Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d2dcf71-0209-4006-a427-f221e27d6ed7.roa
File: 5d2dcf71-0209-4006-a427-f221e27d6ed7.roa (raw, json)
Hash identifier: iFYwzjdWR/CMPSVVAf7CVJzYuzx9NCJZCbILH+GwEKc=
Subject key identifier: F5:12:D2:9D:ED:E8:20:83:7D:50:C9:EE:FF:F3:8C:50:EF:DD:61:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FF85AF2A95CEC13DF621E34E1516CD6DDEF0477
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d2dcf71-0209-4006-a427-f221e27d6ed7.roa
Signing time: Fri 25 Apr 2025 19:21:24 +0000
ROA not before: Fri 25 Apr 2025 19:21:24 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:f8:5a:f2:a9:5c:ec:13:df:62:1e:34:e1:51:6c:d6:dd:ef:04:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:21:24 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=6bc3597462fb0087b67de91ce4f5a624e96ef159bb3726a1730170a029871593, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:67:06:cf:f9:a6:9d:c7:02:be:3f:82:3b:12:
7a:42:0a:7c:e0:86:36:9e:e8:a9:92:95:2f:ab:e3:
b0:68:e8:2c:ef:b3:62:41:01:f1:ee:35:cf:81:60:
57:20:c8:25:fd:b4:e6:02:a5:8d:e9:15:52:e3:21:
05:6e:c0:51:36:f6:ec:00:0a:05:4a:b2:6a:63:a0:
9f:20:be:af:5f:f7:8d:f8:5e:c0:e7:3a:d6:59:4c:
e8:25:de:c2:1e:fa:69:e1:c8:36:22:42:01:52:fb:
d2:46:4f:85:a4:15:3b:90:ee:97:2f:aa:82:6d:50:
82:1e:54:54:61:f1:ed:f4:52:c6:48:e0:ed:1c:13:
60:dc:4c:d2:96:7d:d3:55:88:11:f1:71:99:74:89:
d7:7f:c9:71:76:64:ab:08:77:f8:dc:3e:dc:3d:18:
05:e2:35:16:a0:4a:95:dd:60:dd:34:03:be:01:08:
d4:ed:e5:f6:fe:f4:a3:05:b1:93:7f:39:65:97:b2:
68:a3:1f:ec:df:1d:10:b4:06:2a:5d:08:65:fc:61:
34:01:f2:ba:37:80:09:54:c4:81:b8:6e:d0:8d:06:
3d:86:7e:ee:c5:1c:5f:24:85:0a:a7:a2:c5:d0:af:
af:16:65:1b:aa:bd:b7:59:9c:71:b1:10:a4:cd:3f:
13:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:12:D2:9D:ED:E8:20:83:7D:50:C9:EE:FF:F3:8C:50:EF:DD:61:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d2dcf71-0209-4006-a427-f221e27d6ed7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c080::/46
Signature Algorithm: sha256WithRSAEncryption
c1:61:dd:9f:db:0b:c1:c2:38:0a:a0:83:da:de:76:a9:d3:29:
b0:59:09:da:34:3c:97:a4:20:4c:41:95:ef:ea:ba:ce:6f:2b:
4c:eb:18:9d:07:c4:7a:c1:45:40:99:3b:a2:d1:3d:8e:aa:d1:
58:e4:45:3d:a4:4e:dd:cb:88:f6:48:42:0f:42:0f:8a:c7:df:
b4:02:75:de:50:40:40:0a:d1:51:a0:42:04:89:04:cf:60:40:
0f:65:73:d1:1b:a3:7d:a5:79:d9:b0:f6:3a:3f:cb:0e:5b:ea:
7f:90:c0:d8:83:e0:17:6e:40:74:83:72:3e:ed:58:1d:c0:f1:
59:1c:57:84:c9:2f:2b:40:0e:e0:b5:b7:60:0f:2b:01:28:3f:
7d:82:81:12:21:98:64:8b:28:f1:6f:e4:7a:02:fc:20:65:46:
6f:ba:6c:fb:f1:62:7a:f5:8a:86:cd:d6:cf:a4:61:ce:06:b8:
e7:32:cf:55:dc:85:7f:cf:7b:8a:b1:ce:31:0f:ae:c8:00:1d:
36:92:36:b3:ce:ec:86:25:43:e7:3d:ca:6c:8b:39:7c:75:a1:
22:54:03:52:6b:b4:60:45:d5:67:5d:62:14:c7:fd:51:f3:a3:
e1:34:0c:da:9c:c0:e0:ac:86:1b:a5:f6:8d:43:a1:17:c5:21:
4e:70:5c:e5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUL/ha8qlc7BPfYh404VFs1t3vBHcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIxMjRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiYzM1OTc0NjJmYjAwODdiNjdkZTkxY2U0ZjVhNjI0ZTk2ZWYxNTliYjM3
MjZhMTczMDE3MGEwMjk4NzE1OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJVnBs/5pp3HAr4/gjsSekIKfOCGNp7oqZKVL6vjsGjoLO+zYkEB8e41z4Fg
VyDIJf205gKljekVUuMhBW7AUTb27AAKBUqyamOgnyC+r1/3jfhewOc61llM6CXe
wh76aeHINiJCAVL70kZPhaQVO5Duly+qgm1Qgh5UVGHx7fRSxkjg7RwTYNxM0pZ9
01WIEfFxmXSJ13/JcXZkqwh3+Nw+3D0YBeI1FqBKld1g3TQDvgEI1O3l9v70owWx
k385ZZeyaKMf7N8dELQGKl0IZfxhNAHyujeACVTEgbhu0I0GPYZ+7sUcXySFCqei
xdCvrxZlG6q9t1mccbEQpM0/E5ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT1EtKd
7eggg31Qye7/84xQ791h3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQyZGNmNzEtMDIwOS00MDA2LWE0MjctZjIyMWUyN2Q2ZWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXA
gDANBgkqhkiG9w0BAQsFAAOCAQEAwWHdn9sLwcI4CqCD2t52qdMpsFkJ2jQ8l6Qg
TEGV7+q6zm8rTOsYnQfEesFFQJk7otE9jqrRWORFPaRO3cuI9khCD0IPisfftAJ1
3lBAQArRUaBCBIkEz2BAD2Vz0RujfaV52bD2Oj/LDlvqf5DA2IPgF25AdINyPu1Y
HcDxWRxXhMkvK0AO4LW3YA8rASg/fYKBEiGYZIso8W/kegL8IGVGb7ps+/FievWK
hs3Wz6Rhzga45zLPVdyFf897irHOMQ+uyAAdNpI2s87shiVD5z3KbIs5fHWhIlQD
Umu0YEXVZ11iFMf9UfOj4TQM2pzA4KyGG6X2jUOhF8UhTnBc5Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:15 2025 by rpki-client