Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
File: 5c829516-8640-4a9a-a2b3-cfababf09faa.roa (raw, json)
Hash identifier: ZmXSh/qJ345AaEELnMx0fZ2mWiV9ltacy5jZIj7r4c4=
Subject key identifier: 56:7D:58:A7:88:7D:01:78:C9:4F:8D:98:0B:C8:9A:F3:CE:F9:5F:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60BC7EF59A7CE08A501335F8047EB6D62257A75D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
Signing time: Mon 31 Mar 2025 19:50:19 +0000
ROA not before: Mon 31 Mar 2025 19:50:19 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:bc:7e:f5:9a:7c:e0:8a:50:13:35:f8:04:7e:b6:d6:22:57:a7:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:50:19 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:77:aa:aa:f5:ab:dd:ab:02:73:13:92:c9:12:
c9:58:f9:a6:a1:0f:ad:17:28:59:e1:23:dd:79:5c:
e9:38:9b:01:ff:b2:51:00:0e:1a:37:af:c6:6e:2f:
ce:39:da:76:72:c6:5f:99:67:ad:bd:3b:d0:6e:d7:
f4:32:44:f1:33:a3:65:00:7f:b8:c5:29:ce:70:f4:
90:95:81:07:1c:ee:fb:a4:fc:e9:ca:12:dd:e0:1c:
4c:b3:d7:38:a1:0c:99:f0:af:c8:23:ff:81:d9:54:
9b:46:7d:78:5a:e7:49:28:bf:9a:78:26:39:98:6a:
a3:18:9e:7d:6c:18:2a:a3:4b:2e:8a:dc:82:29:4c:
58:c2:0f:cf:b2:2b:2b:8d:24:80:52:4a:99:67:b8:
c6:ee:9f:5c:27:ee:99:1d:72:b4:9c:24:3e:f5:d4:
58:78:81:13:a5:89:38:7c:a9:4d:27:8d:c0:98:48:
b9:2b:21:2e:5c:1e:c3:5e:31:da:5a:73:e1:46:fc:
c7:6d:35:3f:3a:9f:65:fb:ea:8f:6c:6f:c3:17:8e:
b1:bb:9b:9f:a3:b1:32:39:a4:6c:61:80:b3:8f:74:
4e:85:23:98:e8:fa:f4:72:41:9b:a2:0a:00:f4:1f:
55:a7:37:22:f3:c1:b4:dc:40:b6:af:bc:e4:3e:61:
16:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7D:58:A7:88:7D:01:78:C9:4F:8D:98:0B:C8:9A:F3:CE:F9:5F:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e080::/48
Signature Algorithm: sha256WithRSAEncryption
c6:af:fb:dd:0f:8f:1a:ed:ba:db:51:fb:ec:66:f6:72:90:0f:
0a:38:3d:f6:28:73:00:39:66:54:c1:43:15:33:d6:3c:16:fb:
f7:58:89:c9:75:4c:54:06:23:4a:16:81:8f:67:2d:af:b1:e4:
1d:cf:db:01:b5:8d:33:87:a7:53:9b:ba:e2:06:0f:f2:51:65:
07:93:a3:46:82:56:d1:32:23:0d:4c:e0:50:40:26:13:72:93:
8e:dd:80:6f:f4:63:e0:ce:4d:68:85:ee:d1:41:9d:e2:33:81:
5a:09:d5:51:a5:67:72:07:de:33:fe:36:77:bd:59:f8:f6:d6:
fd:18:76:ce:34:fa:f1:0f:10:0e:0a:5a:97:d0:fd:3f:e8:b8:
f8:05:99:56:83:b2:85:f0:55:d4:1a:50:a7:70:02:65:e2:da:
20:ca:4e:cb:ff:53:f8:20:95:38:9f:89:a6:e7:b1:41:45:f2:
d2:52:8f:ac:0e:18:27:9f:ee:43:6a:9c:66:5e:58:a3:fe:a6:
f3:0d:4c:22:15:5f:f9:05:a3:90:11:10:40:2e:fa:46:45:48:
23:10:f6:af:a9:5a:0d:44:86:d7:b6:98:8d:52:58:33:e8:45:
98:a6:fe:81:fc:77:28:e5:81:e6:f5:37:8a:23:c2:bb:3b:0f:
e2:9a:bb:be
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYLx+9Zp84IpQEzX4BH621iJXp10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTUwMTlaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkOTNlNGE3NGVmNzNiZDY1NDllN2ZlYzk5Y2EyZjIzYmY3Y2ZkMzNiMWMz
YmE3YzcyZTFhYjNhODJjMGIwYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJp3qqr1q92rAnMTkskSyVj5pqEPrRcoWeEj3Xlc6TibAf+yUQAOGjevxm4v
zjnadnLGX5lnrb070G7X9DJE8TOjZQB/uMUpznD0kJWBBxzu+6T86coS3eAcTLPX
OKEMmfCvyCP/gdlUm0Z9eFrnSSi/mngmOZhqoxiefWwYKqNLLorcgilMWMIPz7Ir
K40kgFJKmWe4xu6fXCfumR1ytJwkPvXUWHiBE6WJOHypTSeNwJhIuSshLlwew14x
2lpz4Ub8x201PzqfZfvqj2xvwxeOsbubn6OxMjmkbGGAs490ToUjmOj69HJBm6IK
APQfVac3IvPBtNxAtq+85D5hFo0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRWfVin
iH0BeMlPjZgLyJrzzvlf+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4Mjk1MTYtODY0MC00YTlhLWEyYjMtY2ZhYmFiZjA5ZmFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
gDANBgkqhkiG9w0BAQsFAAOCAQEAxq/73Q+PGu2621H77Gb2cpAPCjg99ihzADlm
VMFDFTPWPBb791iJyXVMVAYjShaBj2ctr7HkHc/bAbWNM4enU5u64gYP8lFlB5Oj
RoJW0TIjDUzgUEAmE3KTjt2Ab/Rj4M5NaIXu0UGd4jOBWgnVUaVncgfeM/42d71Z
+PbW/Rh2zjT68Q8QDgpal9D9P+i4+AWZVoOyhfBV1BpQp3ACZeLaIMpOy/9T+CCV
OJ+JpuexQUXy0lKPrA4YJ5/uQ2qcZl5Yo/6m8w1MIhVf+QWjkBEQQC76RkVIIxD2
r6laDUSG17aYjVJYM+hFmKb+gfx3KOWB5vU3iiPCuzsP4pq7vg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:21 2025 by rpki-client