Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25549665-200e-473b-9551-c975fa93985e.roa
File: 25549665-200e-473b-9551-c975fa93985e.roa (raw, json)
Hash identifier: w2hoYhI0gBhV6CQZ6S2VSFM1JiZOIxykvEp1QI+PqrY=
Subject key identifier: 3C:CD:3D:D1:83:03:96:52:9E:40:65:12:E5:C7:34:A1:B9:42:5C:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 500C9CC4775B582C162A043ECF10EA40D4643644
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25549665-200e-473b-9551-c975fa93985e.roa
Signing time: Thu 17 Apr 2025 20:36:50 +0000
ROA not before: Thu 17 Apr 2025 20:36:50 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:0c:9c:c4:77:5b:58:2c:16:2a:04:3e:cf:10:ea:40:d4:64:36:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:50 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=207e58fc26cb985c12f2f0c3f0f14d26451de0e07f79d1e05377054d10d9fb78, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5c:25:0f:fb:db:e4:7f:f1:16:1e:84:64:69:
bc:fb:2b:60:74:7a:3a:d8:72:de:91:96:6b:4f:8d:
d8:ed:f6:70:0f:2e:db:79:18:da:db:bb:60:47:46:
51:06:f9:0a:d7:cc:95:df:c1:e9:3a:50:73:57:af:
a5:fe:44:54:de:2d:2b:ac:5b:32:4e:04:09:c8:05:
ca:63:12:8b:dd:ad:90:c5:80:74:e1:a4:b1:44:5a:
31:8c:72:bd:c7:d2:ef:77:0b:05:f3:a9:ef:d6:99:
3e:4e:30:40:00:16:03:25:8f:01:76:f4:28:7b:7e:
5f:53:a8:9b:0b:8d:0f:82:cf:14:0c:69:dc:44:48:
94:5a:55:7f:89:c3:80:5b:c3:f5:65:79:c6:00:2a:
54:a5:d5:9c:eb:ea:9b:f3:e2:83:3d:70:32:ea:f7:
0c:d9:2b:c3:d0:0c:90:8f:b0:cd:cf:95:ef:8c:cc:
e3:ed:a5:4b:9e:5b:f1:e8:07:e1:93:52:82:c6:33:
ac:76:07:43:62:8a:8b:5b:1f:0b:c7:da:93:5f:46:
90:ff:94:df:a9:0f:bb:19:74:b8:c9:f1:58:e9:31:
e2:69:f2:26:04:61:1f:82:82:00:cb:2e:16:2f:4f:
43:fc:6d:66:6b:46:aa:c4:ad:20:50:f2:f9:ba:c1:
71:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CD:3D:D1:83:03:96:52:9E:40:65:12:E5:C7:34:A1:B9:42:5C:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25549665-200e-473b-9551-c975fa93985e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
35:16:38:75:73:c7:97:7a:92:bf:4d:ba:54:bf:58:70:bc:16:
0e:fc:13:73:09:80:e3:b2:f3:e0:ce:43:b7:56:7f:23:b3:c8:
81:ac:6b:de:7d:a7:a5:e3:9f:7d:90:b0:5f:82:b4:fb:0f:ed:
c3:18:1e:b2:36:91:b5:2a:07:5c:d7:62:c8:aa:e0:a9:3a:5c:
63:f0:24:5e:09:93:81:48:f2:f9:67:86:4d:fc:9c:99:99:b2:
16:31:fa:d0:3e:3b:44:54:e9:a8:85:19:43:dd:98:99:4b:b7:
74:a9:98:79:46:c5:d3:52:56:c4:5c:1b:ee:44:c1:d9:ec:d9:
fd:46:2b:ad:a7:a3:cc:bc:fe:fa:a7:f7:9e:e2:af:56:98:c5:
6f:15:7d:5c:27:65:95:cf:9d:1d:68:84:ff:64:02:cd:c8:ff:
a4:ee:af:ac:b8:1a:b5:15:8a:c2:08:28:8c:21:43:94:37:19:
99:2b:40:68:62:bb:3d:0d:fc:c1:9a:91:c3:19:8e:d1:3e:58:
a5:50:53:cb:3f:52:19:2b:ad:a1:e5:02:d8:d2:4c:85:39:f4:
82:33:35:28:e5:87:87:bd:57:a8:2f:c5:0d:5a:b3:d0:24:71:
9e:3d:8e:c4:16:ad:e1:7a:cd:ef:fa:59:6a:b1:2d:54:16:f9:
cd:2e:b0:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUAycxHdbWCwWKgQ+zxDqQNRkNkQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NTBaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwN2U1OGZjMjZjYjk4NWMxMmYyZjBjM2YwZjE0ZDI2NDUxZGUwZTA3Zjc5
ZDFlMDUzNzcwNTRkMTBkOWZiNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRcJQ/72+R/8RYehGRpvPsrYHR6Othy3pGWa0+N2O32cA8u23kY2tu7YEdG
UQb5CtfMld/B6TpQc1evpf5EVN4tK6xbMk4ECcgFymMSi92tkMWAdOGksURaMYxy
vcfS73cLBfOp79aZPk4wQAAWAyWPAXb0KHt+X1OomwuND4LPFAxp3ERIlFpVf4nD
gFvD9WV5xgAqVKXVnOvqm/Pigz1wMur3DNkrw9AMkI+wzc+V74zM4+2lS55b8egH
4ZNSgsYzrHYHQ2KKi1sfC8fak19GkP+U36kPuxl0uMnxWOkx4mnyJgRhH4KCAMsu
Fi9PQ/xtZmtGqsStIFDy+brBcbsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8zT3R
gwOWUp5AZRLlxzShuUJcDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjU1NDk2NjUtMjAwZS00NzNiLTk1NTEtYzk3NWZhOTM5ODVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Ftg
MA0GCSqGSIb3DQEBCwUAA4IBAQA1Fjh1c8eXepK/TbpUv1hwvBYO/BNzCYDjsvPg
zkO3Vn8js8iBrGvefael4599kLBfgrT7D+3DGB6yNpG1Kgdc12LIquCpOlxj8CRe
CZOBSPL5Z4ZN/JyZmbIWMfrQPjtEVOmohRlD3ZiZS7d0qZh5RsXTUlbEXBvuRMHZ
7Nn9Riutp6PMvP76p/ee4q9WmMVvFX1cJ2WVz50daIT/ZALNyP+k7q+suBq1FYrC
CCiMIUOUNxmZK0BoYrs9DfzBmpHDGY7RPlilUFPLP1IZK62h5QLY0kyFOfSCMzUo
5YeHvVeoL8UNWrPQJHGePY7EFq3hes3v+llqsS1UFvnNLrA6
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:47:28 2025 by rpki-client