Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
File: 2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa (raw, json)
Hash identifier: ImRj6SXiThNDCFbovdaH48rB7OPHU+S0Rr9i8mSQlos=
Subject key identifier: 34:54:3D:28:69:33:7A:A8:61:6A:45:FA:9C:EC:8D:BF:18:08:9C:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 653BCDDC8DC92E1DA1952F7861B58C412817BAE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
Signing time: Fri 25 Apr 2025 20:21:27 +0000
ROA not before: Fri 25 Apr 2025 20:21:27 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:3b:cd:dc:8d:c9:2e:1d:a1:95:2f:78:61:b5:8c:41:28:17:ba:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:27 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ac40eb913ad54e69cabc61d39de2c4f90f342e62eb14b58691ed47971e1ad5a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cf:88:e6:c7:2d:74:83:22:8c:4c:dd:fa:08:
22:f5:b2:44:09:67:0d:5f:ba:0b:f6:45:5c:dd:db:
a8:b2:40:be:95:dc:65:74:2f:51:7c:9d:3d:f5:ce:
da:ad:88:71:28:d5:a1:2c:17:0e:96:b1:7b:5f:5f:
1e:39:2e:5d:67:49:f5:f6:88:de:35:e4:c7:2b:06:
15:f1:8e:02:61:c1:a7:8e:70:94:01:8f:ff:f3:15:
31:7d:de:b6:4a:3e:8c:e2:19:5c:a2:98:63:a3:5e:
a1:d4:65:2a:24:42:37:b6:33:b7:af:2f:6f:9d:d8:
7d:69:2b:f4:7d:b1:f1:9f:ef:ce:59:56:1e:db:2d:
c8:2e:aa:4b:b2:04:fa:6d:c7:c8:2b:b7:42:96:90:
04:67:27:f1:13:3e:da:02:b9:a4:6f:15:b1:dc:83:
ea:72:aa:dd:0e:21:2e:e9:c5:a7:dd:11:0f:5d:0c:
a9:c2:d6:f2:e5:37:89:f5:98:2b:9d:94:4a:bf:26:
30:e1:5d:3f:f1:1c:4e:29:4e:66:ac:c4:85:ea:d5:
7b:26:c3:14:d3:46:53:86:3a:fe:68:92:9d:fc:9a:
c3:e8:f4:58:c2:78:c5:d1:df:ab:e1:44:52:a6:01:
5e:90:40:cc:81:bf:2e:4b:54:5c:92:5f:eb:1c:d7:
c5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:54:3D:28:69:33:7A:A8:61:6A:45:FA:9C:EC:8D:BF:18:08:9C:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
65:71:3d:10:70:9b:cb:b2:b1:96:5c:82:b8:7d:41:d7:b9:27:
eb:cc:f7:e2:7f:c5:62:1f:bd:a3:f9:00:2e:5b:53:19:f5:b9:
ea:04:c6:fa:18:ea:19:74:5d:d2:ba:85:06:9d:77:fa:dc:17:
09:dd:27:76:c0:42:7b:18:95:2b:41:00:32:31:a7:dc:dd:3b:
7c:2b:5d:2f:bc:31:41:1c:7c:e0:09:17:8e:d0:b3:88:fc:ab:
24:f9:2a:74:9d:da:0c:15:bb:ee:89:31:3a:8b:d2:ef:be:7a:
59:9f:cb:08:dc:84:11:86:22:98:65:29:d3:29:ea:52:5e:68:
54:70:e8:71:ae:31:31:95:c9:6e:a5:8b:d8:7a:79:c2:b7:34:
ed:e6:9c:fb:d9:a8:48:0c:3c:4e:1a:31:e8:d5:27:0a:f9:08:
5b:7d:a7:74:da:da:a5:60:8a:b2:18:ee:38:bf:e7:3c:5e:2a:
b1:c2:8f:10:30:b8:08:bc:00:94:67:19:d0:5b:a5:f1:38:04:
66:64:c3:d0:fd:5b:c5:a8:17:d0:27:c6:26:f9:5c:38:33:48:
96:33:e1:16:33:9b:a8:03:2b:4a:e0:44:49:76:24:26:9d:c8:
f7:22:53:04:fe:b5:53:ce:a9:72:51:a1:6e:8c:e1:e8:6b:4d:
24:44:a2:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZTvN3I3JLh2hlS94YbWMQSgXuukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMjdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjNDBlYjkxM2FkNTRlNjljYWJjNjFkMzlkZTJjNGY5MGYzNDJlNjJlYjE0
YjU4NjkxZWQ0Nzk3MWUxYWQ1YTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnPiObHLXSDIoxM3foIIvWyRAlnDV+6C/ZFXN3bqLJAvpXcZXQvUXydPfXO
2q2IcSjVoSwXDpaxe19fHjkuXWdJ9faI3jXkxysGFfGOAmHBp45wlAGP//MVMX3e
tko+jOIZXKKYY6NeodRlKiRCN7Yzt68vb53YfWkr9H2x8Z/vzllWHtstyC6qS7IE
+m3HyCu3QpaQBGcn8RM+2gK5pG8VsdyD6nKq3Q4hLunFp90RD10MqcLW8uU3ifWY
K52USr8mMOFdP/EcTilOZqzEherVeybDFNNGU4Y6/miSnfyaw+j0WMJ4xdHfq+FE
UqYBXpBAzIG/LktUXJJf6xzXxUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0VD0o
aTN6qGFqRfqc7I2/GAicSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM1YmE2NzMtNmQ5YS00ZWYyLWI4YTAtMTFkMGRkYmYzMDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBlcT0QcJvLsrGWXIK4fUHXuSfrzPfif8ViH72j
+QAuW1MZ9bnqBMb6GOoZdF3SuoUGnXf63BcJ3Sd2wEJ7GJUrQQAyMafc3Tt8K10v
vDFBHHzgCReO0LOI/Ksk+Sp0ndoMFbvuiTE6i9LvvnpZn8sI3IQRhiKYZSnTKepS
XmhUcOhxrjExlclupYvYennCtzTt5pz72ahIDDxOGjHo1ScK+Qhbfad02tqlYIqy
GO44v+c8Xiqxwo8QMLgIvACUZxnQW6XxOARmZMPQ/VvFqBfQJ8Ym+Vw4M0iWM+EW
M5uoAytK4ERJdiQmncj3IlME/rVTzqlyUaFujOHoa00kRKLz
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:15 2025 by rpki-client