Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json)
Hash identifier: hVC4yu02SswCuLF1bhO6BDHsbye7t8VoqeySepkJbHM=
Subject key identifier: 0E:03:CC:A9:4C:FE:4C:8A:E0:4D:5A:CC:A2:1B:13:0E:6D:53:E5:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 566CAC336E49A357167BA1D558C51FE86A61AC35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
Signing time: Fri 25 Apr 2025 20:30:07 +0000
ROA not before: Fri 25 Apr 2025 20:30:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:6c:ac:33:6e:49:a3:57:16:7b:a1:d5:58:c5:1f:e8:6a:61:ac:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:30:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c93c926b43ee1d8932f83b0cee1cf82c2611570667f93a9629368fa2e3d6fa2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7c:03:09:47:93:7b:59:56:95:e9:a0:48:ac:
5a:88:b4:86:c7:31:95:fe:7d:a6:ff:a7:ca:60:d4:
92:61:e9:25:aa:3c:08:9c:c5:e1:f6:66:27:cf:4c:
7d:16:d4:35:e1:7d:2a:28:96:f4:29:7d:db:9e:67:
a3:e2:11:14:b2:46:af:62:f0:ff:b8:9e:39:e6:cb:
09:67:b3:ae:41:c6:9a:d9:ad:09:a1:9e:63:c9:e3:
01:cd:93:f0:b1:02:5e:9e:a2:b1:96:20:33:b0:f3:
f5:92:96:6d:e1:fc:0d:60:19:be:37:8c:1c:e8:ad:
44:12:41:5a:36:6c:e7:fc:da:61:a4:5e:59:49:72:
47:55:6e:8c:16:9a:ec:d7:01:e0:94:81:53:af:ff:
f0:f2:7c:89:89:29:cd:43:17:4f:d4:67:0a:d0:ed:
13:50:da:1c:7d:52:fd:3a:ac:90:4a:7a:c8:0f:75:
ed:11:43:a3:f1:ab:d5:3b:de:f2:25:4e:70:67:bf:
86:b5:ef:36:99:d1:ad:1a:25:41:a6:bc:e9:e5:c4:
b8:55:3b:f1:00:2b:97:01:99:46:ef:a2:65:b8:7a:
c1:1b:6b:65:bc:c0:34:91:79:27:43:8e:22:b4:a4:
6a:1c:21:0d:92:90:37:3e:35:a7:3e:4d:3d:5b:81:
97:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:03:CC:A9:4C:FE:4C:8A:E0:4D:5A:CC:A2:1B:13:0E:6D:53:E5:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020::/28
Signature Algorithm: sha256WithRSAEncryption
b7:32:d3:c8:e7:96:19:15:5e:d3:03:d1:49:f8:79:76:73:ca:
3b:29:2c:eb:8d:a0:fc:94:28:27:72:48:72:09:09:19:81:17:
72:f0:c4:49:0e:62:77:6d:17:be:b7:a1:f1:84:f8:7a:4b:f2:
7f:7c:d6:b0:2f:a5:09:68:31:75:c1:12:28:c0:1a:e0:4b:fc:
87:df:bb:c9:a5:92:9b:af:e9:07:0e:83:e2:d7:d8:18:a4:a7:
4c:18:92:70:68:d3:1f:94:a1:24:44:09:89:79:90:8d:d5:b2:
24:92:17:73:86:3a:f5:d3:f4:f8:c2:98:4c:08:40:20:f5:e3:
ec:8f:6e:71:cd:ad:ee:94:d2:65:e6:37:c1:fc:f9:ee:b0:a6:
2f:0d:e7:f9:ba:a9:75:83:f1:e4:87:07:0b:22:cb:a3:7d:9d:
4d:83:41:06:bc:37:e2:ca:81:f8:7b:73:e6:17:eb:72:6d:a1:
61:4b:19:fe:f1:e8:70:b3:92:56:99:94:4f:2f:38:bb:af:af:
aa:35:5c:37:23:00:1d:2f:f7:60:80:a3:a9:1c:da:65:e3:23:
b7:94:20:c5:f5:6b:3d:87:4d:43:55:77:c7:15:9e:08:1e:44:
36:03:c5:de:40:35:7b:40:f0:07:07:7b:ca:ea:df:40:60:9f:
0d:83:4c:86
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUVmysM25Jo1cWe6HVWMUf6GphrDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDMwMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5M2M5MjZiNDNlZTFkODkzMmY4M2IwY2VlMWNmODJjMjYxMTU3MDY2N2Y5
M2E5NjI5MzY4ZmEyZTNkNmZhMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMd8AwlHk3tZVpXpoEisWoi0hscxlf59pv+nymDUkmHpJao8CJzF4fZmJ89M
fRbUNeF9KiiW9Cl9255no+IRFLJGr2Lw/7ieOebLCWezrkHGmtmtCaGeY8njAc2T
8LECXp6isZYgM7Dz9ZKWbeH8DWAZvjeMHOitRBJBWjZs5/zaYaReWUlyR1VujBaa
7NcB4JSBU6//8PJ8iYkpzUMXT9RnCtDtE1DaHH1S/TqskEp6yA917RFDo/Gr1Tve
8iVOcGe/hrXvNpnRrRolQaa86eXEuFU78QArlwGZRu+iZbh6wRtrZbzANJF5J0OO
IrSkahwhDZKQNz41pz5NPVuBlzUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQOA8yp
TP5MiuBNWsyiGxMObVPlITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw
DQYJKoZIhvcNAQELBQADggEBALcy08jnlhkVXtMD0Un4eXZzyjspLOuNoPyUKCdy
SHIJCRmBF3LwxEkOYndtF763ofGE+HpL8n981rAvpQloMXXBEijAGuBL/Iffu8ml
kpuv6QcOg+LX2Bikp0wYknBo0x+UoSRECYl5kI3VsiSSF3OGOvXT9PjCmEwIQCD1
4+yPbnHNre6U0mXmN8H8+e6wpi8N5/m6qXWD8eSHBwsiy6N9nU2DQQa8N+LKgfh7
c+YX63JtoWFLGf7x6HCzklaZlE8vOLuvr6o1XDcjAB0v92CAo6kc2mXjI7eUIMX1
az2HTUNVd8cVnggeRDYDxd5ANXtA8AcHe8rq30Bgnw2DTIY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:05 2025 by rpki-client