Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
File: 05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa (raw, json)
Hash identifier: 5LflkxsfLeqlnRx7+UkFXb0kyr6dTW5iV9mqvZGCncw=
Subject key identifier: F6:61:12:F7:12:47:2D:EA:BA:9F:61:0D:60:B0:C7:3D:21:13:03:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 715E8B1A76C52A596181574936055FD1C5973BBB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
Signing time: Fri 25 Apr 2025 19:01:30 +0000
ROA not before: Fri 25 Apr 2025 19:01:30 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:5e:8b:1a:76:c5:2a:59:61:81:57:49:36:05:5f:d1:c5:97:3b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:01:30 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=70ea3b5e91c906e6dfda172023ef573a03b2213948d1a35764d900f872f2b6ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b3:0a:50:e3:33:15:6c:dc:77:c5:da:34:d4:
e8:20:20:2d:cd:df:98:9e:51:86:0f:a5:81:ea:8c:
05:aa:04:f9:0e:c1:d1:3b:2f:ad:2a:05:53:4b:32:
b8:72:1f:34:40:4f:31:d0:29:21:12:f7:41:d4:57:
99:0b:9b:7a:86:d5:bb:8b:b8:1c:89:e4:cb:25:36:
cb:2e:f0:cc:e1:de:56:6c:80:b4:b1:7b:7a:87:e7:
07:95:3f:c5:2c:bf:a8:e0:7e:76:f9:76:1a:bb:6c:
f3:fb:f8:f0:22:94:40:fd:8c:b0:cd:35:88:cc:30:
c0:7e:a6:74:d8:d4:e9:e6:29:ce:4f:cb:b2:08:f4:
cb:d1:4e:b3:a0:5f:f8:4c:ce:73:87:e2:4a:9e:b5:
c1:cf:58:52:86:00:64:92:45:bc:9b:6c:3a:d8:d0:
46:27:ad:83:ad:7f:09:d7:39:83:e3:64:bd:e1:96:
9d:a6:74:16:d9:95:82:82:9a:05:1f:cf:72:a5:f8:
12:3b:6f:cc:50:b5:a6:11:97:cc:24:d8:ec:37:06:
5d:17:a8:9b:f2:fc:d9:04:39:8a:24:ae:2d:c8:af:
dd:7f:b3:83:c3:3a:46:04:c7:81:89:72:60:3b:a4:
a6:eb:b2:05:42:d1:c4:60:bf:a2:1e:8b:5c:40:b2:
30:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:61:12:F7:12:47:2D:EA:BA:9F:61:0D:60:B0:C7:3D:21:13:03:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8050::/48
Signature Algorithm: sha256WithRSAEncryption
5a:72:32:88:d2:29:c0:b9:e5:27:d0:bb:de:d2:50:28:6b:e6:
08:6b:9c:09:83:ba:88:5b:7a:5d:a2:2f:e2:c1:5a:61:26:cb:
89:8a:c8:e4:02:3b:17:36:d4:78:8d:f8:ef:b5:9a:54:91:e4:
a9:75:78:2e:df:2c:94:60:1b:9d:5e:5b:23:0e:58:6d:69:2e:
bd:9d:cc:7b:a1:e9:2d:f7:7d:59:73:a1:79:bd:bd:ea:60:f9:
81:b2:23:4c:16:f7:e0:78:05:aa:c8:72:c8:dd:3b:4f:3f:38:
70:c9:eb:b4:77:d0:43:5b:68:18:a6:52:c2:e6:62:12:f7:e0:
47:91:8e:d1:4e:0a:06:50:77:f3:36:e7:7a:9c:a7:37:ba:c2:
29:3d:85:95:f7:47:19:7a:e8:a2:3c:fe:dc:04:43:42:9f:43:
48:c9:89:40:f0:68:8d:dd:8d:c5:21:91:55:3b:3d:77:bd:22:
d1:f5:1d:46:9a:84:c0:d2:d0:4f:59:15:be:ad:b0:d7:12:51:
68:70:ef:d2:7c:a4:90:6d:ad:5e:0f:6b:df:2d:4a:86:05:db:
ab:f6:93:32:8a:79:0c:17:3f:e3:01:b2:af:eb:93:f6:77:7e:
22:d7:c3:c3:f4:d9:49:ad:9a:c4:f5:dd:54:ad:ba:23:93:05:
e3:eb:e4:e3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcV6LGnbFKllhgVdJNgVf0cWXO7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAxMzBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwZWEzYjVlOTFjOTA2ZTZkZmRhMTcyMDIzZWY1NzNhMDNiMjIxMzk0OGQx
YTM1NzY0ZDkwMGY4NzJmMmI2ZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6zClDjMxVs3HfF2jTU6CAgLc3fmJ5Rhg+lgeqMBaoE+Q7B0TsvrSoFU0sy
uHIfNEBPMdApIRL3QdRXmQubeobVu4u4HInkyyU2yy7wzOHeVmyAtLF7eofnB5U/
xSy/qOB+dvl2Grts8/v48CKUQP2MsM01iMwwwH6mdNjU6eYpzk/Lsgj0y9FOs6Bf
+EzOc4fiSp61wc9YUoYAZJJFvJtsOtjQRietg61/Cdc5g+NkveGWnaZ0FtmVgoKa
BR/PcqX4EjtvzFC1phGXzCTY7DcGXReom/L82QQ5iiSuLciv3X+zg8M6RgTHgYly
YDukpuuyBULRxGC/oh6LXECyMPECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT2YRL3
Ekct6rqfYQ1gsMc9IRMD2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDVmN2FiM2YtY2I3My00OWE2LWFhZGEtNDQwYmY0ZGJmM2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
UDANBgkqhkiG9w0BAQsFAAOCAQEAWnIyiNIpwLnlJ9C73tJQKGvmCGucCYO6iFt6
XaIv4sFaYSbLiYrI5AI7FzbUeI3477WaVJHkqXV4Lt8slGAbnV5bIw5YbWkuvZ3M
e6HpLfd9WXOheb296mD5gbIjTBb34HgFqshyyN07Tz84cMnrtHfQQ1toGKZSwuZi
EvfgR5GO0U4KBlB38zbnepynN7rCKT2FlfdHGXroojz+3ARDQp9DSMmJQPBojd2N
xSGRVTs9d70i0fUdRpqEwNLQT1kVvq2w1xJRaHDv0nykkG2tXg9r3y1KhgXbq/aT
Mop5DBc/4wGyr+uT9nd+ItfDw/TZSa2axPXdVK26I5MF4+vk4w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:52 2025 by rpki-client