Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
File: 5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa (raw, json)
Hash identifier: KUJmGB17DSQggvSHKepu7l3dAt/iUu3mVTHkkLRDpKA=
Subject key identifier: 50:2A:6D:4E:6C:6D:E4:5D:4A:C2:3D:CD:83:18:8E:89:13:BE:AE:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 775E2809415E53473B2A5C90E5259CD60F68805A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
Signing time: Mon 21 Apr 2025 18:30:15 +0000
ROA not before: Mon 21 Apr 2025 18:30:15 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:5e:28:09:41:5e:53:47:3b:2a:5c:90:e5:25:9c:d6:0f:68:80:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:30:15 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=93b8f36095d94a65107e3427c5493b6a79daad3c58e2c84ea04ba11e0b9fbd77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:61:d2:36:50:23:7c:68:63:bc:1e:00:0e:4d:
62:92:90:8e:c9:a7:5f:0a:58:86:e4:8d:37:20:b7:
bf:10:23:ff:94:e6:ce:bb:e7:7e:5f:2b:6e:28:09:
56:05:39:21:99:0d:e4:af:b5:79:ee:6b:02:48:02:
22:8c:b2:70:c6:13:8f:ac:f9:ef:34:99:a9:c8:ae:
cf:62:0e:8c:4f:40:7e:71:30:2c:6f:6f:00:c5:ff:
c1:f0:a7:1e:fc:da:b3:ed:ec:67:75:aa:c9:4e:ea:
52:20:bf:62:2f:b7:72:2f:28:43:e1:47:71:98:11:
89:30:db:73:2e:74:07:91:74:c0:48:a6:ab:ab:e1:
55:95:18:48:39:91:40:01:1f:67:e1:d0:88:29:40:
cc:6e:6c:3c:ec:e6:a3:cf:62:18:99:dd:20:25:4a:
16:d9:85:bb:ac:f7:10:99:49:39:83:f8:63:85:5d:
41:a0:da:b9:ce:6b:74:4f:11:7a:9b:cd:e1:4a:d2:
cb:05:a1:38:52:51:04:c9:c2:81:f0:80:80:1b:6a:
2d:6c:e3:67:cd:1f:24:bf:7c:df:ea:09:68:92:87:
42:a1:b3:09:ca:06:43:07:3a:ac:ac:7a:23:c6:6f:
20:8e:d4:fc:38:75:89:0f:14:85:a4:73:95:15:1a:
48:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:2A:6D:4E:6C:6D:E4:5D:4A:C2:3D:CD:83:18:8E:89:13:BE:AE:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:880::/48
Signature Algorithm: sha256WithRSAEncryption
c9:1c:f3:81:32:1d:3d:27:9f:c4:d9:36:9c:c7:b2:af:61:a6:
23:7b:aa:38:da:00:06:16:46:2d:27:1e:cf:5e:41:92:6b:c1:
ad:da:d1:a4:46:3e:e7:03:f8:9d:f1:23:71:7d:bc:28:b0:d4:
90:55:77:54:b8:0e:48:2f:f4:4d:1e:46:5d:0c:b8:77:c8:34:
fb:ab:ef:df:3b:d1:0b:dc:6b:6a:8c:ad:da:28:ad:9d:01:68:
9e:47:0c:d8:b1:4f:cf:86:9e:c0:51:7b:5c:df:76:e9:67:9b:
2e:c4:48:5d:7a:2d:fe:94:8b:07:cf:51:ec:d9:61:ff:8f:db:
13:3b:b8:9a:4b:c5:db:b2:cf:b9:b9:f8:aa:9b:10:5c:8a:d6:
fb:d9:ca:3a:7b:a5:f8:fc:ce:9e:5c:b6:97:9f:c8:fd:cd:33:
ba:6b:bd:2b:79:0d:68:cb:8a:03:80:f3:12:ac:c7:28:a7:a2:
3b:4d:f1:69:63:a7:15:40:e5:1a:db:b3:80:44:3b:07:fe:a2:
aa:8b:e1:1a:64:cb:28:ec:d8:26:2d:26:65:23:49:b5:54:9c:
d5:bc:d0:a4:16:f6:67:c0:99:a9:e8:42:64:92:24:8d:a1:c1:
cb:06:92:1c:72:a2:89:65:f0:cf:7f:1e:33:a2:1b:c9:b3:d5:
c5:c4:9e:de
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd14oCUFeU0c7KlyQ5SWc1g9ogFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMwMTVaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzYjhmMzYwOTVkOTRhNjUxMDdlMzQyN2M1NDkzYjZhNzlkYWFkM2M1OGUy
Yzg0ZWEwNGJhMTFlMGI5ZmJkNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOZh0jZQI3xoY7weAA5NYpKQjsmnXwpYhuSNNyC3vxAj/5Tmzrvnfl8rbigJ
VgU5IZkN5K+1ee5rAkgCIoyycMYTj6z57zSZqciuz2IOjE9AfnEwLG9vAMX/wfCn
Hvzas+3sZ3WqyU7qUiC/Yi+3ci8oQ+FHcZgRiTDbcy50B5F0wEimq6vhVZUYSDmR
QAEfZ+HQiClAzG5sPOzmo89iGJndICVKFtmFu6z3EJlJOYP4Y4VdQaDauc5rdE8R
epvN4UrSywWhOFJRBMnCgfCAgBtqLWzjZ80fJL983+oJaJKHQqGzCcoGQwc6rKx6
I8ZvII7U/Dh1iQ8UhaRzlRUaSCUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRQKm1O
bG3kXUrCPc2DGI6JE76uFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4YmUxYjEtNWNjOS00MGRjLWEwYzEtOTg5MjBjYzI5M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
gDANBgkqhkiG9w0BAQsFAAOCAQEAyRzzgTIdPSefxNk2nMeyr2GmI3uqONoABhZG
LScez15BkmvBrdrRpEY+5wP4nfEjcX28KLDUkFV3VLgOSC/0TR5GXQy4d8g0+6vv
3zvRC9xraoyt2iitnQFonkcM2LFPz4aewFF7XN926WebLsRIXXot/pSLB89R7Nlh
/4/bEzu4mkvF27LPubn4qpsQXIrW+9nKOnul+PzOnly2l5/I/c0zumu9K3kNaMuK
A4DzEqzHKKeiO03xaWOnFUDlGtuzgEQ7B/6iqovhGmTLKOzYJi0mZSNJtVSc1bzQ
pBb2Z8CZqehCZJIkjaHBywaSHHKiiWXwz38eM6IbybPVxcSe3g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:40 2025 by rpki-client