Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
File: fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa (raw, json)
Hash identifier: hxEC/xwwD6blQ9NM0jowHcJ8taJZ6iX3fzKZ1sUwH6A=
Subject key identifier: 28:3F:6D:48:DF:D3:61:7F:6F:30:D8:50:81:7F:9C:78:73:AD:EC:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7216F986D37BB411D1B61567CDD02024C825A304
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
Signing time: Mon 28 Apr 2025 15:41:13 +0000
ROA not before: Mon 28 Apr 2025 15:41:13 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:16:f9:86:d3:7b:b4:11:d1:b6:15:67:cd:d0:20:24:c8:25:a3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:41:13 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=ef467cb7176ea6b6440b81e97d41289bda078572d6a81fda41217f248d201cb5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:96:8b:59:99:ba:b3:d6:f9:3b:1f:68:16:33:
29:10:b5:7a:68:9b:d3:81:e1:95:ed:de:2b:7f:74:
8a:8c:12:d5:3a:8a:96:bc:e0:0b:f3:fc:cf:b7:85:
b7:f0:15:45:65:91:a7:5f:38:6d:90:ee:82:57:51:
37:fa:e7:a5:4f:bf:e4:9b:86:88:ac:05:71:80:bf:
4c:b5:58:44:80:d0:c0:6b:76:ee:d9:a0:43:30:b4:
1f:38:68:ac:db:71:aa:18:68:b0:46:e0:3f:fd:c3:
dc:4c:c1:78:4c:dc:54:f8:19:10:ae:90:ee:8a:37:
cb:23:83:e8:b5:3b:f1:fc:7b:a0:0c:f4:c7:2a:d8:
a4:a6:79:46:1e:4f:d5:c4:b8:6b:96:a3:f5:af:d9:
b8:f7:b4:d2:cd:1d:13:c4:a6:b6:f0:76:9a:23:0b:
f9:94:63:49:5d:cb:51:5e:c4:b6:89:9b:e1:14:81:
c0:3f:17:b6:3d:7c:53:3e:c5:c9:36:b6:85:f4:e5:
49:0d:be:43:4e:c4:17:4c:2d:32:14:78:90:5d:2d:
dd:ea:cc:30:fd:14:8f:12:02:38:eb:98:46:4b:4b:
52:82:b2:e9:60:30:c7:94:81:2b:00:9a:86:16:27:
e7:6c:78:2c:cd:0c:f9:5e:5e:95:08:f2:2f:33:5a:
24:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3F:6D:48:DF:D3:61:7F:6F:30:D8:50:81:7F:9C:78:73:AD:EC:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:f9:e4:74:01:63:33:97:33:fe:75:c8:05:9f:94:7c:4c:d2:
a9:33:d4:e4:87:88:af:93:f3:79:e2:9e:e6:e8:22:95:5c:17:
e8:1c:e5:c6:93:2a:15:5e:60:50:97:96:17:ca:10:0b:dd:22:
0c:9f:0c:17:72:a9:06:96:1a:6b:52:16:51:92:9c:ff:0b:5a:
e1:ec:3d:4f:ac:fd:1c:24:c4:3a:c7:6c:de:53:53:fc:b3:82:
54:c2:86:d9:28:d8:db:aa:fe:7b:1e:3f:0e:f2:61:c7:65:07:
b1:93:79:0f:01:c1:40:fd:ec:30:a0:66:2d:0f:6d:83:d8:e5:
15:14:13:51:74:d6:af:b6:bd:7b:b8:fd:ff:5c:7f:2a:9a:4e:
e1:2a:47:7d:dc:b9:6b:bd:e9:28:91:9f:5b:60:bd:36:88:3a:
56:88:59:2b:e6:49:8b:79:4d:a1:a9:5d:e6:21:04:8a:a6:2b:
85:78:9c:cf:67:2f:a4:de:84:07:f6:14:d6:c5:22:5b:b9:c5:
f7:a1:67:e5:47:27:e9:20:78:41:5a:e4:63:5f:c6:8c:a5:97:
27:74:b2:7b:46:89:f2:ad:76:77:28:5f:12:75:ca:5b:86:eb:
eb:a0:f7:bf:3a:88:ad:22:1d:f9:6b:fd:74:03:4b:80:64:09:
f8:6d:35:18
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUchb5htN7tBHRthVnzdAgJMglowQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQxMTNaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmNDY3Y2I3MTc2ZWE2YjY0NDBiODFlOTdkNDEyODliZGEwNzg1NzJkNmE4
MWZkYTQxMjE3ZjI0OGQyMDFjYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6Wi1mZurPW+TsfaBYzKRC1emib04Hhle3eK390iowS1TqKlrzgC/P8z7eF
t/AVRWWRp184bZDugldRN/rnpU+/5JuGiKwFcYC/TLVYRIDQwGt27tmgQzC0Hzho
rNtxqhhosEbgP/3D3EzBeEzcVPgZEK6Q7oo3yyOD6LU78fx7oAz0xyrYpKZ5Rh5P
1cS4a5aj9a/ZuPe00s0dE8SmtvB2miML+ZRjSV3LUV7Etomb4RSBwD8Xtj18Uz7F
yTa2hfTlSQ2+Q07EF0wtMhR4kF0t3erMMP0UjxICOOuYRktLUoKy6WAwx5SBKwCa
hhYn52x4LM0M+V5elQjyLzNaJL0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoP21I
39Nhf28w2FCBf5x4c63sMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmQzMjlhYjUtYWU1Yy00YjY4LWE0YzYtYjgyZjZlYTI5ZGQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCL+eR0AWMzlzP+dcgFn5R8TNKpM9Tkh4ivk/N5
4p7m6CKVXBfoHOXGkyoVXmBQl5YXyhAL3SIMnwwXcqkGlhprUhZRkpz/C1rh7D1P
rP0cJMQ6x2zeU1P8s4JUwobZKNjbqv57Hj8O8mHHZQexk3kPAcFA/ewwoGYtD22D
2OUVFBNRdNavtr17uP3/XH8qmk7hKkd93LlrvekokZ9bYL02iDpWiFkr5kmLeU2h
qV3mIQSKpiuFeJzPZy+k3oQH9hTWxSJbucX3oWflRyfpIHhBWuRjX8aMpZcndLJ7
RonyrXZ3KF8SdcpbhuvroPe/OoitIh35a/10A0uAZAn4bTUY
-----END CERTIFICATE-----
Generated at Wed May 7 06:34:17 2025 by rpki-client