Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
File: 5767e356-231b-4b87-98ab-c496dcc2d53f.roa (raw, json)
Hash identifier: hb5sdw3Yhec/wt9lLKVLM3cr4Fj/b84VDbQcmM5ly7g=
Subject key identifier: 9E:D1:0A:A8:E9:27:42:67:B4:48:52:B1:8B:F4:D9:00:FB:51:7C:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0539558E1AE771F9C0139F952ECBF0BEE0F632E2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
Signing time: Fri 25 Apr 2025 19:51:40 +0000
ROA not before: Fri 25 Apr 2025 19:51:40 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:39:55:8e:1a:e7:71:f9:c0:13:9f:95:2e:cb:f0:be:e0:f6:32:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:40 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=33a1530ba9e1185878a14cc9d8822a4bdbac29e60c5e79fc88dbbe2f9b2e9abf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0e:9d:c5:7e:2a:52:9d:68:02:d1:4e:6d:bf:
91:24:c0:52:e3:04:d7:87:38:39:ca:62:d0:4a:a7:
6e:e3:27:a6:b6:ea:b0:db:59:53:20:0a:b6:4f:8f:
8a:da:4a:5e:35:7d:f0:c4:b8:fd:4d:2d:65:81:fc:
f4:cc:8e:8a:1d:54:c6:66:cf:a6:63:83:da:2f:42:
13:09:80:16:69:bb:8e:c1:68:36:ae:0b:43:ad:72:
9f:da:99:ac:3b:01:5d:95:be:e0:c6:97:f8:86:8a:
91:d1:e1:0b:13:91:ab:9c:b1:67:49:b8:81:d6:21:
61:53:a2:fe:15:18:a7:c7:7e:07:5f:5f:13:26:37:
bd:dc:87:a1:c2:9c:8f:c2:4b:d1:7f:d5:7f:f6:e2:
37:4f:84:81:46:69:11:4f:42:3e:52:87:64:5a:ff:
4b:57:95:b6:73:ae:7e:51:9d:ed:b0:90:c2:4c:00:
9a:13:4a:eb:b5:99:2b:7b:0c:59:08:76:1f:3a:a2:
22:c0:25:e9:cf:23:b2:22:91:1c:d9:16:ca:81:82:
ea:56:0f:a4:85:14:d1:c1:25:04:2f:28:a1:05:9a:
68:d6:36:4c:c2:4c:e0:27:68:d7:64:f7:cf:aa:0c:
42:84:fb:91:6c:13:ff:5c:df:8e:17:2d:8c:10:9d:
ca:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D1:0A:A8:E9:27:42:67:B4:48:52:B1:8B:F4:D9:00:FB:51:7C:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:c000::/40
Signature Algorithm: sha256WithRSAEncryption
89:ac:45:89:43:20:a6:3f:94:3c:e9:c5:45:ee:4c:c1:74:16:
4a:0b:d9:21:9c:22:67:dd:1c:31:75:b2:0f:b9:ea:cc:15:1c:
39:23:55:4e:cc:69:05:6a:ac:6e:96:d5:47:20:10:36:6d:6f:
b4:56:48:e8:e3:50:6d:4f:cf:65:55:23:03:83:98:18:e2:4e:
62:6b:ad:a0:42:40:89:4c:c4:18:e9:5b:92:bf:e2:48:83:7b:
7d:26:ba:22:8a:88:69:68:fe:d3:4f:64:20:9e:6f:f7:d9:ca:
c0:f1:8f:48:91:50:4b:f0:f9:c5:d9:10:15:1f:4f:47:ab:b9:
ce:0e:e1:67:f0:48:3f:be:aa:5e:d9:c1:ee:28:48:24:a4:2f:
4d:5d:c6:d8:f8:b6:30:f3:c0:dc:e7:56:5a:e7:6a:4e:8b:03:
2e:50:73:74:32:64:39:a1:7f:5a:e6:0f:48:4b:33:45:aa:f4:
b7:c9:c4:aa:36:53:3a:18:20:f2:ee:52:8e:bb:e0:8f:2a:2f:
b6:c3:ae:72:ef:e4:81:a9:62:e8:84:f7:d2:10:1d:f1:2a:69:
63:99:ba:34:ee:c4:70:0d:63:09:a3:3e:e8:bb:cc:11:9b:ba:
e5:79:fe:7c:41:4c:16:04:ff:de:b3:96:ad:55:23:6a:bd:8a:
59:be:c7:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBTlVjhrncfnAE5+VLsvwvuD2MuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxNDBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzYTE1MzBiYTllMTE4NTg3OGExNGNjOWQ4ODIyYTRiZGJhYzI5ZTYwYzVl
NzlmYzg4ZGJiZTJmOWIyZTlhYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwOncV+KlKdaALRTm2/kSTAUuME14c4Ocpi0EqnbuMnprbqsNtZUyAKtk+P
itpKXjV98MS4/U0tZYH89MyOih1UxmbPpmOD2i9CEwmAFmm7jsFoNq4LQ61yn9qZ
rDsBXZW+4MaX+IaKkdHhCxORq5yxZ0m4gdYhYVOi/hUYp8d+B19fEyY3vdyHocKc
j8JL0X/Vf/biN0+EgUZpEU9CPlKHZFr/S1eVtnOuflGd7bCQwkwAmhNK67WZK3sM
WQh2HzqiIsAl6c8jsiKRHNkWyoGC6lYPpIUU0cElBC8ooQWaaNY2TMJM4Cdo12T3
z6oMQoT7kWwT/1zfjhctjBCdynUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSe0Qqo
6SdCZ7RIUrGL9NkA+1F8QjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc2N2UzNTYtMjMxYi00Yjg3LTk4YWItYzQ5NmRjYzJkNTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCJrEWJQyCmP5Q86cVF7kzBdBZKC9khnCJn3Rwx
dbIPuerMFRw5I1VOzGkFaqxultVHIBA2bW+0Vkjo41BtT89lVSMDg5gY4k5ia62g
QkCJTMQY6VuSv+JIg3t9JroiiohpaP7TT2Qgnm/32crA8Y9IkVBL8PnF2RAVH09H
q7nODuFn8Eg/vqpe2cHuKEgkpC9NXcbY+LYw88Dc51Za52pOiwMuUHN0MmQ5oX9a
5g9ISzNFqvS3ycSqNlM6GCDy7lKOu+CPKi+2w65y7+SBqWLohPfSEB3xKmljmbo0
7sRwDWMJoz7ou8wRm7rlef58QUwWBP/es5atVSNqvYpZvsdD
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:21 2025 by rpki-client