Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05a72d01-7790-4b75-991b-28806ee2dacf.roa
File: 05a72d01-7790-4b75-991b-28806ee2dacf.roa (raw, json)
Hash identifier: NaOlu9LLR1v1+5dC5ESS6vgC3mEfCMygSmpJb1du44c=
Subject key identifier: CE:C0:93:34:12:BC:C5:72:90:C4:95:B2:0C:46:F9:DF:7A:7D:04:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F1602EB3CC851766E0EA932C9140C32A0228FEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05a72d01-7790-4b75-991b-28806ee2dacf.roa
Signing time: Fri 25 Apr 2025 18:30:51 +0000
ROA not before: Fri 25 Apr 2025 18:30:51 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:16:02:eb:3c:c8:51:76:6e:0e:a9:32:c9:14:0c:32:a0:22:8f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:51 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=eb66770f2ea01777c72138d0c5f2952ba0295748a55f391b2f2c19dc9869f784, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e9:d4:22:0b:9d:a0:4a:96:70:84:6b:b2:0e:
13:d5:99:04:09:60:5c:fb:8a:7b:b0:f8:d9:73:ef:
90:67:b5:f0:ce:66:78:8b:d4:fd:ca:f4:e7:5e:3f:
e4:0d:c1:d1:43:e1:d2:18:66:d6:85:2e:bd:00:bc:
32:c8:ec:7f:5d:3e:52:36:c1:e2:38:7c:b6:74:48:
ee:04:b4:f0:ff:6d:fb:22:e8:70:71:89:01:d1:dd:
72:8d:c3:17:c1:38:33:e1:3e:86:e3:50:b5:c9:3c:
57:ff:ad:ba:30:c0:6d:84:d3:7a:39:2a:76:c0:44:
cc:5a:5b:ec:64:7a:fa:26:95:d3:8f:40:36:36:81:
b0:96:91:27:dc:78:ba:2b:d2:b7:af:c6:19:f9:29:
93:ce:df:59:9f:79:09:b9:b8:1f:fe:6a:d6:5d:b9:
96:85:72:5e:64:45:09:42:23:a1:b8:ed:29:85:a4:
a9:ee:9a:21:3e:22:ee:33:ab:c1:dc:38:39:65:49:
f5:19:71:bc:8f:65:1b:7d:5c:4b:92:16:0a:5c:22:
02:0d:d2:f9:08:7a:be:06:dc:31:7b:c4:f6:86:5b:
be:b7:58:99:2e:2b:e1:0f:f2:d1:d7:22:55:2b:00:
65:be:2f:5b:a2:4e:a8:e6:b4:f7:e6:41:74:5f:8a:
a2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C0:93:34:12:BC:C5:72:90:C4:95:B2:0C:46:F9:DF:7A:7D:04:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05a72d01-7790-4b75-991b-28806ee2dacf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1040::/48
Signature Algorithm: sha256WithRSAEncryption
5b:4c:1d:86:10:aa:7a:e8:43:85:e3:d0:24:60:6d:ad:e3:61:
30:c2:fe:87:a6:d2:d5:9f:66:30:f0:a9:d2:31:be:95:94:6a:
4a:ca:0f:0b:42:24:37:ec:52:8d:09:e2:85:82:ae:ed:7c:51:
e9:7c:61:6a:5d:08:79:ae:81:45:6f:74:88:1e:83:e0:51:01:
cd:3f:25:c8:ad:79:85:53:a4:8a:df:d4:52:d1:9d:bc:d4:a2:
db:34:62:e1:ee:da:77:9b:68:74:da:53:dd:f8:c5:26:d3:8f:
ae:51:18:cd:0c:69:c6:a9:48:9f:d5:e3:42:c0:56:50:57:61:
46:e3:52:40:16:c8:c8:e4:41:19:99:fc:3e:41:39:ea:15:e6:
af:2b:19:98:ab:31:16:f0:4c:f7:9b:76:62:58:75:1d:c6:fa:
65:9d:12:50:bc:df:c4:c1:0c:a1:dd:a8:46:00:8f:43:27:59:
4b:1a:c9:51:46:97:07:02:a1:f0:01:d9:6f:74:0e:9f:a2:b7:
c4:2b:b4:a8:94:c5:76:fa:78:87:51:39:c8:e8:89:b0:56:15:
f9:9e:41:d5:d9:6f:2e:a7:98:c8:a7:cb:59:5c:ce:b4:1c:3f:
fc:58:20:52:f6:dd:e7:f9:76:21:f4:ad:67:a9:4a:43:11:5d:
c2:9d:35:1e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXxYC6zzIUXZuDqkyyRQMMqAij+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwNTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNjY3NzBmMmVhMDE3NzdjNzIxMzhkMGM1ZjI5NTJiYTAyOTU3NDhhNTVm
MzkxYjJmMmMxOWRjOTg2OWY3ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3p1CILnaBKlnCEa7IOE9WZBAlgXPuKe7D42XPvkGe18M5meIvU/cr0514/
5A3B0UPh0hhm1oUuvQC8Msjsf10+UjbB4jh8tnRI7gS08P9t+yLocHGJAdHdco3D
F8E4M+E+huNQtck8V/+tujDAbYTTejkqdsBEzFpb7GR6+iaV049ANjaBsJaRJ9x4
uivSt6/GGfkpk87fWZ95Cbm4H/5q1l25loVyXmRFCUIjobjtKYWkqe6aIT4i7jOr
wdw4OWVJ9RlxvI9lG31cS5IWClwiAg3S+Qh6vgbcMXvE9oZbvrdYmS4r4Q/y0dci
VSsAZb4vW6JOqOa09+ZBdF+KotsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTOwJM0
ErzFcpDElbIMRvnfen0ENzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDVhNzJkMDEtNzc5MC00Yjc1LTk5MWItMjg4MDZlZTJkYWNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAW0wdhhCqeuhDhePQJGBtreNhMML+h6bS1Z9m
MPCp0jG+lZRqSsoPC0IkN+xSjQnihYKu7XxR6Xxhal0Iea6BRW90iB6D4FEBzT8l
yK15hVOkit/UUtGdvNSi2zRi4e7ad5todNpT3fjFJtOPrlEYzQxpxqlIn9XjQsBW
UFdhRuNSQBbIyORBGZn8PkE56hXmrysZmKsxFvBM95t2Ylh1Hcb6ZZ0SULzfxMEM
od2oRgCPQydZSxrJUUaXBwKh8AHZb3QOn6K3xCu0qJTFdvp4h1E5yOiJsFYV+Z5B
1dlvLqeYyKfLWVzOtBw//FggUvbd5/l2IfStZ6lKQxFdwp01Hg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:24 2025 by rpki-client