Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: /uLnBdaOSC2DKI2bidhvhbfKwsbUatDrbnoLBxjtnrs=
Subject key identifier: B3:C6:7F:50:79:22:5E:14:C7:74:55:C8:B4:21:C1:B6:A1:E1:BA:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 407AD6066B598F8EE913F0A3089764020DA66D2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Fri 25 Apr 2025 20:20:52 +0000
ROA not before: Fri 25 Apr 2025 20:20:52 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:7a:d6:06:6b:59:8f:8e:e9:13:f0:a3:08:97:64:02:0d:a6:6d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:52 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=0e3644c6c0e3fb8271ff96ac8d184ca4b8d5e42d7d9a0fc5b619d017a4580ac3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b6:1d:d0:be:b6:fc:6a:4d:a6:f9:08:af:56:
85:94:55:8a:a1:2f:d5:1b:7f:19:60:d1:8f:59:e4:
26:39:ad:9a:69:bb:c9:29:6e:ce:fc:3f:b1:71:9c:
1f:71:57:d1:44:d4:e0:fe:85:52:ca:25:8e:3f:2d:
ee:e0:2f:c7:1e:32:be:af:ed:3b:1f:5b:da:57:b1:
1a:8a:c5:f7:57:ea:64:96:d1:ff:bd:a4:3e:15:51:
3b:22:9f:ab:68:21:14:e5:6c:90:de:26:63:5d:d3:
36:6f:de:56:40:f7:3c:17:58:50:53:25:89:ec:d0:
31:b6:28:16:bf:ff:69:b0:93:c6:3d:3b:9b:b4:e8:
51:d6:00:6f:29:ff:f0:ad:27:86:3f:11:8f:74:fb:
66:c3:17:fe:6b:4f:24:e4:60:80:54:c7:f8:ed:64:
62:aa:72:a6:fe:92:c8:1d:9f:06:8b:58:5b:05:7f:
df:59:de:02:37:e1:9b:ba:60:6f:0d:ed:a0:ca:e7:
86:78:9c:a5:1e:93:a3:05:d1:8a:5d:9f:a6:fc:e7:
1b:5a:a8:ae:f6:7c:32:09:59:9c:c8:23:db:e8:d3:
b8:17:1f:21:b3:aa:9b:40:37:91:c3:62:3e:da:56:
00:c9:2e:d1:0e:a5:c4:6c:cb:e4:e5:7b:ea:2c:6c:
24:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C6:7F:50:79:22:5E:14:C7:74:55:C8:B4:21:C1:B6:A1:E1:BA:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
64:0f:1f:7e:a7:a3:91:48:ae:cc:07:53:f4:ca:e4:d5:d2:ac:
18:36:e3:9d:63:ee:bc:f3:62:c7:97:23:6b:28:30:ec:b5:4f:
ce:bd:a4:b9:e9:39:b3:db:28:93:17:3b:e1:72:5d:62:a9:b3:
1f:46:31:a8:80:f2:12:ed:62:d6:0d:e7:d5:11:ee:e9:0c:ad:
7c:70:e5:6c:97:ec:46:67:c7:97:5b:d3:5f:c9:e9:09:75:b6:
7b:38:f9:fa:12:33:47:34:7a:dd:5c:ab:86:11:ac:19:e9:fd:
65:80:c2:91:af:77:ea:68:18:6d:95:3a:78:0e:22:e8:41:26:
0e:09:f8:53:c2:19:eb:b3:d2:b5:29:ab:66:c4:11:58:df:dd:
11:97:00:df:34:b6:f3:ff:3c:25:7b:15:1d:8b:a9:67:d5:76:
96:c8:13:3f:63:2e:80:b2:e2:d2:3e:10:94:07:47:64:39:25:
75:b7:0e:fe:45:03:ab:a3:26:02:d1:52:c6:bf:41:91:c0:0a:
ea:b6:29:50:21:87:5f:cc:f0:68:f1:4c:54:9c:54:c2:8c:3b:
27:9d:a3:6e:73:60:bb:52:f7:2e:04:1e:fc:50:90:04:e4:64:
6a:bb:5c:cd:6c:50:3e:5b:e6:1f:a3:34:bc:21:f0:6a:d4:06:
ef:f3:4e:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQHrWBmtZj47pE/CjCJdkAg2mbS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwNTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlMzY0NGM2YzBlM2ZiODI3MWZmOTZhYzhkMTg0Y2E0YjhkNWU0MmQ3ZDlh
MGZjNWI2MTlkMDE3YTQ1ODBhYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALe2HdC+tvxqTab5CK9WhZRViqEv1Rt/GWDRj1nkJjmtmmm7ySluzvw/sXGc
H3FX0UTU4P6FUsoljj8t7uAvxx4yvq/tOx9b2lexGorF91fqZJbR/72kPhVROyKf
q2ghFOVskN4mY13TNm/eVkD3PBdYUFMliezQMbYoFr//abCTxj07m7ToUdYAbyn/
8K0nhj8Rj3T7ZsMX/mtPJORggFTH+O1kYqpypv6SyB2fBotYWwV/31neAjfhm7pg
bw3toMrnhnicpR6TowXRil2fpvznG1qorvZ8MglZnMgj2+jTuBcfIbOqm0A3kcNi
PtpWAMku0Q6lxGzL5OV76ixsJOUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzxn9Q
eSJeFMd0Vci0IcG2oeG6/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBkDx9+p6ORSK7MB1P0yuTV0qwYNuOdY+6882LH
lyNrKDDstU/OvaS56Tmz2yiTFzvhcl1iqbMfRjGogPIS7WLWDefVEe7pDK18cOVs
l+xGZ8eXW9NfyekJdbZ7OPn6EjNHNHrdXKuGEawZ6f1lgMKRr3fqaBhtlTp4DiLo
QSYOCfhTwhnrs9K1KatmxBFY390RlwDfNLbz/zwlexUdi6ln1XaWyBM/Yy6AsuLS
PhCUB0dkOSV1tw7+RQOroyYC0VLGv0GRwArqtilQIYdfzPBo8UxUnFTCjDsnnaNu
c2C7UvcuBB78UJAE5GRqu1zNbFA+W+YfozS8IfBq1Abv805p
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:25 2025 by rpki-client