Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
File: f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa (raw, json)
Hash identifier: rVCP6CByQ059VsSmN1LYItX3MLfMLFMve3FlN0BKebk=
Subject key identifier: BD:FE:57:70:E2:9A:F3:21:4C:08:63:AE:34:5C:9C:3A:8E:26:BF:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 547C412855DCFE5F641049F0F233CA71FC019B30
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
Signing time: Mon 05 May 2025 16:00:02 +0000
ROA not before: Mon 05 May 2025 16:00:02 +0000
ROA not after: Mon 09 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:7c:41:28:55:dc:fe:5f:64:10:49:f0:f2:33:ca:71:fc:01:9b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 5 16:00:02 2025 GMT
Not After : Jun 9 23:59:59 2025 GMT
Subject: serialNumber=d8ed9cc3189503d9babb0008d5935b643df3cff06bfe4091507ca8f2bf968215, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:8e:77:de:5a:f1:75:62:5d:f9:fc:13:e7:0a:
cd:9a:e1:92:8e:cd:5c:e6:3e:8e:f4:c9:9d:ab:14:
e4:fa:0a:48:2f:66:4e:77:e2:3c:d6:b7:97:81:7b:
5c:ed:e6:31:35:70:2d:6e:ba:1e:64:2e:0d:e4:6b:
e7:c2:12:17:da:dc:52:cd:78:fd:2b:79:00:1e:60:
18:d5:68:8f:34:b6:f7:9f:d2:fd:a6:40:a5:45:9c:
b9:22:9b:e3:ef:af:4b:14:37:9a:c7:cc:cb:1e:b9:
e1:a6:97:d5:42:1c:55:66:3c:f1:86:51:2d:3b:21:
0a:8a:e6:27:51:1c:a9:80:88:c9:40:82:2b:e2:21:
d4:1a:92:dc:15:3e:27:ed:f0:e2:cb:0a:40:2b:00:
d5:92:51:1c:2f:32:c7:d7:3c:08:77:f1:1a:e7:61:
c1:ed:48:12:80:d4:25:5e:15:9f:b3:26:d5:38:94:
2b:82:96:88:48:98:72:f2:05:5a:bd:1c:65:f9:f4:
0d:54:17:51:9c:6a:52:b5:32:f6:66:18:97:b5:9a:
99:19:a3:a0:02:26:d6:00:e3:23:25:5b:73:34:28:
2b:af:5c:4f:3e:3a:dd:ce:63:17:26:de:bb:95:0b:
f8:dd:8b:59:e7:cb:5c:c0:5e:7c:47:96:77:53:bc:
20:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FE:57:70:E2:9A:F3:21:4C:08:63:AE:34:5C:9C:3A:8E:26:BF:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
3c:f5:5b:05:db:5b:a2:49:c8:33:c4:0d:8b:3f:2f:7a:f3:7b:
4e:0a:cc:b7:ef:fe:b0:15:0b:5e:5a:76:52:a0:51:8e:21:d2:
b1:88:74:52:d6:fa:7e:3d:45:9e:51:53:e3:fd:e0:83:d2:b5:
60:36:ba:af:61:5d:0f:5b:8f:ba:7c:f7:fe:4e:9b:55:de:46:
a9:4c:44:90:fc:fd:2e:e1:2f:83:0b:c9:51:b5:a2:c2:8d:fe:
66:5a:95:f7:89:91:64:11:8b:89:da:7c:90:89:9a:03:26:1a:
98:9b:d6:87:7a:4a:f8:13:ea:87:3f:61:82:ee:ca:e3:ed:eb:
f6:f8:aa:f5:df:90:9c:60:bf:1b:f3:e1:68:bf:60:a8:dd:04:
50:a5:3d:f6:f5:ad:9e:ea:fb:e4:e4:79:dc:70:4c:97:fb:8d:
68:6f:ca:ad:4e:64:8b:0f:d7:8d:94:fb:2e:a4:d1:17:88:9c:
1e:13:ab:3a:6c:f8:88:aa:4b:24:87:bc:6f:25:18:05:a3:dd:
a2:b8:8f:f4:b7:1e:f4:ee:c9:ff:32:b3:ac:0d:8c:9b:dd:b8:
3e:76:14:28:fa:35:be:ea:17:68:03:68:8b:0c:ba:30:be:e3:
d4:dd:51:4a:c4:d2:5a:be:3b:a5:7f:ac:46:39:6e:0a:e5:74:
75:56:f6:ee
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUVHxBKFXc/l9kEEnw8jPKcfwBmzAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDUxNjAwMDJaFw0yNTA2MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4ZWQ5Y2MzMTg5NTAzZDliYWJiMDAwOGQ1OTM1YjY0M2RmM2NmZjA2YmZl
NDA5MTUwN2NhOGYyYmY5NjgyMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPCOd95a8XViXfn8E+cKzZrhko7NXOY+jvTJnasU5PoKSC9mTnfiPNa3l4F7
XO3mMTVwLW66HmQuDeRr58ISF9rcUs14/St5AB5gGNVojzS295/S/aZApUWcuSKb
4++vSxQ3msfMyx654aaX1UIcVWY88YZRLTshCormJ1EcqYCIyUCCK+Ih1BqS3BU+
J+3w4ssKQCsA1ZJRHC8yx9c8CHfxGudhwe1IEoDUJV4Vn7Mm1TiUK4KWiEiYcvIF
Wr0cZfn0DVQXUZxqUrUy9mYYl7WamRmjoAIm1gDjIyVbczQoK69cTz463c5jFybe
u5UL+N2LWefLXMBefEeWd1O8IO0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS9/ldw
4przIUwIY640XJw6jia/iDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEzZjU0NDQtMzc3YS00ZTUxLWExYzctMTBjMmEzYTNkNmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBADz1WwXbW6JJyDPEDYs/L3rze04KzLfv/rAVC15a
dlKgUY4h0rGIdFLW+n49RZ5RU+P94IPStWA2uq9hXQ9bj7p89/5Om1XeRqlMRJD8
/S7hL4MLyVG1osKN/mZalfeJkWQRi4nafJCJmgMmGpib1od6SvgT6oc/YYLuyuPt
6/b4qvXfkJxgvxvz4Wi/YKjdBFClPfb1rZ7q++TkedxwTJf7jWhvyq1OZIsP142U
+y6k0ReInB4Tqzps+IiqSySHvG8lGAWj3aK4j/S3HvTuyf8ys6wNjJvduD52FCj6
Nb7qF2gDaIsMujC+49TdUUrE0lq+O6V/rEY5bgrldHVW9u4=
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:24 2025 by rpki-client