Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
File: 42fc7c20-224c-4e3b-8c6c-851926d0e396.roa (raw, json)
Hash identifier: RslZ5ILEJL7ROUwY61N1mBt/orOIRKArWgGXAg/Rm4I=
Subject key identifier: BE:3D:84:F0:BA:A3:21:BB:9B:AF:85:96:7C:4A:DD:98:CE:24:3E:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 236153CE1C2F06EC453DA2DE7B12598735491A2B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
Signing time: Fri 11 Apr 2025 00:40:09 +0000
ROA not before: Fri 11 Apr 2025 00:40:09 +0000
ROA not after: Fri 16 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:61:53:ce:1c:2f:06:ec:45:3d:a2:de:7b:12:59:87:35:49:1a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 11 00:40:09 2025 GMT
Not After : May 16 23:59:59 2025 GMT
Subject: serialNumber=abd8b7ed97ab57bf0074b98d1812e855d5bf72ee5c85995e3edf5d280a5ceed4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e7:dc:88:22:11:70:80:ec:ea:78:7e:a7:67:
74:cd:19:10:cc:9b:e5:9c:d8:a1:52:ce:83:86:a5:
71:10:29:ee:6e:c4:af:97:04:3a:f7:6b:a5:f5:49:
10:b7:3f:29:e3:91:6f:0e:88:10:19:9d:0e:87:cf:
84:60:48:69:ce:4f:c6:b8:65:00:8a:7e:d0:32:70:
1d:67:52:b3:f8:56:6b:ff:d2:1f:d0:71:31:1c:e7:
5b:a5:89:47:40:4f:44:49:67:5b:02:69:47:f5:69:
ee:03:9d:5f:44:c0:ac:33:63:c8:17:fb:d5:fd:5b:
ef:c4:56:06:bb:c7:0a:6d:33:5e:38:3e:3a:81:a3:
a0:41:a3:1e:e8:1f:b7:77:9b:86:34:ce:82:51:2f:
fd:e8:5b:99:9d:dd:7e:a9:74:10:24:93:56:fd:24:
dc:fb:f4:62:22:94:b6:73:2a:36:f7:66:6c:75:2b:
ee:1a:78:3f:76:b2:a3:42:97:9f:16:e7:8f:96:53:
9b:d5:65:7b:0e:93:0d:b7:01:57:40:21:99:d6:2d:
79:cf:a3:f2:d8:1b:0a:f9:5b:55:37:6b:b6:a2:87:
c7:2e:5a:5b:34:58:18:d7:5f:b0:9d:55:fd:c9:cc:
7a:78:31:0b:bc:c5:03:cc:c4:b7:39:eb:9b:3f:6a:
d1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:3D:84:F0:BA:A3:21:BB:9B:AF:85:96:7C:4A:DD:98:CE:24:3E:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:c000::/40
Signature Algorithm: sha256WithRSAEncryption
15:ff:23:96:60:8f:3b:13:28:60:de:f4:a2:66:63:96:37:35:
ef:7a:00:59:44:d7:ad:ed:db:3c:ea:7a:7c:13:04:03:d8:3a:
ea:a6:4c:9b:63:bd:74:44:9e:9d:6e:3c:05:80:98:f2:16:3c:
cb:fc:a5:91:12:24:eb:cc:b8:31:e8:fa:b9:b1:d9:50:ff:42:
37:2e:71:eb:51:15:fb:9d:27:f2:72:d9:f0:45:d8:a2:2e:68:
fc:85:f5:ce:24:bf:4a:3b:d9:ef:65:e6:d6:1b:03:d7:43:86:
b4:be:9f:ad:3a:05:65:f1:e0:a0:36:16:52:e6:b1:a3:4d:c0:
20:2a:1d:64:33:f9:d9:9c:3b:82:1b:0a:a2:8f:4b:c4:1e:80:
d9:87:c9:62:fa:8f:70:9b:05:e5:60:36:d2:13:91:20:9f:59:
97:ed:b8:16:e6:3c:5b:8b:34:5a:1c:06:62:7e:6d:ef:3e:f5:
52:7f:8c:4e:68:0f:23:fc:92:4c:06:70:ef:0a:7e:83:ae:ac:
bc:4d:e3:87:30:3e:27:2e:70:83:17:05:d4:35:a9:2c:f3:48:
ea:c0:de:be:d7:e8:26:0c:f5:b5:c2:ca:34:24:b0:8b:f1:d1:
bc:79:21:cf:95:6c:0f:b6:11:e3:b9:1c:14:92:bc:ce:06:63:
63:ed:5a:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI2FTzhwvBuxFPaLeexJZhzVJGiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTEwMDQwMDlaFw0yNTA1MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiZDhiN2VkOTdhYjU3YmYwMDc0Yjk4ZDE4MTJlODU1ZDViZjcyZWU1Yzg1
OTk1ZTNlZGY1ZDI4MGE1Y2VlZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7n3IgiEXCA7Op4fqdndM0ZEMyb5ZzYoVLOg4alcRAp7m7Er5cEOvdrpfVJ
ELc/KeORbw6IEBmdDofPhGBIac5PxrhlAIp+0DJwHWdSs/hWa//SH9BxMRznW6WJ
R0BPRElnWwJpR/Vp7gOdX0TArDNjyBf71f1b78RWBrvHCm0zXjg+OoGjoEGjHugf
t3ebhjTOglEv/ehbmZ3dfql0ECSTVv0k3Pv0YiKUtnMqNvdmbHUr7hp4P3ayo0KX
nxbnj5ZTm9Vlew6TDbcBV0AhmdYtec+j8tgbCvlbVTdrtqKHxy5aWzRYGNdfsJ1V
/cnMengxC7zFA8zEtznrmz9q0ZMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS+PYTw
uqMhu5uvhZZ8St2YziQ+TTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJmYzdjMjAtMjI0Yy00ZTNiLThjNmMtODUxOTI2ZDBlMzk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLA
MA0GCSqGSIb3DQEBCwUAA4IBAQAV/yOWYI87Eyhg3vSiZmOWNzXvegBZRNet7ds8
6np8EwQD2DrqpkybY710RJ6dbjwFgJjyFjzL/KWREiTrzLgx6Pq5sdlQ/0I3LnHr
URX7nSfyctnwRdiiLmj8hfXOJL9KO9nvZebWGwPXQ4a0vp+tOgVl8eCgNhZS5rGj
TcAgKh1kM/nZnDuCGwqij0vEHoDZh8li+o9wmwXlYDbSE5Egn1mX7bgW5jxbizRa
HAZifm3vPvVSf4xOaA8j/JJMBnDvCn6Drqy8TeOHMD4nLnCDFwXUNaks80jqwN6+
1+gmDPW1wso0JLCL8dG8eSHPlWwPthHjuRwUkrzOBmNj7Vqe
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:22 2025 by rpki-client