Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json)
Hash identifier: JFw04CUts9ZaE7IURC8nxzUEUpnxaTrFY+3YQa5FEJI=
Subject key identifier: E5:7F:36:13:D9:6C:02:98:A4:DF:68:B3:37:C6:2C:D1:1B:42:28:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58DD0B0744E025DAEB8D86B1D05DFDD2F986DEE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
Signing time: Fri 25 Apr 2025 20:00:10 +0000
ROA not before: Fri 25 Apr 2025 20:00:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:dd:0b:07:44:e0:25:da:eb:8d:86:b1:d0:5d:fd:d2:f9:86:de:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:00:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c95bb9fcefce58bd2a7959b1ede13dea5ee4c42b4ac0963be5208d504aafa714, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9a:c7:42:36:a3:c9:b0:f6:d6:49:3a:8c:b5:
db:03:81:a5:29:eb:50:2f:b9:2d:c7:2c:86:db:b3:
5e:6b:aa:41:a7:11:f7:e3:dc:66:e3:d5:d9:d7:a7:
ce:05:95:6c:7a:86:61:06:a0:e4:fa:11:64:5a:94:
87:c2:5d:95:08:5f:d5:1f:26:1f:91:d1:87:fb:3a:
65:83:76:79:23:28:a8:10:b8:45:ef:a8:c3:79:c5:
c6:80:23:c1:05:4c:eb:77:fe:58:85:0f:63:c8:a2:
30:77:ea:4d:ad:7a:79:03:a1:03:9c:95:da:56:ea:
88:c0:d2:05:1c:00:f1:0c:94:3f:dd:09:12:ef:12:
43:1d:7a:63:70:a1:d8:ea:e9:c6:92:66:80:3b:8f:
c6:e9:c1:db:0c:94:76:84:e0:33:dd:b5:65:38:79:
8b:d4:90:10:fa:c1:ca:41:aa:fb:ff:69:1d:af:ff:
41:32:b6:9a:51:84:41:8c:b4:bc:6a:de:42:21:c6:
03:c1:42:78:03:aa:f3:bc:fa:45:5e:35:67:ec:7f:
99:58:cd:37:84:ea:32:87:28:81:fe:a8:c8:aa:35:
60:64:99:f1:24:cd:ec:c4:08:20:d6:99:67:c1:fc:
d3:0d:75:93:63:a6:2d:f8:c9:91:1c:35:29:56:57:
c2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:7F:36:13:D9:6C:02:98:A4:DF:68:B3:37:C6:2C:D1:1B:42:28:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:5000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:83:bc:ef:82:df:19:ec:11:29:3d:de:a3:49:ca:5b:e3:e0:
e9:ee:71:fd:05:64:67:dc:71:a6:5d:3e:35:5c:02:d4:b1:3a:
96:87:be:ef:ff:e5:19:58:4a:a2:5a:f7:12:50:8c:63:38:47:
f8:da:2c:e2:dc:cf:eb:e8:97:b0:6d:56:d6:03:59:0d:01:d0:
56:cf:27:6c:b5:c9:ea:b9:e3:c2:87:60:78:97:83:41:18:bf:
8c:21:d1:3b:b7:d4:b2:51:d2:84:27:13:d5:1c:9f:4e:e8:dc:
f6:58:3f:bf:f5:31:4a:d0:4e:fd:37:be:0c:6b:49:e5:6d:fb:
ea:b9:be:ab:e4:b9:fa:81:db:34:a1:71:43:40:21:e7:c3:9f:
de:e5:15:ae:bc:de:47:78:03:ee:d1:0b:08:52:38:bf:15:60:
d8:2e:21:d8:de:6a:18:39:f6:96:f4:bb:16:4f:0b:c6:0f:38:
88:65:2e:00:39:8d:0f:07:b3:08:c0:14:90:3c:ba:13:74:fb:
47:17:34:91:42:e9:59:24:c4:17:0b:6e:1e:f0:b1:df:9a:09:
4d:f7:8c:39:9d:21:c9:bc:a9:8b:18:2b:60:fb:66:07:c0:7d:
5c:90:df:0d:9c:0d:83:29:47:d3:7c:d4:01:f6:ad:42:a8:4a:
e2:df:6c:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWN0LB0TgJdrrjYax0F390vmG3ukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAwMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5NWJiOWZjZWZjZTU4YmQyYTc5NTliMWVkZTEzZGVhNWVlNGM0MmI0YWMw
OTYzYmU1MjA4ZDUwNGFhZmE3MTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2ax0I2o8mw9tZJOoy12wOBpSnrUC+5LccshtuzXmuqQacR9+PcZuPV2den
zgWVbHqGYQag5PoRZFqUh8JdlQhf1R8mH5HRh/s6ZYN2eSMoqBC4Re+ow3nFxoAj
wQVM63f+WIUPY8iiMHfqTa16eQOhA5yV2lbqiMDSBRwA8QyUP90JEu8SQx16Y3Ch
2OrpxpJmgDuPxunB2wyUdoTgM921ZTh5i9SQEPrBykGq+/9pHa//QTK2mlGEQYy0
vGreQiHGA8FCeAOq87z6RV41Z+x/mVjNN4TqMocogf6oyKo1YGSZ8STN7MQIINaZ
Z8H80w11k2OmLfjJkRw1KVZXwtsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTlfzYT
2WwCmKTfaLM3xizRG0IoDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAeg7zvgt8Z7BEpPd6jScpb4+Dp7nH9BWRn3HGm
XT41XALUsTqWh77v/+UZWEqiWvcSUIxjOEf42izi3M/r6JewbVbWA1kNAdBWzyds
tcnquePCh2B4l4NBGL+MIdE7t9SyUdKEJxPVHJ9O6Nz2WD+/9TFK0E79N74Ma0nl
bfvqub6r5Ln6gds0oXFDQCHnw5/e5RWuvN5HeAPu0QsIUji/FWDYLiHY3moYOfaW
9LsWTwvGDziIZS4AOY0PB7MIwBSQPLoTdPtHFzSRQulZJMQXC24e8LHfmglN94w5
nSHJvKmLGCtg+2YHwH1ckN8NnA2DKUfTfNQB9q1CqEri32yw
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:23 2025 by rpki-client