Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e377775-7db2-4fae-bcbc-22d3b84a24f5.roa
File: 2e377775-7db2-4fae-bcbc-22d3b84a24f5.roa (raw, json)
Hash identifier: JN/H205mKDkOfyhK+8Hl583ykkjsghnR8cMh1XPlV2o=
Subject key identifier: 05:0F:C3:86:38:93:70:47:84:06:D9:7F:92:5B:E5:47:9F:2F:2F:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51FD5CEDBD2463E671300F5451C1DF60971A2AC5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e377775-7db2-4fae-bcbc-22d3b84a24f5.roa
Signing time: Fri 25 Apr 2025 19:31:33 +0000
ROA not before: Fri 25 Apr 2025 19:31:33 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:fd:5c:ed:bd:24:63:e6:71:30:0f:54:51:c1:df:60:97:1a:2a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:33 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ac10ce7c375a86e99304313ebe626cb9dfef16d42a6309fbdf8c04359d99bb43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7c:c9:88:10:7e:97:32:5c:23:e1:29:87:00:
a6:99:41:24:ba:fb:65:5e:b1:3b:16:2a:b8:6d:54:
f3:5f:8d:92:8d:d6:e4:ec:97:3d:6e:5c:8f:4f:72:
d6:0a:dc:cd:9c:71:4a:91:80:77:80:13:e0:a8:46:
59:31:eb:18:bf:c1:82:b9:86:45:3c:79:88:74:1c:
d4:e2:ab:56:32:a7:eb:68:e0:9d:4d:46:72:f3:dd:
2c:ef:21:33:01:47:aa:5c:26:7a:cf:c4:a4:09:f8:
48:05:88:08:0c:8d:11:36:8f:be:b8:71:4c:3f:b0:
f6:be:7b:f2:f0:e1:f7:9e:c9:f9:4d:30:5a:e6:89:
a0:95:f8:8b:3b:17:0e:a6:09:fd:8d:bd:7f:f6:f5:
00:24:58:10:f3:0f:a1:c8:77:79:52:c0:23:50:50:
3b:d2:21:1c:a6:21:14:8f:c8:b1:9a:a1:f6:2b:3b:
a6:e2:22:52:08:e2:b7:1e:c3:40:0b:5d:7e:c7:c3:
18:37:84:3e:26:a1:1b:98:56:63:97:2d:84:00:f7:
8e:43:25:77:95:ce:2e:54:71:84:80:cd:79:01:e5:
59:2a:80:15:22:11:25:0d:f6:0f:43:f4:54:39:1a:
49:18:ef:e8:10:37:10:62:ce:2c:4c:43:a6:13:6e:
ad:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0F:C3:86:38:93:70:47:84:06:D9:7F:92:5B:E5:47:9F:2F:2F:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e377775-7db2-4fae-bcbc-22d3b84a24f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:b000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:c3:93:f5:9e:2a:50:16:40:b9:9f:d8:c5:52:95:c0:c3:06:
88:fe:03:34:3e:e2:c0:93:2b:bf:f9:f7:ad:a0:28:6c:d6:8e:
f1:8b:99:7d:1d:ee:85:71:46:56:d3:6f:1a:73:a1:e0:98:6d:
b7:6d:3f:c9:68:cc:8c:00:7f:91:c1:56:20:af:37:41:a5:e2:
05:4c:0e:6f:b9:ea:57:ab:28:95:a5:f1:af:8e:26:05:28:28:
39:95:db:13:f1:1e:3f:89:e2:9c:47:f6:33:8d:69:18:b4:81:
22:3f:7b:52:4c:83:57:5f:a7:c8:8d:4e:1b:b7:66:6d:37:56:
c5:67:85:e4:78:13:08:3b:18:29:bd:f3:8a:0e:dd:c2:10:26:
86:3f:28:cb:5b:3b:49:c9:29:c5:05:09:80:3b:2d:7c:76:de:
d5:46:73:da:94:13:3a:be:71:af:a4:bd:f6:d3:6b:ea:05:ff:
8b:66:bd:ee:af:29:8d:62:9c:05:ad:4b:55:62:84:52:5a:12:
ff:78:80:39:54:01:da:9b:a6:b9:e7:17:d5:39:19:d8:d4:8d:
64:2f:50:3f:7b:ab:7d:bf:93:e0:d0:08:89:03:4e:db:53:17:
88:32:0d:ba:a1:54:22:00:39:30:37:2f:69:71:a9:a9:5e:82:
6b:5e:27:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUf1c7b0kY+ZxMA9UUcHfYJcaKsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMzNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMTBjZTdjMzc1YTg2ZTk5MzA0MzEzZWJlNjI2Y2I5ZGZlZjE2ZDQyYTYz
MDlmYmRmOGMwNDM1OWQ5OWJiNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR8yYgQfpcyXCPhKYcApplBJLr7ZV6xOxYquG1U81+Nko3W5OyXPW5cj09y
1grczZxxSpGAd4AT4KhGWTHrGL/BgrmGRTx5iHQc1OKrVjKn62jgnU1GcvPdLO8h
MwFHqlwmes/EpAn4SAWICAyNETaPvrhxTD+w9r578vDh957J+U0wWuaJoJX4izsX
DqYJ/Y29f/b1ACRYEPMPoch3eVLAI1BQO9IhHKYhFI/IsZqh9is7puIiUgjitx7D
QAtdfsfDGDeEPiahG5hWY5cthAD3jkMld5XOLlRxhIDNeQHlWSqAFSIRJQ32D0P0
VDkaSRjv6BA3EGLOLExDphNurfECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFD8OG
OJNwR4QG2X+SW+VHny8vVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmUzNzc3NzUtN2RiMi00ZmFlLWJjYmMtMjJkM2I4NGEyNGY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hew
MA0GCSqGSIb3DQEBCwUAA4IBAQCsw5P1nipQFkC5n9jFUpXAwwaI/gM0PuLAkyu/
+fetoChs1o7xi5l9He6FcUZW028ac6HgmG23bT/JaMyMAH+RwVYgrzdBpeIFTA5v
uepXqyiVpfGvjiYFKCg5ldsT8R4/ieKcR/YzjWkYtIEiP3tSTINXX6fIjU4bt2Zt
N1bFZ4XkeBMIOxgpvfOKDt3CECaGPyjLWztJySnFBQmAOy18dt7VRnPalBM6vnGv
pL3202vqBf+LZr3urymNYpwFrUtVYoRSWhL/eIA5VAHam6a55xfVORnY1I1kL1A/
e6t9v5Pg0AiJA07bUxeIMg26oVQiADkwNy9pcampXoJrXicU
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:16 2025 by rpki-client