Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
File: 38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa (raw, json)
Hash identifier: O416jngW9GEyqJant/5URVRf50QMYCdwcqTqeFhg+Ug=
Subject key identifier: F6:97:3F:6C:8C:F7:CB:1C:EC:D0:82:FB:78:B7:43:6A:BA:EA:23:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4165D8CC6A913C365028EF70B1888C327C895B7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
Signing time: Mon 31 Mar 2025 20:40:21 +0000
ROA not before: Mon 31 Mar 2025 20:40:21 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:65:d8:cc:6a:91:3c:36:50:28:ef:70:b1:88:8c:32:7c:89:5b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:40:21 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7c:ed:59:64:5b:4a:79:fb:be:35:b8:e5:df:
bd:f1:0b:cc:23:18:30:ae:7d:da:6e:d4:42:c0:e0:
4d:f8:d5:d9:30:e6:67:32:4b:c6:ca:e0:65:63:3e:
99:3f:ba:ed:85:9f:9a:bf:ae:d5:f1:a6:5e:4e:9f:
c7:60:1c:cc:9a:67:b1:96:b6:43:cf:c1:c6:92:39:
76:19:3b:8f:a6:1d:58:31:a2:70:96:b2:63:32:68:
df:84:0c:df:a0:17:f9:c7:ad:6d:c5:d0:57:8b:2b:
0e:48:df:95:bf:fb:2b:f9:0d:93:e8:2a:5c:d6:e2:
3b:ca:6c:74:ed:6c:4a:49:a0:9d:2c:f2:37:0c:6e:
b9:6f:32:35:3a:8a:4b:8f:cb:51:83:86:b7:bf:84:
97:45:67:57:99:ac:0e:c4:e5:7d:57:b4:3f:90:ae:
4b:9c:c8:aa:89:4d:7c:1f:d3:ed:17:ca:dd:09:e4:
6c:4e:9a:74:e9:bc:08:32:31:52:37:93:66:c7:ed:
32:fb:34:0d:28:93:28:d4:17:a8:cc:90:4a:49:18:
38:f1:69:87:a9:50:9b:1e:20:b4:a0:0f:e2:6f:f7:
e1:50:4c:4e:3f:1c:8b:82:26:33:fd:ae:31:3b:e4:
9a:be:22:29:6e:32:44:09:02:9f:04:66:2f:bc:09:
80:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:97:3F:6C:8C:F7:CB:1C:EC:D0:82:FB:78:B7:43:6A:BA:EA:23:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:6000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:ed:45:a8:aa:ab:5f:e9:0d:b6:a1:b6:23:3a:5f:30:09:83:
fd:f7:5a:f2:0d:94:69:02:92:92:78:58:07:11:d7:06:cd:a5:
e3:d4:44:1b:f2:82:46:51:de:5e:ce:c1:34:df:00:e5:10:3e:
2a:6b:58:47:39:66:2b:64:84:3a:48:72:36:dd:0f:32:17:f7:
4d:1f:85:0d:4f:da:c1:06:19:ee:42:9e:cd:6a:73:8a:bc:51:
28:b7:f4:df:69:99:04:25:33:12:f7:a8:7a:90:d1:96:bf:53:
05:3a:af:2f:f5:66:6f:df:98:d8:2d:01:30:f1:87:ab:85:3d:
93:07:b5:0d:c2:fb:79:56:d0:24:6c:40:98:9a:3a:88:12:b9:
cc:58:63:bb:6f:69:3d:33:cf:34:27:93:be:ef:4c:8f:09:ea:
58:b9:a4:4f:6c:7c:db:da:31:be:2a:57:8d:2f:7c:23:22:05:
2d:1d:75:ba:4f:8f:a2:f9:c3:e9:54:01:bc:3c:0d:48:7c:31:
8f:00:76:a9:34:27:c9:cd:b1:29:97:3e:2f:5b:ec:35:14:38:
01:5f:ac:7a:62:ed:d0:e7:43:c8:d9:cf:be:1f:6a:fd:11:40:
75:6a:22:53:8a:e9:c8:6d:0d:00:b4:d4:95:df:1f:f0:0d:9d:
39:b4:1a:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQWXYzGqRPDZQKO9wsYiMMnyJW3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDQwMjFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwMTczMjkyYjc0YjM0MmFhNTljNDlkZWRiYWE2NjE1NjFkN2ZlYjYyM2Vj
ZmIyZjBhODgxMjY4YjYxMDY4ZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK587VlkW0p5+741uOXfvfELzCMYMK592m7UQsDgTfjV2TDmZzJLxsrgZWM+
mT+67YWfmr+u1fGmXk6fx2AczJpnsZa2Q8/BxpI5dhk7j6YdWDGicJayYzJo34QM
36AX+cetbcXQV4srDkjflb/7K/kNk+gqXNbiO8psdO1sSkmgnSzyNwxuuW8yNTqK
S4/LUYOGt7+El0VnV5msDsTlfVe0P5CuS5zIqolNfB/T7RfK3QnkbE6adOm8CDIx
UjeTZsftMvs0DSiTKNQXqMyQSkkYOPFph6lQmx4gtKAP4m/34VBMTj8ci4ImM/2u
MTvkmr4iKW4yRAkCnwRmL7wJgHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2lz9s
jPfLHOzQgvt4t0NquuojAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzhmOWMwZjAtYTEwOS00ODVjLWJkMmQtMmUxYTQ0MGI4NjRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVg
MA0GCSqGSIb3DQEBCwUAA4IBAQCe7UWoqqtf6Q22obYjOl8wCYP991ryDZRpApKS
eFgHEdcGzaXj1EQb8oJGUd5ezsE03wDlED4qa1hHOWYrZIQ6SHI23Q8yF/dNH4UN
T9rBBhnuQp7NanOKvFEot/TfaZkEJTMS96h6kNGWv1MFOq8v9WZv35jYLQEw8Yer
hT2TB7UNwvt5VtAkbECYmjqIErnMWGO7b2k9M880J5O+70yPCepYuaRPbHzb2jG+
KleNL3wjIgUtHXW6T4+i+cPpVAG8PA1IfDGPAHapNCfJzbEplz4vW+w1FDgBX6x6
Yu3Q50PI2c++H2r9EUB1aiJTiunIbQ0AtNSV3x/wDZ05tBoc
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:50 2025 by rpki-client