:e6:32:64:f1:f1:61:01:db:c8:
78:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:35:1D:DD:C7:28:DE:B3:D3:2D:59:60:40:92:FC:B0:94:80:38:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1800::/38
Signature Algorithm: sha256WithRSAEncryption
0f:19:f2:92:6a:67:ef:17:b8:3c:84:90:74:50:54:5f:e5:a2:
56:41:fd:88:0b:b0:4f:03:a7:33:83:74:b0:48:d2:c7:53:a8:
86:c8:ab:58:a4:93:f9:c4:7d:c4:5a:ab:b5:b2:7c:08:ef:6e:
19:98:7c:18:3a:93:64:2e:4e:70:b8:0f:41:73:7c:be:53:cc:
2b:12:07:62:18:f2:c6:2d:cd:19:13:2c:ec:08:16:75:9e:2a:
8c:10:7d:b7:ef:8a:dd:08:c2:1e:1b:7a:97:89:e9:41:d1:bd:
1f:a1:5a:9f:ee:73:de:b3:59:29:4c:b2:20:70:dd:38:db:cb:
42:b4:70:ac:c5:05:a6:dc:dd:6d:b4:92:d8:ce:72:0f:ae:95:
6e:16:43:8f:58:ee:7a:68:ef:86:8a:48:7c:a8:d0:b7:b1:79:
c4:35:d3:be:07:27:1d:02:68:f4:eb:16:08:fa:a8:db:a2:15:
bc:dd:f4:d4:50:5b:bd:c2:7b:d5:54:9b:70:3d:8c:27:4a:62:
0c:2c:27:6c:49:d0:12:6d:5e:d2:d0:41:0c:e8:5d:6e:20:33:
c5:17:68:90:d2:a6:cc:f1:eb:e9:d4:7f:e6:54:b5:1e:aa:c6:
0e:36:12:27:c0:93:6c:99:31:7a:fa:2f:a8:92:95:b8:2f:33:
8d:de:b7:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeJ6ogpQiq4cEQ7CXMO6xwoSgVUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjkxNDIyMTBaFw0yNTA2MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiMmJhOWY3ZThkMTBhZWFkMTBhNzlmNGFhYTAyZjRlMzJmMzQyYTUzZTM1
ODRmZGQyOTg5Mjk5YmUwOWFmMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcdsCbTU7jt1jIraNYWnr5HNdA65sqFXHjuqNWSGmyC9iG68nPHpDp52sBw
GsufjCjl1pXQ7seV9b/2SpwRQEB2rr1lGHDIRwdA1GiXGWjxSUmJ73RPAVvLFI0v
g7uykRmRnvZAdSbTviav0wtCQk8R2QWFH032xjkidc0LyvYexycstBzNpiF/cQRJ
jDpUmPCVuSkmY61VTr3wNVVOPk+M+xXDx8HfTK9WPTQKSa2qJY/2I/fnmRONkAuv
50dVh0WN7ykTXq//NtUNgmcqk0Dq5YH432EMmZUNLYihWkknPpJPBIrs2ls6oKcG
6LLiK/2K5pts5jJk8fFhAdvIeAUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdNR3d
xyjes9MtWWBAkvywlIA4ADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDk5NWMzYTEtMjg1OC00MDkwLWEwOTYtMWJmNmFlY2NkNWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQY
MA0GCSqGSIb3DQEBCwUAA4IBAQAPGfKSamfvF7g8hJB0UFRf5aJWQf2IC7BPA6cz
g3SwSNLHU6iGyKtYpJP5xH3EWqu1snwI724ZmHwYOpNkLk5wuA9Bc3y+U8wrEgdi
GPLGLc0ZEyzsCBZ1niqMEH2374rdCMIeG3qXielB0b0foVqf7nPes1kpTLIgcN04
28tCtHCsxQWm3N1ttJLYznIPrpVuFkOPWO56aO+Gikh8qNC3sXnENdO+BycdAmj0
6xYI+qjbohW83fTUUFu9wnvVVJtwPYwnSmIMLCdsSdASbV7S0EEM6F1uIDPFF2iQ
0qbM8evp1H/mVLUeqsYONhInwJNsmTF6+i+okpW4LzON3rdP
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:11 2025 by rpki-client