Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
File: 2ab74891-6199-47fc-bcde-b8022379067c.roa (raw, json)
Hash identifier: b3XPnWIgOGfLS6w0wM56l2+pbQY5OwLBRJozj4LM9Sc=
Subject key identifier: 89:9C:2A:69:72:4F:70:A1:E4:71:10:A1:AA:C5:F4:9B:7A:CC:E7:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21596A32D1FEA2C354FB928DD3FF08E51893ACCC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
Signing time: Mon 28 Apr 2025 15:40:38 +0000
ROA not before: Mon 28 Apr 2025 15:40:38 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:59:6a:32:d1:fe:a2:c3:54:fb:92:8d:d3:ff:08:e5:18:93:ac:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:38 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=b5fd2526c9b366703aaf40092910d15186592f80f781fbbbf1f357b13dfa5bb3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:59:7e:6d:5f:b1:31:f2:1a:2b:98:5c:95:de:
a3:25:fd:76:3a:69:14:da:c0:e9:f0:15:b5:46:48:
0d:0d:e5:a2:43:08:6e:e5:78:03:2a:59:ba:c6:ac:
41:3d:fc:15:29:d5:8e:b9:96:05:6d:74:95:06:d1:
b7:fb:8d:f8:ac:ec:35:0c:16:a0:1f:22:c5:24:c2:
2f:06:2f:bb:ec:0b:83:cc:7a:6c:98:1d:b6:c8:63:
d5:07:5a:bd:fa:20:49:f0:25:53:e3:7c:7b:0f:8e:
7b:74:50:dc:98:37:7b:b0:1b:61:9f:28:7d:58:0d:
94:8f:e3:fc:cb:57:7d:e1:26:9b:97:c7:2e:72:32:
ec:f2:3d:37:f2:34:55:65:b3:12:d9:88:40:9a:19:
bb:db:26:34:14:b4:bf:b4:38:7a:fb:e2:e9:1f:ef:
16:d6:fd:f6:50:9f:c5:09:70:e9:33:10:d7:b6:aa:
52:f6:24:8d:df:65:87:96:65:45:43:90:91:ac:b3:
cb:ec:af:1d:2a:af:c4:61:1a:fe:78:30:2f:80:e6:
29:ea:61:21:0c:86:32:fe:87:a3:b1:86:63:8a:37:
a8:a1:eb:11:81:d6:64:36:7f:bb:f5:c5:ab:0c:17:
57:8f:4b:e6:d9:79:48:ab:70:fc:2f:bf:4b:4a:ed:
3f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9C:2A:69:72:4F:70:A1:E4:71:10:A1:AA:C5:F4:9B:7A:CC:E7:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:4000::/40
Signature Algorithm: sha256WithRSAEncryption
18:9d:31:b6:54:a2:4c:83:3d:4e:ee:0f:29:b1:1b:d1:1e:6c:
29:ad:44:98:f9:6c:93:ce:1b:10:0e:ce:22:00:bb:d2:0f:bf:
22:f6:44:6c:f5:84:26:db:f1:e7:19:78:12:cc:82:84:42:2f:
e6:0e:4e:ce:93:c2:b4:1a:b0:93:bd:3a:57:c3:93:c9:9f:ca:
a2:02:08:fe:df:6e:74:98:36:4a:ed:98:03:bf:5f:b0:ae:87:
27:3c:7d:8a:59:ff:99:b4:27:ca:44:73:d9:bd:d6:ac:17:3a:
7e:1e:3b:8b:c5:a0:9d:e5:64:f1:b4:7c:44:1f:8b:a3:2f:a9:
7e:1c:9d:83:72:b4:71:23:8b:70:75:c7:01:75:1e:df:cb:35:
11:49:ac:10:b1:65:07:d0:fb:c2:6d:f7:b9:49:e7:f8:6c:74:
5f:bd:3b:8d:b9:0e:84:48:66:39:b4:ed:94:ae:98:f7:e0:01:
9d:fb:00:f7:5a:f0:5d:83:2e:bf:48:ff:dd:52:6c:31:98:67:
7b:67:a8:ec:9b:69:82:51:37:5d:cd:0e:4e:6b:a7:03:42:0d:
89:c4:66:54:0a:e4:ee:d5:e5:17:0e:f8:21:ce:14:43:a0:74:
a8:fd:35:b4:b7:89:d9:71:3e:e1:02:c8:1e:76:b5:e1:59:22:
c7:2d:0a:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIVlqMtH+osNU+5KN0/8I5RiTrMwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMzhaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1ZmQyNTI2YzliMzY2NzAzYWFmNDAwOTI5MTBkMTUxODY1OTJmODBmNzgx
ZmJiYmYxZjM1N2IxM2RmYTViYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRZfm1fsTHyGiuYXJXeoyX9djppFNrA6fAVtUZIDQ3lokMIbuV4AypZusas
QT38FSnVjrmWBW10lQbRt/uN+KzsNQwWoB8ixSTCLwYvu+wLg8x6bJgdtshj1Qda
vfogSfAlU+N8ew+Oe3RQ3Jg3e7AbYZ8ofVgNlI/j/MtXfeEmm5fHLnIy7PI9N/I0
VWWzEtmIQJoZu9smNBS0v7Q4evvi6R/vFtb99lCfxQlw6TMQ17aqUvYkjd9lh5Zl
RUOQkayzy+yvHSqvxGEa/ngwL4DmKephIQyGMv6Ho7GGY4o3qKHrEYHWZDZ/u/XF
qwwXV49L5tl5SKtw/C+/S0rtP68CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJnCpp
ck9woeRxEKGqxfSbeszn6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFiNzQ4OTEtNjE5OS00N2ZjLWJjZGUtYjgwMjIzNzkwNjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhA
MA0GCSqGSIb3DQEBCwUAA4IBAQAYnTG2VKJMgz1O7g8psRvRHmwprUSY+WyTzhsQ
Ds4iALvSD78i9kRs9YQm2/HnGXgSzIKEQi/mDk7Ok8K0GrCTvTpXw5PJn8qiAgj+
3250mDZK7ZgDv1+wrocnPH2KWf+ZtCfKRHPZvdasFzp+HjuLxaCd5WTxtHxEH4uj
L6l+HJ2DcrRxI4twdccBdR7fyzURSawQsWUH0PvCbfe5Sef4bHRfvTuNuQ6ESGY5
tO2Urpj34AGd+wD3WvBdgy6/SP/dUmwxmGd7Z6jsm2mCUTddzQ5Oa6cDQg2JxGZU
CuTu1eUXDvghzhRDoHSo/TW0t4nZcT7hAsgedrXhWSLHLQqm
-----END CERTIFICATE-----
Generated at Mon May 5 03:39:04 2025 by rpki-client