Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json)
Hash identifier: Wrsm1bJS1BwQ7dsJns0KQrS5Z5Y+4rOI1hpgvPggyv4=
Subject key identifier: 51:FC:D0:2B:03:0E:FB:42:33:F4:9F:77:28:A7:57:0C:83:65:A0:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C7F2B847CD5AC8061AE6C2089D56BE40B75F70D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
Signing time: Fri 25 Apr 2025 20:21:20 +0000
ROA not before: Fri 25 Apr 2025 20:21:20 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:7f:2b:84:7c:d5:ac:80:61:ae:6c:20:89:d5:6b:e4:0b:75:f7:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:20 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=56ba3cc3c6af41f452ac9466a00128ce1042a9bd4a80b505852e2dd7fdf0ed46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:bd:fd:6f:01:1d:20:37:c8:2b:5a:f3:3f:83:
23:34:53:dd:12:1b:4e:cb:0b:e2:06:49:85:0a:7a:
6a:36:a9:70:14:7a:70:bf:09:5a:c4:24:a7:61:f5:
50:04:cc:e3:b6:ce:f4:07:07:7e:2a:94:ed:f7:62:
71:0c:d7:03:90:38:29:95:4d:65:bb:c2:7e:0e:ee:
9a:17:10:8d:3f:13:a9:25:03:48:63:57:90:e3:d7:
36:7b:8d:07:cb:ee:e6:98:00:26:6a:74:03:40:96:
23:c3:78:6b:25:0d:12:d4:b8:83:a3:d4:91:fd:03:
70:56:77:43:d9:5f:c2:91:20:a2:c2:61:1d:0e:5a:
6e:ef:11:23:0d:41:ec:14:0f:b8:20:52:9a:53:8c:
76:b0:94:63:e7:90:44:ba:0e:76:b4:0c:36:87:f7:
cc:d4:ee:28:c4:5b:59:f7:19:ef:74:ad:bf:39:2d:
58:2a:40:74:1e:c4:50:a0:90:cf:0a:63:f6:e1:71:
4c:e0:4d:ab:47:90:07:71:d2:78:3b:77:92:4f:ef:
46:b2:77:bc:d0:b1:84:2d:ea:e4:2f:86:b8:f9:50:
d5:d9:df:15:4b:ff:2b:6d:db:6d:df:82:56:23:e3:
4a:7a:9c:5d:09:78:a4:de:18:b6:7b:bd:ca:b4:12:
05:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FC:D0:2B:03:0E:FB:42:33:F4:9F:77:28:A7:57:0C:83:65:A0:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
1d:a4:8a:ee:a5:22:ad:f1:77:e6:fd:61:16:44:46:9c:6e:18:
6d:b2:e0:cc:82:1e:24:0e:cd:1b:74:46:b0:5b:7e:99:bf:57:
22:31:30:60:83:eb:58:e1:b8:2d:c1:49:28:c4:55:bb:b9:49:
41:dd:d7:a8:cd:34:25:e9:0d:5d:ff:ee:e7:65:cc:fc:af:ef:
23:b4:f8:54:ad:ef:f9:86:7b:7e:11:45:60:f3:f6:a8:86:c0:
41:5a:b3:cc:bb:26:b3:3a:d3:a7:78:f8:ba:fb:99:7d:73:cc:
c1:1c:a9:8e:d1:95:c0:b7:fe:75:b6:15:c3:95:b7:76:3f:eb:
31:18:43:7d:7e:e1:9d:b3:9d:57:46:ef:79:79:e0:a2:76:8c:
8a:d7:b0:5a:bb:0e:e4:c5:ea:9c:f4:16:ef:0b:43:9e:6f:d3:
1a:62:c8:e5:fc:47:a9:5a:53:48:df:be:5a:a3:87:d1:04:b1:
7b:41:bb:86:28:c8:c2:54:b2:66:17:6b:0c:8e:ba:f5:5b:0e:
b0:de:da:3a:db:ac:d9:e1:a5:a0:10:38:3e:aa:f4:c9:92:6a:
79:45:fb:47:0c:bf:58:99:eb:a6:b4:01:2d:27:89:51:b2:14:
c8:40:f5:be:04:68:f3:75:cc:2d:5b:1c:44:35:37:a4:67:f7:
11:f3:ba:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTH8rhHzVrIBhrmwgidVr5At19w0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMjBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2YmEzY2MzYzZhZjQxZjQ1MmFjOTQ2NmEwMDEyOGNlMTA0MmE5YmQ0YTgw
YjUwNTg1MmUyZGQ3ZmRmMGVkNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO69/W8BHSA3yCta8z+DIzRT3RIbTssL4gZJhQp6ajapcBR6cL8JWsQkp2H1
UATM47bO9AcHfiqU7fdicQzXA5A4KZVNZbvCfg7umhcQjT8TqSUDSGNXkOPXNnuN
B8vu5pgAJmp0A0CWI8N4ayUNEtS4g6PUkf0DcFZ3Q9lfwpEgosJhHQ5abu8RIw1B
7BQPuCBSmlOMdrCUY+eQRLoOdrQMNof3zNTuKMRbWfcZ73StvzktWCpAdB7EUKCQ
zwpj9uFxTOBNq0eQB3HSeDt3kk/vRrJ3vNCxhC3q5C+GuPlQ1dnfFUv/K23bbd+C
ViPjSnqcXQl4pN4Ytnu9yrQSBccCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRR/NAr
Aw77QjP0n3cop1cMg2WgqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAdpIrupSKt8Xfm/WEWREacbhhtsuDMgh4kDs0b
dEawW36Zv1ciMTBgg+tY4bgtwUkoxFW7uUlB3deozTQl6Q1d/+7nZcz8r+8jtPhU
re/5hnt+EUVg8/aohsBBWrPMuyazOtOnePi6+5l9c8zBHKmO0ZXAt/51thXDlbd2
P+sxGEN9fuGds51XRu95eeCidoyK17Bauw7kxeqc9BbvC0Oeb9MaYsjl/EepWlNI
375ao4fRBLF7QbuGKMjCVLJmF2sMjrr1Ww6w3to626zZ4aWgEDg+qvTJkmp5RftH
DL9YmeumtAEtJ4lRshTIQPW+BGjzdcwtWxxENTekZ/cR87qu
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:30 2025 by rpki-client