Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
File: 28181159-5695-4944-b901-f84b836b4d8f.roa (raw, json)
Hash identifier: p5mvzwA4nskpLF1Nx0M4yrnYlnhCUocNdcV7kgA4V2w=
Subject key identifier: 10:AA:27:97:12:3F:64:95:37:9F:49:DB:77:00:09:95:47:6D:2F:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 356E2D966DDDD67A54B569CA0B31940FA64DE5FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
Signing time: Fri 18 Apr 2025 18:30:13 +0000
ROA not before: Fri 18 Apr 2025 18:30:13 +0000
ROA not after: Fri 23 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:6e:2d:96:6d:dd:d6:7a:54:b5:69:ca:0b:31:94:0f:a6:4d:e5:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 18 18:30:13 2025 GMT
Not After : May 23 23:59:59 2025 GMT
Subject: serialNumber=fddd328f8524d25579405713e99244ed9089b806eca992f9afc4ff36d99b5dff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5c:c0:ab:29:32:14:85:33:48:9e:7d:1e:62:
40:e7:99:f6:c4:77:3a:30:fc:40:49:83:2c:1f:7c:
78:e0:f0:63:e7:71:c2:1c:b0:b8:98:95:0e:33:8c:
51:27:79:8e:95:9d:39:00:a1:a2:f5:4e:52:9e:b0:
92:c5:72:18:c5:5d:f7:b5:b5:48:39:c8:73:46:03:
12:07:33:2f:7d:0a:9a:3a:b7:6d:8c:fc:b4:3e:bb:
c7:31:bc:9d:c2:76:ad:60:69:d7:0d:0c:31:3b:a4:
5f:88:94:1b:ff:53:e2:c1:d4:78:f9:98:ba:45:40:
ae:c3:fb:14:93:68:10:de:d7:e9:22:05:6a:fe:33:
e4:87:8d:d4:6c:98:2f:e9:50:0f:dd:1c:49:43:55:
22:44:d8:94:b3:40:2a:27:d9:90:e8:58:e4:45:c8:
3a:fb:db:06:97:a7:9d:1b:fc:0c:75:38:d1:f6:6d:
27:61:05:2e:d4:86:64:4e:27:c2:40:e3:3e:96:41:
02:fd:60:7e:51:17:96:5b:b9:ea:0c:2a:9e:77:68:
59:91:dd:ca:98:b7:9c:4f:68:34:b2:b6:20:de:76:
75:9e:25:a9:c8:49:02:5e:3f:7b:e1:6c:35:5d:4d:
43:92:53:d3:4b:ca:70:3e:ad:4f:89:11:58:25:f0:
85:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AA:27:97:12:3F:64:95:37:9F:49:DB:77:00:09:95:47:6D:2F:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/40
Signature Algorithm: sha256WithRSAEncryption
4a:18:98:ff:0c:01:fc:b5:ac:84:eb:41:3e:8c:4b:d0:95:c6:
e7:69:40:88:c6:1c:51:d7:cd:d0:f4:36:ab:cc:7c:9f:8d:d0:
dc:25:d7:8f:4f:fd:6b:80:ab:54:41:08:cb:96:26:f7:6e:b1:
40:3f:2a:b7:12:cd:41:b3:07:40:3b:d9:3d:05:9f:b9:80:81:
13:a0:aa:b5:bc:35:ae:c4:5a:b1:79:bf:b6:7a:6c:8f:29:dd:
a3:dd:98:af:f6:bc:8c:a2:42:33:95:26:3e:69:35:71:e9:06:
2e:3d:59:91:32:c7:46:ca:c6:54:dd:6f:b9:ca:7d:1c:b0:7a:
1f:3d:f9:63:5b:57:4a:0c:49:00:00:47:09:76:0c:71:2b:34:
dd:f6:4c:cd:54:06:31:8b:81:e9:a5:fa:9b:86:66:6e:ae:b5:
8d:c2:11:1c:54:15:9d:c5:f3:4c:93:04:20:f9:1e:ba:5b:02:
5b:3f:7b:3f:4d:14:ce:61:e2:84:23:49:af:ea:de:a1:5c:a0:
53:78:b7:7a:34:30:80:f6:f7:fa:66:71:11:d2:8d:ea:68:e5:
62:ad:38:b9:76:14:73:5f:a5:dd:10:ee:f4:26:e2:6e:ad:99:
e5:74:5d:96:a7:87:a0:3c:bc:51:41:93:d3:79:fc:a7:7d:9f:
58:bf:0b:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNW4tlm3d1npUtWnKCzGUD6ZN5fswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTgxODMwMTNaFw0yNTA1MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkZGQzMjhmODUyNGQyNTU3OTQwNTcxM2U5OTI0NGVkOTA4OWI4MDZlY2E5
OTJmOWFmYzRmZjM2ZDk5YjVkZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpcwKspMhSFM0iefR5iQOeZ9sR3OjD8QEmDLB98eODwY+dxwhywuJiVDjOM
USd5jpWdOQChovVOUp6wksVyGMVd97W1SDnIc0YDEgczL30Kmjq3bYz8tD67xzG8
ncJ2rWBp1w0MMTukX4iUG/9T4sHUePmYukVArsP7FJNoEN7X6SIFav4z5IeN1GyY
L+lQD90cSUNVIkTYlLNAKifZkOhY5EXIOvvbBpennRv8DHU40fZtJ2EFLtSGZE4n
wkDjPpZBAv1gflEXllu56gwqnndoWZHdypi3nE9oNLK2IN52dZ4lqchJAl4/e+Fs
NV1NQ5JT00vKcD6tT4kRWCXwhfkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQqieX
Ej9klTefSdt3AAmVR20v5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjgxODExNTktNTY5NS00OTQ0LWI5MDEtZjg0YjgzNmI0ZDhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBKGJj/DAH8tayE60E+jEvQlcbnaUCIxhxR183Q
9DarzHyfjdDcJdePT/1rgKtUQQjLlib3brFAPyq3Es1BswdAO9k9BZ+5gIEToKq1
vDWuxFqxeb+2emyPKd2j3Ziv9ryMokIzlSY+aTVx6QYuPVmRMsdGysZU3W+5yn0c
sHofPfljW1dKDEkAAEcJdgxxKzTd9kzNVAYxi4HppfqbhmZurrWNwhEcVBWdxfNM
kwQg+R66WwJbP3s/TRTOYeKEI0mv6t6hXKBTeLd6NDCA9vf6ZnER0o3qaOVirTi5
dhRzX6XdEO70JuJurZnldF2Wp4egPLxRQZPTefynfZ9Yvwvy
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:04 2025 by rpki-client