Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ad80ae6-718d-4331-bc0a-ad31510cfa0f.roa
File: 2ad80ae6-718d-4331-bc0a-ad31510cfa0f.roa (raw, json)
Hash identifier: Jl2ZyzqR+aUvEDSWK2cY/E9oWxQkZPd3DlTvVHh308w=
Subject key identifier: D5:D9:1E:54:9F:59:EC:68:0E:06:5C:26:D8:CF:1A:07:61:65:3B:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A95345B0BD614B21FA33DF2193D81709664CD69
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ad80ae6-718d-4331-bc0a-ad31510cfa0f.roa
Signing time: Fri 25 Apr 2025 18:51:20 +0000
ROA not before: Fri 25 Apr 2025 18:51:20 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:95:34:5b:0b:d6:14:b2:1f:a3:3d:f2:19:3d:81:70:96:64:cd:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:20 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=aeb39bce2c354ffc9cad622bdcfab86dfa58d9aedc5d80e323c9b0c7c7a5337f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:0b:6e:5e:a6:b3:e0:10:1a:53:7e:df:b0:
b3:5d:db:1d:0c:ea:a5:c4:8b:2e:64:c7:85:45:3a:
a9:11:c8:ca:84:be:a8:c9:e5:7e:bf:fc:7b:52:39:
54:6f:df:a4:f7:5a:41:9b:3e:8c:22:ad:f1:26:7e:
8f:f6:19:67:36:be:a9:49:0d:d4:90:b4:59:ac:c4:
58:fc:cd:32:c0:ab:03:fb:62:58:b6:21:e0:89:f9:
b9:a2:39:aa:46:1f:13:8e:52:8c:aa:4e:b7:51:df:
d2:64:da:68:fd:4f:d7:40:de:87:ea:bd:12:4d:c8:
24:df:c8:01:2b:7b:fc:ee:49:c2:09:c1:21:b6:56:
ce:6b:c9:e2:b1:21:5f:73:eb:63:4e:fb:c1:fb:e9:
d3:71:a5:c3:a6:91:ce:db:67:6c:9e:f5:51:57:9f:
7c:8a:66:ca:4c:90:39:76:de:d6:f1:68:56:18:26:
a8:38:20:48:da:e3:b5:73:d2:b7:37:cc:d5:b4:78:
63:1a:05:85:ef:fb:2e:cb:0e:a2:34:5f:84:31:60:
e0:f9:b2:cc:2e:c0:1c:aa:a7:f5:00:26:c1:89:6f:
94:a8:57:f7:de:53:b2:00:6f:99:57:d3:3d:00:bd:
f6:b1:eb:62:91:59:21:d1:02:75:15:16:d2:c6:97:
59:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D9:1E:54:9F:59:EC:68:0E:06:5C:26:D8:CF:1A:07:61:65:3B:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ad80ae6-718d-4331-bc0a-ad31510cfa0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c040::/48
Signature Algorithm: sha256WithRSAEncryption
31:7a:d7:08:6e:77:ee:ae:b2:9d:93:99:3b:6f:bb:32:9d:f8:
a5:25:67:15:f4:98:d7:e3:56:6e:d3:5c:fb:71:b1:38:78:ee:
95:69:5a:37:6c:33:7f:83:05:72:b1:dd:12:f1:69:02:ed:3b:
9f:a5:06:aa:19:f5:5f:36:9c:b1:79:d4:87:7c:45:29:35:cd:
ff:45:d6:46:c9:49:1d:b6:2d:9f:e9:fb:32:f3:67:a0:00:d1:
06:a7:36:39:05:1f:2f:15:9c:05:1d:14:a9:92:43:1e:60:32:
e9:87:fa:f5:f4:19:c1:70:49:49:1f:22:c0:0b:9b:8d:4e:37:
41:92:08:e9:49:20:20:a0:bd:b5:d8:b0:ef:a1:45:45:19:3e:
e2:82:ff:67:37:19:81:0e:db:96:52:f8:c2:1b:b5:e2:0e:a5:
fa:a1:33:70:a1:90:11:54:12:f3:eb:78:fd:10:f5:40:0b:02:
15:c2:93:ca:c6:8f:a8:41:e8:f4:4b:ac:ec:f3:4a:a6:f4:8d:
74:00:7a:f9:d0:e7:bd:dc:a4:16:52:36:25:63:31:25:a5:4b:
92:11:0f:42:37:e0:0b:64:d2:80:23:08:5b:ab:54:b8:f3:63:
7b:52:cc:57:c8:ff:35:53:f2:56:d4:af:a6:08:5a:6b:b0:aa:
62:72:43:91
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWpU0WwvWFLIfoz3yGT2BcJZkzWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMjBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlYjM5YmNlMmMzNTRmZmM5Y2FkNjIyYmRjZmFiODZkZmE1OGQ5YWVkYzVk
ODBlMzIzYzliMGM3YzdhNTMzN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfKC25eprPgEBpTft+ws13bHQzqpcSLLmTHhUU6qRHIyoS+qMnlfr/8e1I5
VG/fpPdaQZs+jCKt8SZ+j/YZZza+qUkN1JC0WazEWPzNMsCrA/tiWLYh4In5uaI5
qkYfE45SjKpOt1Hf0mTaaP1P10Deh+q9Ek3IJN/IASt7/O5JwgnBIbZWzmvJ4rEh
X3PrY077wfvp03Glw6aRzttnbJ71UVeffIpmykyQOXbe1vFoVhgmqDggSNrjtXPS
tzfM1bR4YxoFhe/7LssOojRfhDFg4PmyzC7AHKqn9QAmwYlvlKhX995TsgBvmVfT
PQC99rHrYpFZIdECdRUW0saXWfUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTV2R5U
n1nsaA4GXCbYzxoHYWU7mzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFkODBhZTYtNzE4ZC00MzMxLWJjMGEtYWQzMTUxMGNmYTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTA
QDANBgkqhkiG9w0BAQsFAAOCAQEAMXrXCG537q6ynZOZO2+7Mp34pSVnFfSY1+NW
btNc+3GxOHjulWlaN2wzf4MFcrHdEvFpAu07n6UGqhn1XzacsXnUh3xFKTXN/0XW
RslJHbYtn+n7MvNnoADRBqc2OQUfLxWcBR0UqZJDHmAy6Yf69fQZwXBJSR8iwAub
jU43QZII6UkgIKC9tdiw76FFRRk+4oL/ZzcZgQ7bllL4whu14g6l+qEzcKGQEVQS
8+t4/RD1QAsCFcKTysaPqEHo9Eus7PNKpvSNdAB6+dDnvdykFlI2JWMxJaVLkhEP
QjfgC2TSgCMIW6tUuPNje1LMV8j/NVPyVtSvpghaa7CqYnJDkQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:09 2025 by rpki-client