Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
File: e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa (raw, json)
Hash identifier: /LuRaB/tH8nQMn1QTgE6UrNur6UB/4T9k9H1MTGEILs=
Subject key identifier: F8:B3:7D:B6:FC:B2:D8:F4:1B:A9:4B:84:EC:77:7C:41:AE:E8:D1:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2626F7B0976F071CDCEB7D9F2B1AECABF2889A98
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
Signing time: Fri 25 Apr 2025 20:30:12 +0000
ROA not before: Fri 25 Apr 2025 20:30:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:26:f7:b0:97:6f:07:1c:dc:eb:7d:9f:2b:1a:ec:ab:f2:88:9a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:30:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=15e7aa3f077f772571c6f8ce6ce9c9d9970147e43d172109e83dc7d73f587528, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:50:b4:8a:d3:48:99:b9:65:60:ef:63:2e:dc:
dd:75:96:07:b5:1a:86:4e:74:a8:f4:13:48:5a:48:
07:e5:31:aa:9d:a6:0b:9c:b8:62:cd:ed:cf:97:27:
01:a7:a2:4a:89:63:71:5e:ce:f4:06:94:c3:a2:22:
38:ff:2d:50:6b:5a:d1:38:e5:77:86:2a:83:9c:4d:
00:68:c9:c6:ae:ff:b1:1f:bd:82:fb:f3:34:c1:cc:
3b:38:ef:f8:ed:09:5c:35:de:48:a0:d9:34:5a:7e:
bf:17:6f:24:b2:ac:05:48:c2:34:c4:db:f5:92:ba:
b0:25:47:ac:cf:24:b7:da:ec:df:e9:e0:3d:4f:a3:
a0:81:53:17:2a:27:e8:09:3f:2a:28:29:ef:4e:f2:
f1:fd:19:11:1d:29:ee:09:3f:f6:69:99:12:0c:0e:
12:84:93:73:1a:ac:c9:38:2f:f3:7f:d9:aa:62:a8:
00:9a:c7:32:1e:67:6c:7e:3e:59:67:bc:49:d8:b2:
4b:c1:ad:6d:50:71:7d:a2:08:02:c0:26:d0:eb:89:
71:ca:74:51:4f:d9:f1:69:58:1b:9b:54:bb:ed:78:
22:1e:22:76:8b:7c:8e:bb:b8:41:42:b0:49:68:2f:
f0:37:c2:3d:81:11:1e:8f:88:86:19:9f:47:47:f7:
80:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B3:7D:B6:FC:B2:D8:F4:1B:A9:4B:84:EC:77:7C:41:AE:E8:D1:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/35
Signature Algorithm: sha256WithRSAEncryption
50:ec:85:ad:5a:51:11:2e:48:9a:85:cc:4b:de:38:f7:c8:d7:
33:ba:6c:c6:33:10:02:af:ed:5f:5d:51:59:61:59:7f:99:df:
f7:c9:56:d1:e9:fa:c0:07:4f:28:32:a7:7c:4a:7e:b7:79:ad:
19:4e:31:eb:1a:16:f8:e5:3b:67:ff:db:4c:0c:85:e1:39:65:
6d:04:7b:fc:e6:6f:c9:47:9a:10:fd:57:06:08:c7:76:46:35:
6c:db:b3:87:00:cc:8b:db:55:56:5a:c6:a9:80:b3:ed:06:d8:
9f:4d:78:7f:1f:69:72:a7:44:c3:cf:ee:a6:cb:7f:b6:4a:f1:
bc:ee:24:7c:39:43:c6:b3:40:34:9a:0a:8c:98:6e:78:ea:57:
a5:60:30:f8:e5:b8:03:6b:26:9e:9d:44:50:6d:d2:89:63:be:
7f:7d:9c:80:5b:49:a4:50:0e:c9:e0:03:01:5b:67:7c:ab:c8:
1a:3d:d1:b5:3a:4a:92:4b:37:3e:1c:60:33:dd:80:12:5c:09:
84:bc:47:97:2f:32:0d:c0:e2:c0:a0:65:41:5c:4c:1d:1f:53:
a2:55:ef:aa:f1:22:98:48:62:c6:2b:35:c0:52:ab:42:4c:a6:
bc:69:f2:cc:0b:9b:45:88:af:35:5f:a8:ae:e5:58:dd:48:52:
d7:39:22:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJib3sJdvBxzc632fKxrsq/KImpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDMwMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1ZTdhYTNmMDc3Zjc3MjU3MWM2ZjhjZTZjZTljOWQ5OTcwMTQ3ZTQzZDE3
MjEwOWU4M2RjN2Q3M2Y1ODc1MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJQtIrTSJm5ZWDvYy7c3XWWB7Uahk50qPQTSFpIB+Uxqp2mC5y4Ys3tz5cn
AaeiSoljcV7O9AaUw6IiOP8tUGta0Tjld4Yqg5xNAGjJxq7/sR+9gvvzNMHMOzjv
+O0JXDXeSKDZNFp+vxdvJLKsBUjCNMTb9ZK6sCVHrM8kt9rs3+ngPU+joIFTFyon
6Ak/Kigp707y8f0ZER0p7gk/9mmZEgwOEoSTcxqsyTgv83/ZqmKoAJrHMh5nbH4+
WWe8SdiyS8GtbVBxfaIIAsAm0OuJccp0UU/Z8WlYG5tUu+14Ih4idot8jru4QUKw
SWgv8DfCPYERHo+IhhmfR0f3gAECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4s322
/LLY9BupS4Tsd3xBrujRmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTA1MDQ4YzAtNzc1MS00ZWM0LWI4OTEtYTM1ODNkYmRjOWZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQBQ7IWtWlERLkiahcxL3jj3yNczumzGMxACr+1f
XVFZYVl/md/3yVbR6frAB08oMqd8Sn63ea0ZTjHrGhb45Ttn/9tMDIXhOWVtBHv8
5m/JR5oQ/VcGCMd2RjVs27OHAMyL21VWWsapgLPtBtifTXh/H2lyp0TDz+6my3+2
SvG87iR8OUPGs0A0mgqMmG546lelYDD45bgDayaenURQbdKJY75/fZyAW0mkUA7J
4AMBW2d8q8gaPdG1OkqSSzc+HGAz3YASXAmEvEeXLzINwOLAoGVBXEwdH1OiVe+q
8SKYSGLGKzXAUqtCTKa8afLMC5tFiK81X6iu5VjdSFLXOSL0
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:13 2025 by rpki-client