Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
File: 2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa (raw, json)
Hash identifier: BgJ/mOIqGhYi00BShf801CfunBYj0CJgXBRzzsAhQGY=
Subject key identifier: E0:DC:19:11:4A:E9:AC:FA:7E:97:A4:18:F2:77:D3:96:5C:A7:24:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A8D803DCA2D9A58078490BC76E214287D4FEDBC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
Signing time: Sat 24 May 2025 00:30:11 +0000
ROA not before: Sat 24 May 2025 00:30:11 +0000
ROA not after: Sat 28 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:8d:80:3d:ca:2d:9a:58:07:84:90:bc:76:e2:14:28:7d:4f:ed:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:30:11 2025 GMT
Not After : Jun 28 23:59:59 2025 GMT
Subject: serialNumber=1e73a69c583922313b2369f702cb4aa390520c9816027c0afc3ef2d2e0e4a4c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:39:1f:c3:bb:4e:62:bf:92:07:86:d9:d1:a3:
53:37:26:10:28:22:64:3d:33:18:c1:43:ef:67:4c:
8c:0c:f8:5c:e3:cf:cb:b9:2d:3d:e5:ea:6b:a2:3d:
2e:ca:76:1f:3e:92:87:c5:e1:02:31:d0:f0:91:22:
97:36:93:fc:22:c9:1a:77:64:21:4e:06:b5:7c:1a:
5e:e0:32:4a:9e:62:23:15:e8:3f:eb:3a:a5:74:66:
9a:1c:02:6d:eb:9f:bf:51:60:e0:60:e8:70:8a:0b:
23:9e:8f:ad:d9:21:14:b5:1d:04:77:ea:2f:c1:42:
20:e1:d3:60:20:bd:e0:04:99:68:70:9c:08:93:7a:
3a:13:b5:cb:a5:e0:0a:2d:3d:e6:cd:77:86:ac:74:
d8:e6:4d:d0:0f:5c:8f:17:35:9b:18:2b:f4:e0:c9:
3b:e1:e7:cc:38:19:24:78:ac:b1:b1:c0:88:e2:cf:
e5:d6:cc:4c:62:4e:23:ae:6d:a4:51:cf:5e:22:b5:
13:fb:7d:8e:bd:f3:e4:6f:b3:aa:94:48:17:5d:4b:
69:8c:51:68:95:6e:c2:71:1e:bd:7c:44:29:88:e7:
fe:db:6d:b4:e9:e9:2e:bc:4e:60:16:16:50:eb:3b:
d3:0f:25:e3:e0:13:96:cf:06:7a:a7:ac:9f:5a:41:
5f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:DC:19:11:4A:E9:AC:FA:7E:97:A4:18:F2:77:D3:96:5C:A7:24:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
b2:77:a6:d6:ad:07:1f:b7:84:ef:41:d3:48:46:e6:72:77:cf:
ad:ed:7c:8d:c9:f2:eb:01:7b:7b:eb:cf:2a:41:9c:6d:08:23:
73:c9:ba:99:cd:57:d6:95:08:b5:9f:28:4e:bf:be:20:d4:b5:
d0:36:6d:80:0d:42:58:8d:1f:95:d3:cf:45:b7:d6:2e:99:78:
c7:fc:e6:06:89:b9:dc:66:af:eb:a3:fa:ab:79:82:b8:0a:51:
69:c9:39:de:ed:21:8e:ab:2b:62:b6:3a:10:2b:6c:81:30:ca:
6e:75:2d:db:a0:78:e9:79:56:58:68:58:d1:51:ec:c7:97:e6:
dd:c0:f1:55:a0:29:84:59:f0:ae:ee:cf:21:78:75:85:fb:3e:
f6:74:71:4b:4c:cb:47:8f:1a:f0:de:28:a2:74:79:a9:1d:08:
47:61:33:5e:f5:e1:77:23:7d:0c:27:87:b1:33:cc:b0:a2:2b:
df:9f:ef:de:3e:08:a2:2f:78:9f:ce:10:46:1a:ef:e2:4e:24:
e7:1a:55:0c:40:0f:e8:94:25:10:03:57:36:d5:e2:2d:cc:7c:
75:bb:8e:75:bd:02:db:02:53:eb:f7:46:8f:39:8f:1b:28:82:
74:4d:61:1d:ad:5e:1a:32:87:ee:7c:75:cd:ca:45:de:22:9a:
63:3e:a1:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCo2APcotmlgHhJC8duIUKH1P7bwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjQwMDMwMTFaFw0yNTA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlNzNhNjljNTgzOTIyMzEzYjIzNjlmNzAyY2I0YWEzOTA1MjBjOTgxNjAy
N2MwYWZjM2VmMmQyZTBlNGE0YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMo5H8O7TmK/kgeG2dGjUzcmECgiZD0zGMFD72dMjAz4XOPPy7ktPeXqa6I9
Lsp2Hz6Sh8XhAjHQ8JEilzaT/CLJGndkIU4GtXwaXuAySp5iIxXoP+s6pXRmmhwC
beufv1Fg4GDocIoLI56PrdkhFLUdBHfqL8FCIOHTYCC94ASZaHCcCJN6OhO1y6Xg
Ci095s13hqx02OZN0A9cjxc1mxgr9ODJO+HnzDgZJHissbHAiOLP5dbMTGJOI65t
pFHPXiK1E/t9jr3z5G+zqpRIF11LaYxRaJVuwnEevXxEKYjn/ttttOnpLrxOYBYW
UOs70w8l4+ATls8Geqesn1pBXy0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTg3BkR
Sums+n6XpBjyd9OWXKckSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM1YmE2NzMtNmQ5YS00ZWYyLWI4YTAtMTFkMGRkYmYzMDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQCyd6bWrQcft4TvQdNIRuZyd8+t7XyNyfLrAXt7
688qQZxtCCNzybqZzVfWlQi1nyhOv74g1LXQNm2ADUJYjR+V089Ft9YumXjH/OYG
ibncZq/ro/qreYK4ClFpyTne7SGOqytitjoQK2yBMMpudS3boHjpeVZYaFjRUezH
l+bdwPFVoCmEWfCu7s8heHWF+z72dHFLTMtHjxrw3iiidHmpHQhHYTNe9eF3I30M
J4exM8ywoivfn+/ePgiiL3ifzhBGGu/iTiTnGlUMQA/olCUQA1c21eItzHx1u451
vQLbAlPr90aPOY8bKIJ0TWEdrV4aMofufHXNykXeIppjPqGV
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:18 2025 by rpki-client