Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
File: e875eadd-6478-4ac0-8792-06722aa80dd0.roa (raw, json)
Hash identifier: nVJu9/HKSJ/VrKLtsk2VQKQeYAEw7eBwymp7Q6anAik=
Subject key identifier: 3D:09:DA:1D:0E:1C:62:54:C7:75:17:00:5E:64:32:D9:17:66:2D:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E9158FDC854DE77CC5E295398AB71B8EB505715
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
Signing time: Fri 25 Apr 2025 18:30:24 +0000
ROA not before: Fri 25 Apr 2025 18:30:24 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:91:58:fd:c8:54:de:77:cc:5e:29:53:98:ab:71:b8:eb:50:57:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:24 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8c8ea2e56183db25b52806519a3dec757047a7fb63cf79597dc64893a3016bf7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:89:73:8f:c0:35:3d:f9:75:6a:3b:17:b1:1d:
6b:d6:f7:3a:d0:a6:93:c7:00:d9:ea:74:36:5c:f0:
97:0f:a4:f5:42:1b:ce:e5:d3:e9:12:1a:ae:c0:aa:
64:40:a5:a2:06:8f:fd:03:05:b0:2b:86:7c:f7:67:
02:47:9f:b8:eb:5c:fe:1c:cc:87:30:fa:08:c2:32:
e8:9f:fb:55:88:66:27:f5:cd:fd:3a:65:5e:c3:f9:
54:67:37:1b:ed:a1:aa:c5:65:ac:b1:a8:3d:71:79:
52:10:9d:4c:86:e2:e1:5e:09:ab:b3:64:de:ad:3a:
53:d3:35:e1:33:d1:8a:62:cf:57:d4:a3:8b:76:9b:
67:4e:a9:af:be:11:0d:f1:2a:6d:6b:85:58:db:83:
d7:bf:17:62:d0:4e:28:c8:0e:f4:1f:70:cc:2c:18:
df:79:67:41:47:4e:07:61:de:b4:63:02:87:39:d3:
14:bb:a2:eb:79:68:2d:b9:ed:09:59:63:31:cb:4f:
5f:cd:69:ed:a2:a1:ee:ee:63:fc:3e:74:e2:06:3e:
17:a2:e5:a3:39:83:e6:15:25:28:d8:e4:17:fb:a7:
d1:82:30:62:df:dd:5b:4c:c7:53:c4:9a:1e:08:69:
7d:c9:55:e5:47:4c:91:1b:88:5d:6b:7c:d9:69:59:
5b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:09:DA:1D:0E:1C:62:54:C7:75:17:00:5E:64:32:D9:17:66:2D:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e875eadd-6478-4ac0-8792-06722aa80dd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
bc:57:13:05:8b:97:1b:1f:24:3a:dd:b9:80:f5:4a:5a:c3:ed:
e4:e7:f3:2c:25:81:c1:64:d2:eb:88:b5:a4:6b:10:48:11:ee:
49:b1:62:bb:97:a6:ed:48:43:c1:cc:7b:22:3b:ee:a2:e2:50:
bc:a1:f4:e9:6d:77:a1:b3:4f:47:9d:3f:8b:35:b5:4f:bf:5d:
8f:6f:6d:2e:b2:af:09:53:67:47:71:38:ab:53:a7:4e:57:76:
eb:b2:5a:fe:f9:aa:98:63:ca:7c:2f:3c:7a:79:43:1b:a3:18:
a5:81:13:dc:2f:f4:9a:c9:6f:c5:49:02:6c:70:37:9a:83:d4:
62:ce:b1:2d:86:85:17:dd:da:7b:3c:43:ff:b9:1f:20:dd:1a:
3c:55:ba:36:d9:90:22:49:88:99:bf:9b:27:94:16:5c:53:db:
39:5d:2d:11:49:e2:7c:42:19:14:18:c7:bd:ee:f0:35:2c:ae:
81:44:1f:89:2c:99:6e:64:0d:42:c6:cb:39:87:2a:e5:4b:e6:
6f:17:81:96:4a:ec:e8:f7:aa:30:d0:ad:f8:62:71:ac:51:0f:
b7:d5:76:17:13:26:c5:78:e5:8e:24:29:e1:3c:28:83:d5:41:
8d:a1:8b:6f:8e:d5:9d:7b:a9:7a:ea:a2:7f:62:b7:50:36:f7:
bb:de:88:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXpFY/chU3nfMXilTmKtxuOtQVxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwMjRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjOGVhMmU1NjE4M2RiMjViNTI4MDY1MTlhM2RlYzc1NzA0N2E3ZmI2M2Nm
Nzk1OTdkYzY0ODkzYTMwMTZiZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyJc4/ANT35dWo7F7Eda9b3OtCmk8cA2ep0Nlzwlw+k9UIbzuXT6RIarsCq
ZEClogaP/QMFsCuGfPdnAkefuOtc/hzMhzD6CMIy6J/7VYhmJ/XN/TplXsP5VGc3
G+2hqsVlrLGoPXF5UhCdTIbi4V4Jq7Nk3q06U9M14TPRimLPV9Sji3abZ06pr74R
DfEqbWuFWNuD178XYtBOKMgO9B9wzCwY33lnQUdOB2HetGMChznTFLui63loLbnt
CVljMctPX81p7aKh7u5j/D504gY+F6LlozmD5hUlKNjkF/un0YIwYt/dW0zHU8Sa
HghpfclV5UdMkRuIXWt82WlZW2cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ9Cdod
DhxiVMd1FwBeZDLZF2YtyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3NWVhZGQtNjQ3OC00YWMwLTg3OTItMDY3MjJhYTgwZGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
wDANBgkqhkiG9w0BAQsFAAOCAQEAvFcTBYuXGx8kOt25gPVKWsPt5OfzLCWBwWTS
64i1pGsQSBHuSbFiu5em7UhDwcx7IjvuouJQvKH06W13obNPR50/izW1T79dj29t
LrKvCVNnR3E4q1OnTld267Ja/vmqmGPKfC88enlDG6MYpYET3C/0mslvxUkCbHA3
moPUYs6xLYaFF93aezxD/7kfIN0aPFW6NtmQIkmImb+bJ5QWXFPbOV0tEUnifEIZ
FBjHve7wNSyugUQfiSyZbmQNQsbLOYcq5UvmbxeBlkrs6PeqMNCt+GJxrFEPt9V2
FxMmxXjljiQp4Twog9VBjaGLb47VnXupeuqif2K3UDb3u96IDQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:12 2025 by rpki-client