Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3564159-9d8d-43eb-bf55-66a4445d2727.roa
File: d3564159-9d8d-43eb-bf55-66a4445d2727.roa (raw, json)
Hash identifier: 2O8NczJ6/AfYXYyVPnairL2SsCgcWyo9Tj8UHydrmRQ=
Subject key identifier: EE:E2:9C:FF:86:1A:26:72:74:92:07:53:5A:59:83:CC:39:9B:8A:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AE6C6EF8A02ACBE97DA7BC13C8C4BCEB42C932F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3564159-9d8d-43eb-bf55-66a4445d2727.roa
Signing time: Fri 25 Apr 2025 20:01:38 +0000
ROA not before: Fri 25 Apr 2025 20:01:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:e6:c6:ef:8a:02:ac:be:97:da:7b:c1:3c:8c:4b:ce:b4:2c:93:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=dd4579dfdd28725a97bfabdc24bb6019a3f83cb70e715b1173eda169efcfc316, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e6:9b:07:8d:c3:1e:94:79:63:24:1e:61:b7:
91:8d:10:36:b8:f6:07:9e:42:29:86:96:8b:e0:1e:
24:73:df:84:05:7e:3b:8a:4b:0f:e4:df:9d:08:be:
60:36:f6:a8:aa:e0:08:72:c2:57:a9:8b:43:1e:4e:
2b:2a:63:8b:bc:76:0b:1f:a2:9e:04:4a:e9:a0:83:
05:6a:43:0f:12:09:a4:ad:e3:13:51:71:1a:de:14:
b8:b9:93:7c:a1:52:6e:db:c3:1e:98:4f:b1:e8:42:
3e:7a:d6:14:b9:cd:62:a7:b8:00:5e:5a:5d:fe:e1:
57:0b:2a:7e:f8:eb:e0:36:8b:f0:7c:a5:5f:0f:0c:
df:0a:7f:82:77:bf:d9:96:7e:25:da:5e:bf:88:23:
b8:8b:9e:b0:04:6b:1c:23:91:a7:11:56:b1:42:b4:
b0:4c:c7:3e:b7:af:cf:30:8e:98:48:ab:08:6f:d1:
e7:f4:55:87:f5:11:64:7a:b5:80:09:ff:e8:32:fa:
1c:36:aa:a9:5c:4a:b0:fd:5a:cb:39:62:50:ea:19:
2f:1e:66:d3:db:ef:3d:27:aa:4d:43:72:02:9d:cc:
c6:51:42:94:a7:49:86:2f:8c:da:67:2c:48:be:7e:
68:8f:9a:14:47:75:66:42:f6:97:c5:42:23:80:d8:
8f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:E2:9C:FF:86:1A:26:72:74:92:07:53:5A:59:83:CC:39:9B:8A:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3564159-9d8d-43eb-bf55-66a4445d2727.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:b000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:55:59:5c:7d:fc:1e:07:92:4e:df:aa:0f:d4:6f:6c:83:21:
bd:cb:c5:4f:df:b4:da:ec:2a:cd:b7:e4:6c:ce:ed:0a:86:da:
bb:83:0e:b5:82:c7:93:9e:74:0a:76:9b:2f:6c:e1:67:0b:bf:
36:bd:33:4f:fa:b0:aa:56:65:ec:49:5e:c5:d4:b2:f3:2a:5e:
4c:44:c6:02:ae:48:1c:f4:1f:75:31:27:ed:59:8e:7b:91:ef:
59:9f:b1:79:f9:c6:ca:e4:ff:3a:65:2c:ee:2a:d2:70:fc:dd:
b4:b8:2c:b0:e2:8a:32:4f:5a:64:94:02:40:c8:19:68:79:1b:
e4:c0:f7:7b:b9:a4:e7:d2:5f:a3:71:af:58:15:45:cd:6a:50:
4c:75:d2:d6:5a:9d:77:22:c1:bb:87:f2:fb:ee:95:99:75:40:
93:fd:6b:b7:10:d3:7b:c3:24:a4:14:04:37:b2:fa:80:e5:7f:
4f:11:fc:a6:84:f6:d2:bd:c1:0d:4a:af:b5:61:93:e3:ec:8c:
27:fb:b0:70:7a:4d:d2:42:d5:30:76:c6:c9:12:f8:a7:ec:77:
ca:2a:de:0e:24:da:0e:c5:33:10:e1:c5:90:fc:6f:74:33:36:
b8:74:3f:65:f7:3d:46:f4:eb:1b:fe:93:2d:5c:ec:17:49:2e:
4a:7b:76:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWubG74oCrL6X2nvBPIxLzrQsky8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkNDU3OWRmZGQyODcyNWE5N2JmYWJkYzI0YmI2MDE5YTNmODNjYjcwZTcx
NWIxMTczZWRhMTY5ZWZjZmMzMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjmmweNwx6UeWMkHmG3kY0QNrj2B55CKYaWi+AeJHPfhAV+O4pLD+TfnQi+
YDb2qKrgCHLCV6mLQx5OKypji7x2Cx+ingRK6aCDBWpDDxIJpK3jE1FxGt4UuLmT
fKFSbtvDHphPsehCPnrWFLnNYqe4AF5aXf7hVwsqfvjr4DaL8HylXw8M3wp/gne/
2ZZ+Jdpev4gjuIuesARrHCORpxFWsUK0sEzHPrevzzCOmEirCG/R5/RVh/URZHq1
gAn/6DL6HDaqqVxKsP1ayzliUOoZLx5m09vvPSeqTUNyAp3MxlFClKdJhi+M2mcs
SL5+aI+aFEd1ZkL2l8VCI4DYj4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTu4pz/
hhomcnSSB1NaWYPMOZuKwTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM1NjQxNTktOWQ4ZC00M2ViLWJmNTUtNjZhNDQ0NWQyNzI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Haw
MA0GCSqGSIb3DQEBCwUAA4IBAQBrVVlcffweB5JO36oP1G9sgyG9y8VP37Ta7CrN
t+Rszu0Khtq7gw61gseTnnQKdpsvbOFnC782vTNP+rCqVmXsSV7F1LLzKl5MRMYC
rkgc9B91MSftWY57ke9Zn7F5+cbK5P86ZSzuKtJw/N20uCyw4ooyT1pklAJAyBlo
eRvkwPd7uaTn0l+jca9YFUXNalBMddLWWp13IsG7h/L77pWZdUCT/Wu3ENN7wySk
FAQ3svqA5X9PEfymhPbSvcENSq+1YZPj7Iwn+7Bwek3SQtUwdsbJEvin7HfKKt4O
JNoOxTMQ4cWQ/G90Mza4dD9l9z1G9Osb/pMtXOwXSS5Ke3Y7
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:18 2025 by rpki-client