Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
File: fc40321f-72c2-43a4-8c42-0e935f8f1943.roa (raw, json)
Hash identifier: P9kFjgWHZ+WkipMnPSsC3vCe/JfwCvyzSZANOEUEiqs=
Subject key identifier: FC:16:BD:EA:FC:5B:8E:BC:DF:6C:F2:59:49:37:FF:48:C2:5E:C0:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A0BA721F1C5075730998447EA4B3011F8F4CEA5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
Signing time: Fri 25 Apr 2025 18:40:46 +0000
ROA not before: Fri 25 Apr 2025 18:40:46 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:0b:a7:21:f1:c5:07:57:30:99:84:47:ea:4b:30:11:f8:f4:ce:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:46 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c9b7e1f435e3d1335ef9f45843c33d2a5c491c3822f1ae5ed58807a33a8993e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0d:40:5c:07:ca:82:1f:28:3b:82:cd:f1:f6:
2e:33:a3:8e:cf:49:b8:d5:c6:f6:c0:53:5f:84:df:
d1:91:12:fd:6c:75:19:57:2c:1c:98:a5:b1:6f:0e:
b7:4e:a7:fe:10:6d:44:b0:23:b2:f2:b9:7a:df:f2:
a5:cc:77:cb:a0:12:92:b2:49:97:68:ce:7a:8b:1e:
97:d7:57:5c:cc:bd:65:80:d2:a5:98:c5:bc:36:5c:
db:72:d3:ce:42:da:0b:71:61:05:c9:dc:1c:39:e5:
dc:73:25:04:d6:8b:10:8e:ce:68:4d:46:ca:5b:bc:
2b:3c:c8:5f:78:ab:a4:b3:9e:08:06:7d:4a:eb:47:
9e:fb:72:a2:aa:88:94:f0:ae:1b:74:d3:b2:0b:b7:
bc:ea:5b:d9:1b:a0:1a:73:fa:f8:4d:5b:cc:85:45:
6b:e5:90:9d:ee:bf:53:c0:54:5e:e1:6f:c7:de:21:
54:0a:b7:8c:49:60:34:78:d6:8c:63:f6:11:39:ca:
5b:37:bb:27:86:9c:29:c0:6c:84:7d:27:f9:ce:94:
21:cb:21:04:49:cd:5e:71:fc:8b:90:0f:7e:7c:7c:
8c:ea:55:e6:2d:67:ab:40:f7:88:d5:fa:44:7b:04:
cb:c0:af:46:18:c3:6a:30:02:94:9b:98:36:c4:93:
e9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:16:BD:EA:FC:5B:8E:BC:DF:6C:F2:59:49:37:FF:48:C2:5E:C0:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
c1:a9:2d:74:a2:2c:eb:d5:a5:05:73:2d:23:41:92:57:63:fc:
f0:52:1b:e9:eb:5a:a5:76:c3:8b:ef:a7:9f:84:80:b5:94:f4:
16:9c:b8:5d:49:a5:6e:0a:86:33:4b:4c:03:93:b7:49:b5:68:
26:4e:73:a2:8c:7f:3f:03:15:65:80:a2:ed:79:e8:e7:19:ec:
9e:89:11:f0:a2:6f:3a:c1:3e:f3:53:53:30:cf:b1:ec:65:07:
da:74:54:5e:f6:c6:d6:6c:f4:c0:88:94:d9:7f:df:0c:7c:26:
92:66:f5:b7:35:7f:ec:a6:c9:35:e6:7c:0a:c4:7f:62:43:0b:
2f:53:4d:c4:9b:63:fb:b5:ab:91:d8:20:86:d0:fb:ce:f6:e2:
0a:11:2f:ae:50:d4:da:3f:01:a3:bf:5c:57:f7:09:00:97:45:
78:7e:2e:c2:f5:9b:96:ae:1c:dc:4d:d2:09:e6:26:03:1e:98:
7e:75:d7:ed:ce:10:20:eb:ff:84:53:c9:20:7d:f4:a1:7d:b0:
59:be:86:36:2e:71:dd:55:8e:03:df:ce:40:ea:e0:e3:d5:64:
85:5b:cd:d1:f8:50:90:01:0e:a7:d1:5c:d6:d7:17:ff:00:64:
b2:29:97:bf:ce:e1:da:db:5a:34:5c:1d:d5:c9:e4:52:4b:cc:
ae:92:01:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWgunIfHFB1cwmYRH6kswEfj0zqUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwNDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5YjdlMWY0MzVlM2QxMzM1ZWY5ZjQ1ODQzYzMzZDJhNWM0OTFjMzgyMmYx
YWU1ZWQ1ODgwN2EzM2E4OTkzZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgNQFwHyoIfKDuCzfH2LjOjjs9JuNXG9sBTX4Tf0ZES/Wx1GVcsHJilsW8O
t06n/hBtRLAjsvK5et/ypcx3y6ASkrJJl2jOeosel9dXXMy9ZYDSpZjFvDZc23LT
zkLaC3FhBcncHDnl3HMlBNaLEI7OaE1Gylu8KzzIX3irpLOeCAZ9SutHnvtyoqqI
lPCuG3TTsgu3vOpb2RugGnP6+E1bzIVFa+WQne6/U8BUXuFvx94hVAq3jElgNHjW
jGP2ETnKWze7J4acKcBshH0n+c6UIcshBEnNXnH8i5APfnx8jOpV5i1nq0D3iNX6
RHsEy8CvRhjDajAClJuYNsST6XsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT8Fr3q
/FuOvN9s8llJN/9Iwl7AyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0MDMyMWYtNzJjMi00M2E0LThjNDItMGU5MzVmOGYxOTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
wDANBgkqhkiG9w0BAQsFAAOCAQEAwaktdKIs69WlBXMtI0GSV2P88FIb6etapXbD
i++nn4SAtZT0Fpy4XUmlbgqGM0tMA5O3SbVoJk5zoox/PwMVZYCi7Xno5xnsnokR
8KJvOsE+81NTMM+x7GUH2nRUXvbG1mz0wIiU2X/fDHwmkmb1tzV/7KbJNeZ8CsR/
YkMLL1NNxJtj+7WrkdgghtD7zvbiChEvrlDU2j8Bo79cV/cJAJdFeH4uwvWblq4c
3E3SCeYmAx6YfnXX7c4QIOv/hFPJIH30oX2wWb6GNi5x3VWOA9/OQOrg49VkhVvN
0fhQkAEOp9Fc1tcX/wBksimXv87h2ttaNFwd1cnkUkvMrpIBFA==
-----END CERTIFICATE-----
Generated at Mon May 5 10:33:29 2025 by rpki-client