Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
File: 17e30daf-f11a-4af6-8f47-661a735a22e9.roa (raw, json)
Hash identifier: 6vxuxYR/aPumerEZLdZ0++yUnj2h5n3n/7B7YTNN3Ig=
Subject key identifier: E3:50:7E:BF:7B:19:DB:A9:15:D7:78:51:8A:F8:F5:9B:A6:EA:B3:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 393D2395B36F229705BBB95836BC20ED14BB330C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
Signing time: Mon 31 Mar 2025 20:40:07 +0000
ROA not before: Mon 31 Mar 2025 20:40:07 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:3d:23:95:b3:6f:22:97:05:bb:b9:58:36:bc:20:ed:14:bb:33:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:40:07 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=aa56065bfed68f55869bf06de0cc16133617ad9047cb772eb6f3d3d34c0987bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0b:31:09:f8:b3:22:03:39:ee:f8:52:d9:15:
71:eb:82:9c:15:47:7a:99:32:40:db:06:00:e6:81:
b2:bf:a3:ca:71:27:79:66:4d:5b:bc:1f:db:88:56:
c2:20:22:26:89:85:40:6c:a6:26:21:17:79:4f:4b:
6e:a2:48:c5:1d:49:9a:4d:2e:c0:d1:26:97:e5:1f:
74:4c:38:7d:03:6d:57:59:e4:20:fa:6a:a1:00:e9:
db:b6:d1:e5:31:a5:d9:47:a7:cf:e9:a9:27:87:14:
32:6f:b2:b2:27:bc:e8:07:91:40:73:30:aa:0f:73:
67:21:9a:a7:ff:47:75:32:cd:59:89:2a:bb:2a:55:
cb:68:b0:ea:5d:dc:73:1d:37:24:fd:df:17:2f:a1:
bd:b7:22:12:b9:10:cc:bf:cb:ff:f9:ff:21:c5:7d:
7a:0a:9a:c6:dd:20:ef:6f:3d:b5:3f:b6:30:85:9e:
c1:2a:ad:6b:f8:82:3f:91:76:8d:6e:73:bf:f6:7f:
cc:45:88:14:cb:08:78:36:ca:39:c0:f7:b9:c5:b6:
02:f6:8e:b5:61:82:c0:ac:a1:b1:61:e8:0d:d1:30:
83:00:60:ee:44:43:c6:d2:5a:29:34:6e:6b:45:37:
44:26:12:03:33:01:11:05:cb:1d:36:8f:ba:05:e1:
5b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:50:7E:BF:7B:19:DB:A9:15:D7:78:51:8A:F8:F5:9B:A6:EA:B3:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:5000::/40
Signature Algorithm: sha256WithRSAEncryption
89:30:4a:5e:e4:7d:0a:ad:42:e3:84:df:3f:d9:ad:34:87:e8:
93:c1:f9:8e:03:08:30:28:54:2c:a6:c8:83:d6:4e:4e:4a:76:
65:69:44:e7:01:ad:3e:33:51:15:48:82:33:1f:aa:4e:38:4a:
fd:13:43:8d:6b:eb:1c:0b:a7:d7:2a:42:b4:42:4e:02:76:24:
6f:ae:a3:34:9d:28:12:ee:d0:b6:cb:02:b7:c5:d2:28:f2:9d:
56:3c:f1:3c:90:f4:25:2b:15:c1:9e:ca:ed:42:bc:1d:8c:2d:
8f:3c:e7:19:ee:5c:f0:8f:b7:a9:8a:5a:4e:29:c0:ab:94:46:
14:f1:7e:06:7a:0b:0f:eb:d3:a5:07:8c:f0:b6:71:b7:b9:1c:
ce:1f:13:77:d2:d4:4c:58:a3:de:63:b6:9f:7b:ef:cd:7f:a1:
05:4e:cd:51:ec:54:d6:06:f4:a4:d4:3e:ac:cf:ea:11:4d:58:
ea:32:af:b9:52:34:8d:ab:b0:e3:b8:58:53:77:c0:d5:2b:28:
c4:6c:3a:e9:9d:76:8e:02:f5:5d:25:6b:4d:d6:47:70:8c:f9:
e1:b8:77:a6:7d:77:5d:a6:bd:a0:26:00:0b:66:2f:64:22:c1:
24:43:25:f4:b7:76:e4:fb:83:6e:87:95:d2:8d:18:82:75:3e:
e4:ec:28:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOT0jlbNvIpcFu7lYNrwg7RS7MwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDQwMDdaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNTYwNjViZmVkNjhmNTU4NjliZjA2ZGUwY2MxNjEzMzYxN2FkOTA0N2Ni
NzcyZWI2ZjNkM2QzNGMwOTg3YmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsLMQn4syIDOe74UtkVceuCnBVHepkyQNsGAOaBsr+jynEneWZNW7wf24hW
wiAiJomFQGymJiEXeU9LbqJIxR1Jmk0uwNEml+UfdEw4fQNtV1nkIPpqoQDp27bR
5TGl2Uenz+mpJ4cUMm+ysie86AeRQHMwqg9zZyGap/9HdTLNWYkquypVy2iw6l3c
cx03JP3fFy+hvbciErkQzL/L//n/IcV9egqaxt0g7289tT+2MIWewSqta/iCP5F2
jW5zv/Z/zEWIFMsIeDbKOcD3ucW2AvaOtWGCwKyhsWHoDdEwgwBg7kRDxtJaKTRu
a0U3RCYSAzMBEQXLHTaPugXhWz0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjUH6/
exnbqRXXeFGK+PWbpuqzsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdlMzBkYWYtZjExYS00YWY2LThmNDctNjYxYTczNWEyMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCJMEpe5H0KrULjhN8/2a00h+iTwfmOAwgwKFQs
psiD1k5OSnZlaUTnAa0+M1EVSIIzH6pOOEr9E0ONa+scC6fXKkK0Qk4CdiRvrqM0
nSgS7tC2ywK3xdIo8p1WPPE8kPQlKxXBnsrtQrwdjC2PPOcZ7lzwj7epilpOKcCr
lEYU8X4GegsP69OlB4zwtnG3uRzOHxN30tRMWKPeY7afe+/Nf6EFTs1R7FTWBvSk
1D6sz+oRTVjqMq+5UjSNq7DjuFhTd8DVKyjEbDrpnXaOAvVdJWtN1kdwjPnhuHem
fXddpr2gJgALZi9kIsEkQyX0t3bk+4Nuh5XSjRiCdT7k7Chl
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:19 2025 by rpki-client