Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5acd35f8-42dc-4211-8060-407321cbd4dd.roa
File: 5acd35f8-42dc-4211-8060-407321cbd4dd.roa (raw, json)
Hash identifier: qOe2PSBzu1y2W2jApoMCnAGmbfIv+uuSqBjW1kls7ls=
Subject key identifier: E6:E6:6B:92:6C:82:41:10:EA:D9:19:4B:A5:42:A5:E1:1F:04:84:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20A5DE69753C0196C32D59260B76CE9E7FA39580
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5acd35f8-42dc-4211-8060-407321cbd4dd.roa
Signing time: Fri 25 Apr 2025 19:20:15 +0000
ROA not before: Fri 25 Apr 2025 19:20:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:a5:de:69:75:3c:01:96:c3:2d:59:26:0b:76:ce:9e:7f:a3:95:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c064b0492a41ee647919e718660c1137a141f63f81bc56bf129fe6c4da2ee66f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:64:4f:22:a6:39:62:a8:71:16:fa:68:24:8c:
5c:e9:05:75:40:9d:fd:19:7a:b6:95:cb:c9:68:30:
0f:5e:77:66:b5:ab:2b:83:d6:e2:52:d1:89:fe:6d:
f7:ba:ed:fa:bf:4f:a6:7f:ee:0f:4a:1d:ba:1d:7c:
c1:30:ad:ca:f0:98:1b:1e:ee:e9:62:aa:3a:3b:c8:
82:b7:56:d2:7b:84:f4:5e:48:2b:1d:a5:32:77:0d:
94:82:06:7b:39:2c:3c:dd:28:48:33:55:72:50:5a:
8f:66:70:c7:78:1a:6a:62:97:2d:a6:6e:3e:e2:b7:
43:fc:8e:98:d9:26:01:5e:8c:c0:2c:96:c9:0f:b8:
06:d1:40:17:af:f0:e7:7f:00:b6:cb:29:de:16:fb:
3a:3d:d4:bb:84:22:10:fa:54:6d:f5:70:e8:ee:15:
eb:9f:d7:13:35:74:9b:ca:d2:df:66:2d:8f:ce:8f:
4a:a5:36:9b:d7:e2:c6:6e:b5:cd:82:d2:7b:6f:da:
1f:01:77:81:72:17:1d:43:98:75:5b:17:ea:b0:66:
59:d6:5f:bf:9b:f6:55:e8:42:c8:fb:56:25:00:f2:
99:f3:9d:6b:ac:0f:4a:69:0e:81:69:c3:cd:ea:b3:
72:d0:59:d3:d1:18:d8:51:48:98:c0:82:09:74:e3:
03:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:E6:6B:92:6C:82:41:10:EA:D9:19:4B:A5:42:A5:E1:1F:04:84:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5acd35f8-42dc-4211-8060-407321cbd4dd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:6040::/46
Signature Algorithm: sha256WithRSAEncryption
8b:5d:c6:af:a3:ec:ed:e2:02:11:c8:d3:12:ab:f2:06:3e:f8:
f1:5c:17:2c:0f:8e:77:9a:ab:36:f8:75:e0:64:7b:7d:d4:94:
39:f7:e0:26:49:1c:96:c1:8f:32:a9:36:ae:28:37:de:9d:52:
69:9b:7d:98:c8:3f:62:fa:22:8d:58:32:f1:bd:b9:58:c8:d2:
c0:37:67:87:aa:7b:f2:4f:3d:af:51:e1:e7:02:6e:f2:2d:5b:
6f:84:4b:13:ff:5c:17:82:e7:8f:4f:6c:b7:76:67:09:fc:1e:
2d:fe:c7:77:a2:66:78:95:ca:a2:57:91:3f:2b:2d:1c:cf:ac:
85:c8:1e:2e:f4:cc:80:56:60:49:9a:c7:d9:f3:6c:d4:45:d1:
c2:3e:c0:4e:86:08:20:2e:ac:cf:92:4a:62:9e:a7:16:87:de:
ed:52:47:5b:ed:55:92:bc:9d:0d:70:e7:2f:eb:1a:a5:60:0e:
d7:e0:5a:17:41:77:c7:3b:1c:45:ef:01:db:27:4f:ed:63:0b:
af:2a:2d:52:a3:7d:29:d5:0c:ad:d0:24:f9:a5:32:3b:be:be:
85:22:3a:15:51:63:68:c5:96:65:d2:f2:4b:0a:95:2f:4f:56:
e6:ac:57:dc:a2:4b:57:41:7b:36:fd:58:d4:bd:c3:3a:f0:d6:
ea:f8:73:44
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIKXeaXU8AZbDLVkmC3bOnn+jlYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwNjRiMDQ5MmE0MWVlNjQ3OTE5ZTcxODY2MGMxMTM3YTE0MWY2M2Y4MWJj
NTZiZjEyOWZlNmM0ZGEyZWU2NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdkTyKmOWKocRb6aCSMXOkFdUCd/Rl6tpXLyWgwD153ZrWrK4PW4lLRif5t
97rt+r9Ppn/uD0oduh18wTCtyvCYGx7u6WKqOjvIgrdW0nuE9F5IKx2lMncNlIIG
ezksPN0oSDNVclBaj2Zwx3gaamKXLaZuPuK3Q/yOmNkmAV6MwCyWyQ+4BtFAF6/w
538Atssp3hb7Oj3Uu4QiEPpUbfVw6O4V65/XEzV0m8rS32Ytj86PSqU2m9fixm61
zYLSe2/aHwF3gXIXHUOYdVsX6rBmWdZfv5v2VehCyPtWJQDymfOda6wPSmkOgWnD
zeqzctBZ09EY2FFImMCCCXTjA3ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTm5muS
bIJBEOrZGUulQqXhHwSEBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWFjZDM1ZjgtNDJkYy00MjExLTgwNjAtNDA3MzIxY2JkNGRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hdg
QDANBgkqhkiG9w0BAQsFAAOCAQEAi13Gr6Ps7eICEcjTEqvyBj748VwXLA+Od5qr
Nvh14GR7fdSUOffgJkkclsGPMqk2rig33p1SaZt9mMg/YvoijVgy8b25WMjSwDdn
h6p78k89r1Hh5wJu8i1bb4RLE/9cF4Lnj09st3ZnCfweLf7Hd6JmeJXKoleRPyst
HM+shcgeLvTMgFZgSZrH2fNs1EXRwj7AToYIIC6sz5JKYp6nFofe7VJHW+1Vkryd
DXDnL+sapWAO1+BaF0F3xzscRe8B2ydP7WMLryotUqN9KdUMrdAk+aUyO76+hSI6
FVFjaMWWZdLySwqVL09W5qxX3KJLV0F7Nv1Y1L3DOvDW6vhzRA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:59 2025 by rpki-client