Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json)
Hash identifier: gW676Z7SEkenKGzy9JLca2Z5jbEWRd8Cw3pTgp1m+W0=
Subject key identifier: BE:4B:14:66:00:C8:0D:69:9D:2D:01:7E:1F:9A:31:F6:F4:EE:43:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08B1A9A3BF88A2332C5F7D3A8F0942A6C1A55152
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
Signing time: Fri 25 Apr 2025 20:30:15 +0000
ROA not before: Fri 25 Apr 2025 20:30:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:b1:a9:a3:bf:88:a2:33:2c:5f:7d:3a:8f:09:42:a6:c1:a5:51:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:30:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=cdc8a8c7a33400a94de17299d3f88e28459da0fd7c6c6bc7fd5ecf35143f051d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:11:b2:54:b1:f0:c7:56:ab:f5:9d:c5:7a:b0:
87:4f:66:70:84:da:fa:4a:88:d6:d2:5c:24:2b:db:
34:31:63:48:f9:a3:15:17:87:92:c3:90:9a:84:82:
d3:66:9d:51:e6:b3:2f:2a:88:14:d2:3e:c1:1d:0d:
16:5f:4b:be:1a:8b:90:65:b7:bc:1a:ba:9a:9d:ed:
6b:ff:d1:d7:01:25:9f:8e:8a:bf:44:11:66:b3:d8:
2b:e3:dc:25:85:30:cc:40:f2:b3:c6:fe:c5:ce:8e:
8f:b0:c6:94:13:5d:1e:d1:7a:79:fa:36:6a:57:69:
0d:3d:07:6d:a6:e3:85:8c:34:3e:eb:9a:d7:cd:ba:
79:0c:b1:f7:9b:6a:07:45:e5:d7:44:32:23:14:23:
96:77:74:b5:50:6a:18:fd:1e:c2:a5:dd:d7:20:c3:
52:49:72:a4:bc:11:22:2a:e8:b5:ae:64:e0:f7:ee:
64:3a:30:3c:06:95:42:36:08:57:e6:d1:7a:78:6a:
80:1e:c6:6f:35:04:36:f7:61:25:22:31:f1:a4:b1:
a1:83:d4:ad:b0:86:74:5b:03:38:2b:4a:3b:d4:7e:
b7:c4:b3:72:bf:8e:60:eb:21:31:c8:03:b2:80:29:
fd:8f:68:23:e8:06:31:cd:d6:2f:79:6d:6b:a1:67:
ec:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4B:14:66:00:C8:0D:69:9D:2D:01:7E:1F:9A:31:F6:F4:EE:43:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025:1000::/36
Signature Algorithm: sha256WithRSAEncryption
7b:47:b7:7c:5e:56:31:37:64:62:29:6d:3a:7e:fa:29:3b:ba:
55:20:87:0c:0d:99:62:94:a7:6c:d9:be:6d:7c:49:a8:bb:d4:
63:97:f1:31:05:5d:fe:db:e5:24:a4:e8:a0:2f:b0:fa:76:66:
79:74:f4:ae:fd:94:35:f7:7e:95:83:5b:ed:e3:fa:93:2e:bc:
62:71:81:9d:69:a2:3a:e3:91:48:49:b6:3d:3c:bf:32:87:3d:
d2:10:0f:d3:97:8c:d7:c1:50:54:34:87:4c:b6:04:6c:1c:fc:
4e:b9:64:bd:bf:8e:69:7c:39:da:66:5f:bc:2b:33:5b:52:e3:
93:8e:84:35:f3:3e:d5:64:33:67:6a:fe:27:13:13:97:b1:31:
59:a2:0e:39:15:86:55:90:98:2f:f2:82:06:43:c6:68:81:15:
da:2c:f6:4c:40:99:90:20:86:fa:9d:9e:ee:18:d0:f3:ce:f8:
b0:e3:41:77:43:4a:ad:93:ff:fb:0d:7b:20:0c:c4:35:a9:df:
13:62:a7:44:9b:9b:b8:69:92:0d:4b:5f:95:2c:39:6e:6b:bc:
1a:1f:2c:dd:f8:d1:2d:88:29:22:a8:b2:35:da:d8:27:1f:be:
a5:75:0d:df:25:c4:b7:4d:28:b3:bc:17:be:4a:37:5f:6f:13:
4e:aa:ec:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCLGpo7+IojMsX306jwlCpsGlUVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDMwMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkYzhhOGM3YTMzNDAwYTk0ZGUxNzI5OWQzZjg4ZTI4NDU5ZGEwZmQ3YzZj
NmJjN2ZkNWVjZjM1MTQzZjA1MWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkRslSx8MdWq/WdxXqwh09mcITa+kqI1tJcJCvbNDFjSPmjFReHksOQmoSC
02adUeazLyqIFNI+wR0NFl9LvhqLkGW3vBq6mp3ta//R1wEln46Kv0QRZrPYK+Pc
JYUwzEDys8b+xc6Oj7DGlBNdHtF6efo2aldpDT0HbabjhYw0Puua1826eQyx95tq
B0Xl10QyIxQjlnd0tVBqGP0ewqXd1yDDUklypLwRIirota5k4PfuZDowPAaVQjYI
V+bRenhqgB7GbzUENvdhJSIx8aSxoYPUrbCGdFsDOCtKO9R+t8Szcr+OYOshMcgD
soAp/Y9oI+gGMc3WL3lta6Fn7FkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS+SxRm
AMgNaZ0tAX4fmjH29O5D+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB7R7d8XlYxN2RiKW06fvopO7pVIIcMDZlilKds
2b5tfEmou9Rjl/ExBV3+2+UkpOigL7D6dmZ5dPSu/ZQ1936Vg1vt4/qTLrxicYGd
aaI645FISbY9PL8yhz3SEA/Tl4zXwVBUNIdMtgRsHPxOuWS9v45pfDnaZl+8KzNb
UuOTjoQ18z7VZDNnav4nExOXsTFZog45FYZVkJgv8oIGQ8ZogRXaLPZMQJmQIIb6
nZ7uGNDzzviw40F3Q0qtk//7DXsgDMQ1qd8TYqdEm5u4aZINS1+VLDlua7waHyzd
+NEtiCkiqLI12tgnH76ldQ3fJcS3TSizvBe+SjdfbxNOqux4
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:19 2025 by rpki-client