Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
File: b5baa4ff-ac5d-476f-a428-fb66fb294867.roa (raw, json)
Hash identifier: 71gL4I8/orVKgQRtdvreqIJ4ZgHfYM2Fm5xpIFhBb10=
Subject key identifier: F1:E0:18:2C:AC:17:AC:B4:AD:24:CA:12:A4:5D:BB:0D:4F:49:0F:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B2DC39032AC1153BA617173B0B7C871404034F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
Signing time: Fri 25 Apr 2025 19:41:08 +0000
ROA not before: Fri 25 Apr 2025 19:41:08 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:2d:c3:90:32:ac:11:53:ba:61:71:73:b0:b7:c8:71:40:40:34:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:08 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=33d93b061891cce49351d3562efd1bdc7734141140bf3467b958efa60576982f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d8:92:31:fd:70:d2:ef:68:e3:b8:c3:b5:3e:
98:8e:fc:e5:fa:d0:0d:95:10:4f:2a:d4:6a:11:ef:
f8:31:ca:a5:de:e9:f1:90:c2:df:c3:62:43:37:7b:
2f:4a:84:4a:ff:b3:65:47:64:da:74:f8:04:e3:9f:
74:a7:20:58:5f:67:dc:b9:7b:18:49:8d:9f:9b:35:
5d:e9:99:c3:ac:a8:14:0c:e3:3f:da:6d:f1:13:d2:
47:4f:f5:7f:6e:67:d6:57:0d:eb:eb:17:9a:38:62:
a4:ef:cb:6c:d5:9e:53:b0:4d:87:78:b8:99:5d:22:
4d:51:a3:9b:63:90:02:55:67:c3:14:58:0f:54:9b:
cb:35:8d:0a:64:09:96:e4:3a:fa:f6:1f:f2:a8:7b:
df:59:29:cc:66:7c:03:b4:4f:fd:f0:d0:8b:8a:4d:
1f:fb:50:91:63:b8:78:6f:66:27:bd:d1:5e:dc:c9:
e0:5d:00:f4:82:7e:93:cb:ad:54:97:4e:30:f5:cb:
e5:0e:1d:dc:9c:0c:89:64:ae:cc:87:9a:8c:39:8b:
01:d8:76:76:03:06:8a:63:d2:26:2b:61:39:3f:a2:
cb:ec:e2:27:1c:15:3e:c8:88:3d:ca:7e:f9:cc:c6:
6d:98:8a:73:d5:8c:72:ae:c9:1a:bb:ac:95:b9:67:
ee:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E0:18:2C:AC:17:AC:B4:AD:24:CA:12:A4:5D:BB:0D:4F:49:0F:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:4000::/40
Signature Algorithm: sha256WithRSAEncryption
72:08:f4:c1:23:b7:a2:5e:d7:b0:50:06:28:25:ef:e9:2c:81:
7e:5f:65:88:3e:bc:cd:69:52:1c:2d:de:75:fb:62:49:47:20:
50:88:13:9a:91:f8:fb:01:20:58:db:e6:a2:35:b4:17:87:50:
e7:08:04:41:04:4a:98:97:10:bd:60:a5:d7:7c:05:65:f5:82:
72:04:0f:6b:8a:cf:44:95:22:2d:54:a9:d8:9f:48:b8:b3:93:
66:72:db:92:07:bd:ac:fa:cf:52:74:cb:d1:5b:48:8a:6d:47:
f4:30:14:f3:c3:31:c3:71:c5:55:54:af:cc:6c:92:ea:0c:c2:
d9:87:cf:a0:4d:02:cf:05:55:d5:fc:48:4c:8d:eb:b2:a5:06:
1c:c9:5c:83:16:1e:24:af:ad:43:3f:82:56:f3:3e:10:94:83:
16:a1:54:f0:7e:85:33:3c:f6:fa:7d:ef:b2:ad:1e:21:76:c5:
46:08:69:92:f4:b8:0d:bd:e2:43:7a:44:8d:42:99:11:a8:9f:
ec:6f:54:d2:2d:53:be:61:14:12:34:23:3f:aa:cb:d4:43:0d:
bb:a4:dd:58:3b:3f:64:a6:92:01:5f:f5:a2:65:f9:36:5f:8f:
55:7c:02:29:99:70:60:7e:32:87:89:30:83:8b:18:fa:30:eb:
36:67:47:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKy3DkDKsEVO6YXFzsLfIcUBANPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZDkzYjA2MTg5MWNjZTQ5MzUxZDM1NjJlZmQxYmRjNzczNDE0MTE0MGJm
MzQ2N2I5NThlZmE2MDU3Njk4MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjYkjH9cNLvaOO4w7U+mI785frQDZUQTyrUahHv+DHKpd7p8ZDC38NiQzd7
L0qESv+zZUdk2nT4BOOfdKcgWF9n3Ll7GEmNn5s1XemZw6yoFAzjP9pt8RPSR0/1
f25n1lcN6+sXmjhipO/LbNWeU7BNh3i4mV0iTVGjm2OQAlVnwxRYD1SbyzWNCmQJ
luQ6+vYf8qh731kpzGZ8A7RP/fDQi4pNH/tQkWO4eG9mJ73RXtzJ4F0A9IJ+k8ut
VJdOMPXL5Q4d3JwMiWSuzIeajDmLAdh2dgMGimPSJithOT+iy+ziJxwVPsiIPcp+
+czGbZiKc9WMcq7JGruslbln7k0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTx4Bgs
rBestK0kyhKkXbsNT0kP1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjViYWE0ZmYtYWM1ZC00NzZmLWE0MjgtZmI2NmZiMjk0ODY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HdA
MA0GCSqGSIb3DQEBCwUAA4IBAQByCPTBI7eiXtewUAYoJe/pLIF+X2WIPrzNaVIc
Ld51+2JJRyBQiBOakfj7ASBY2+aiNbQXh1DnCARBBEqYlxC9YKXXfAVl9YJyBA9r
is9ElSItVKnYn0i4s5NmctuSB72s+s9SdMvRW0iKbUf0MBTzwzHDccVVVK/MbJLq
DMLZh8+gTQLPBVXV/EhMjeuypQYcyVyDFh4kr61DP4JW8z4QlIMWoVTwfoUzPPb6
fe+yrR4hdsVGCGmS9LgNveJDekSNQpkRqJ/sb1TSLVO+YRQSNCM/qsvUQw27pN1Y
Oz9kppIBX/WiZfk2X49VfAIpmXBgfjKHiTCDixj6MOs2Z0cV
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:48:33 2025 by rpki-client