Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58a57efc-c80e-4942-be52-27b7aa819f65.roa
File: 58a57efc-c80e-4942-be52-27b7aa819f65.roa (raw, json)
Hash identifier: 9tJFAgQcdskoiOxb47dMqWvtMemQFWe57J7khW7kL60=
Subject key identifier: 6C:32:32:EB:A8:C6:B3:2B:6F:24:73:0F:81:D5:3A:79:32:8C:6A:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B190A953F47772AEF93CD33A764DF2D2D2D2733
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58a57efc-c80e-4942-be52-27b7aa819f65.roa
Signing time: Thu 17 Apr 2025 16:38:50 +0000
ROA not before: Thu 17 Apr 2025 16:38:50 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:19:0a:95:3f:47:77:2a:ef:93:cd:33:a7:64:df:2d:2d:2d:27:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:38:50 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=b13227db740fa9d0aeaf77985efb1dec75fed48ef3713ec202f22c1b680a87b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:98:d5:38:ce:a9:5f:d3:de:16:e9:31:42:ec:
7f:a9:f6:98:b3:7e:ca:fb:56:ab:56:7e:82:5d:54:
b0:e4:c6:79:0b:8c:01:58:75:f5:8d:a1:de:8c:5e:
02:e8:7a:06:64:48:6c:9b:62:47:18:e2:bb:66:fa:
38:8b:78:ae:00:78:65:e3:e8:86:73:a3:3b:30:94:
8b:0b:0b:4c:8a:a3:d9:90:36:cf:84:98:c3:40:8c:
8b:19:19:f6:bc:b1:63:4d:69:db:ff:2b:9d:4e:3c:
d5:34:ee:82:9f:4b:e7:0e:f5:a5:15:f4:62:de:15:
b0:9a:41:98:e4:f7:9c:1e:85:b6:bc:7a:e4:dc:6a:
b0:4e:10:7e:2a:81:ec:b3:86:c5:aa:4e:c6:cd:d0:
1d:fe:fe:27:69:73:fa:8c:08:09:22:57:9e:d3:c6:
ca:b8:c6:6a:e1:7b:5b:22:6c:98:9b:fe:4b:f8:40:
37:f5:78:d4:67:bc:30:2e:6c:01:c5:80:16:fb:fb:
16:86:5b:10:e6:30:a1:0e:bc:27:df:5c:1a:05:76:
d3:02:0b:9d:5b:b9:43:eb:64:f0:b0:38:60:e6:4d:
90:e0:a5:1c:db:af:cd:69:d7:60:71:2f:3a:30:de:
0c:be:a9:03:9b:a9:b8:13:ea:7a:ea:93:2a:6f:07:
5b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:32:32:EB:A8:C6:B3:2B:6F:24:73:0F:81:D5:3A:79:32:8C:6A:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58a57efc-c80e-4942-be52-27b7aa819f65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b::/32
Signature Algorithm: sha256WithRSAEncryption
1a:e5:46:ba:3e:75:d0:85:21:df:0d:14:f4:80:04:5b:4d:15:
0e:5d:08:46:fa:2c:68:a0:9c:3f:ad:20:4a:34:ce:48:f4:b7:
a5:38:f5:1b:24:f9:38:5e:06:f9:07:69:0d:fe:d3:76:16:16:
ac:dd:cd:09:dd:71:f4:d1:b9:d4:cb:d1:44:0e:b7:d3:b0:b7:
91:ea:65:c2:e9:2b:9b:3a:0a:37:34:aa:3a:31:6b:87:54:f9:
dd:41:20:a3:ec:3e:ed:8b:60:1a:60:41:e8:81:7f:dd:4a:62:
df:51:e0:21:e3:f2:7e:a5:cf:be:a5:2b:65:f6:aa:62:6c:51:
f9:12:76:d6:2e:63:5c:72:f4:5f:1c:2c:a1:46:4a:81:4a:80:
a2:b1:70:6d:2a:cd:57:a1:0e:f7:3f:4c:23:56:e5:48:05:ea:
bb:33:c6:67:e3:a5:7a:13:ce:76:3e:48:42:ca:26:9c:79:97:
b5:35:94:2d:8f:bc:83:c6:19:bb:b9:45:14:94:9f:b8:98:23:
dd:23:f6:90:76:0f:37:b0:69:42:45:96:41:ba:a1:8e:43:86:
2b:8d:85:7e:94:94:17:cf:d5:67:7e:da:50:2f:69:d2:04:25:
2f:df:e3:1d:e9:ab:8f:ba:a0:33:0e:0c:6c:7f:16:4a:dd:92:
69:af:53:06
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUWxkKlT9Hdyrvk80zp2TfLS0tJzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM4NTBaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMzIyN2RiNzQwZmE5ZDBhZWFmNzc5ODVlZmIxZGVjNzVmZWQ0OGVmMzcx
M2VjMjAyZjIyYzFiNjgwYTg3YjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOY1TjOqV/T3hbpMULsf6n2mLN+yvtWq1Z+gl1UsOTGeQuMAVh19Y2h3oxe
Auh6BmRIbJtiRxjiu2b6OIt4rgB4ZePohnOjOzCUiwsLTIqj2ZA2z4SYw0CMixkZ
9ryxY01p2/8rnU481TTugp9L5w71pRX0Yt4VsJpBmOT3nB6Ftrx65NxqsE4QfiqB
7LOGxapOxs3QHf7+J2lz+owICSJXntPGyrjGauF7WyJsmJv+S/hAN/V41Ge8MC5s
AcWAFvv7FoZbEOYwoQ68J99cGgV20wILnVu5Q+tk8LA4YOZNkOClHNuvzWnXYHEv
OjDeDL6pA5upuBPqeuqTKm8HW70CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRsMjLr
qMazK28kcw+B1Tp5MoxqDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NThhNTdlZmMtYzgwZS00OTQyLWJlNTItMjdiN2FhODE5ZjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fsw
DQYJKoZIhvcNAQELBQADggEBABrlRro+ddCFId8NFPSABFtNFQ5dCEb6LGignD+t
IEo0zkj0t6U49Rsk+TheBvkHaQ3+03YWFqzdzQndcfTRudTL0UQOt9Owt5HqZcLp
K5s6Cjc0qjoxa4dU+d1BIKPsPu2LYBpgQeiBf91KYt9R4CHj8n6lz76lK2X2qmJs
UfkSdtYuY1xy9F8cLKFGSoFKgKKxcG0qzVehDvc/TCNW5UgF6rszxmfjpXoTznY+
SELKJpx5l7U1lC2PvIPGGbu5RRSUn7iYI90j9pB2DzewaUJFlkG6oY5DhiuNhX6U
lBfP1Wd+2lAvadIEJS/f4x3pq4+6oDMODGx/FkrdkmmvUwY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:08 2025 by rpki-client