Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a5b2678-5fa1-4938-8da0-12d2395c11ee.roa
File: 2a5b2678-5fa1-4938-8da0-12d2395c11ee.roa (raw, json)
Hash identifier: eEeDna9SMirQBTKQSqvc6qLMMU/8DbVEewjfWrn8SLA=
Subject key identifier: 5D:4B:7C:2E:E9:C5:87:01:F2:B1:87:BB:22:DF:94:5D:65:AF:C0:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 410118FA6369D763B491A06DF4ADFB0626C915EE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a5b2678-5fa1-4938-8da0-12d2395c11ee.roa
Signing time: Thu 17 Apr 2025 20:36:56 +0000
ROA not before: Thu 17 Apr 2025 20:36:56 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:01:18:fa:63:69:d7:63:b4:91:a0:6d:f4:ad:fb:06:26:c9:15:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:56 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=c81412944e97d315404bade22b1b90b55ffe9cffb6ebf549cf0367ff07039ada, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a7:d9:c9:4b:77:75:90:4a:1c:bc:d9:e2:6e:
18:6f:c0:05:3a:26:3d:c1:3f:a2:c4:d0:fd:4c:b1:
e2:c2:ee:62:ed:82:86:cb:1b:b8:54:ff:aa:62:bb:
a9:bc:9c:41:67:f2:8a:38:c4:77:7e:00:ca:64:fc:
8f:9f:03:78:cc:45:c6:2d:40:18:aa:2d:8b:5e:b3:
0a:cf:31:68:a9:24:fe:30:2c:ad:42:a1:5f:bf:3c:
71:fb:02:62:ce:9a:a4:be:dd:20:bb:53:a7:7e:5f:
d0:ca:01:fa:63:e3:54:47:df:01:c2:df:01:3b:c4:
91:eb:38:26:a7:60:14:37:30:33:cf:cd:6a:d5:0b:
bf:6d:f1:82:9b:7c:ec:6b:79:6d:ff:75:2b:fd:06:
9f:69:17:df:57:19:b4:63:b3:5c:ae:b2:cf:91:24:
8c:34:50:8e:ff:24:d2:c0:65:47:66:38:a5:60:85:
58:37:52:f0:eb:25:7f:a7:66:87:e2:fb:46:09:fb:
95:de:5d:fb:d9:35:3f:5d:2d:9d:cb:32:ba:9a:71:
9e:9f:5a:14:e3:f1:f0:f5:c7:3e:a7:3f:20:7c:5f:
cf:16:1a:45:a4:13:23:00:42:f9:8c:00:cc:da:65:
e7:43:f2:73:d8:2a:b5:a2:a6:09:83:67:12:1b:57:
e3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4B:7C:2E:E9:C5:87:01:F2:B1:87:BB:22:DF:94:5D:65:AF:C0:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a5b2678-5fa1-4938-8da0-12d2395c11ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
6d:0c:83:7b:42:2b:cd:2d:fb:44:ee:75:3e:6a:1e:2f:5f:da:
9f:b8:59:7f:a9:b8:5a:d6:04:bb:de:43:20:fa:1f:11:cc:ee:
80:48:69:9a:bd:1f:b3:a6:00:ab:28:6e:ff:b3:77:63:0f:fc:
8b:78:c7:3c:83:71:86:42:ee:bc:ab:96:fc:15:81:e7:24:89:
e0:98:eb:d0:c4:02:42:fd:4e:a0:9e:2a:f4:ac:a1:c9:04:a7:
0a:e7:09:36:02:21:bd:93:8c:f1:ba:0f:61:ae:e6:ed:f5:d1:
ed:2c:05:9f:5c:05:26:e9:75:fa:0b:98:47:2b:c4:6d:4c:af:
1b:96:35:16:29:d1:e1:bc:81:49:88:b8:7f:b7:17:03:26:9c:
2f:38:ab:2d:14:b9:cb:f8:8d:38:4d:46:89:e2:11:59:f9:04:
5b:68:57:49:da:02:76:06:c4:a1:af:10:69:68:3d:fa:d9:45:
bc:0b:bd:78:7d:ab:9e:2e:57:5e:d6:92:68:3f:b2:60:d5:ad:
a8:58:9c:f2:a6:63:30:3b:6f:a9:47:42:36:46:cf:e4:1b:2f:
35:cd:69:ac:54:d2:84:cd:ef:30:db:74:43:01:62:7e:be:7d:
53:4c:c5:da:37:84:f9:18:05:eb:d2:92:30:3e:6d:60:b8:50:
b8:89:b1:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQQEY+mNp12O0kaBt9K37BibJFe4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NTZaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4MTQxMjk0NGU5N2QzMTU0MDRiYWRlMjJiMWI5MGI1NWZmZTljZmZiNmVi
ZjU0OWNmMDM2N2ZmMDcwMzlhZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWn2clLd3WQShy82eJuGG/ABTomPcE/osTQ/Uyx4sLuYu2ChssbuFT/qmK7
qbycQWfyijjEd34AymT8j58DeMxFxi1AGKoti16zCs8xaKkk/jAsrUKhX788cfsC
Ys6apL7dILtTp35f0MoB+mPjVEffAcLfATvEkes4JqdgFDcwM8/NatULv23xgpt8
7Gt5bf91K/0Gn2kX31cZtGOzXK6yz5EkjDRQjv8k0sBlR2Y4pWCFWDdS8Oslf6dm
h+L7Rgn7ld5d+9k1P10tncsyuppxnp9aFOPx8PXHPqc/IHxfzxYaRaQTIwBC+YwA
zNpl50Pyc9gqtaKmCYNnEhtX4xMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdS3wu
6cWHAfKxh7si35RdZa/AGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmE1YjI2NzgtNWZhMS00OTM4LThkYTAtMTJkMjM5NWMxMWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G5A
MA0GCSqGSIb3DQEBCwUAA4IBAQBtDIN7QivNLftE7nU+ah4vX9qfuFl/qbha1gS7
3kMg+h8RzO6ASGmavR+zpgCrKG7/s3djD/yLeMc8g3GGQu68q5b8FYHnJIngmOvQ
xAJC/U6gnir0rKHJBKcK5wk2AiG9k4zxug9hrubt9dHtLAWfXAUm6XX6C5hHK8Rt
TK8bljUWKdHhvIFJiLh/txcDJpwvOKstFLnL+I04TUaJ4hFZ+QRbaFdJ2gJ2BsSh
rxBpaD362UW8C714faueLlde1pJoP7Jg1a2oWJzypmMwO2+pR0I2Rs/kGy81zWms
VNKEze8w23RDAWJ+vn1TTMXaN4T5GAXr0pIwPm1guFC4ibFE
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:37 2025 by rpki-client