Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json)
Hash identifier: sjbN8D2zG0z6sXO/cnlBrEYYOkodT5Brjvg9GaGqNG0=
Subject key identifier: 38:E4:16:1C:0B:A8:E6:5B:DC:9E:17:6B:4B:57:68:1D:41:97:A7:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16E5AA7B95249FB36734AE10B30BB54DD415EF70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
Signing time: Wed 30 Apr 2025 00:10:15 +0000
ROA not before: Wed 30 Apr 2025 00:10:15 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:e5:aa:7b:95:24:9f:b3:67:34:ae:10:b3:0b:b5:4d:d4:15:ef:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 30 00:10:15 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=6b78292eb0932568523aa2083e54da52321690670e1afb9f431ae36ff6194013, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6a:5d:09:12:c7:3b:b5:ca:43:3f:f3:28:23:
4b:5c:63:9b:57:6b:66:6b:91:ba:07:5c:67:0e:3d:
80:8e:c0:f9:a3:62:fd:e4:e5:01:22:36:09:b9:70:
12:f5:fc:77:c2:d4:f9:5f:17:8c:c1:54:51:f5:d1:
57:cf:0b:c8:84:ec:21:fa:0b:cd:8f:8a:47:8c:0b:
6e:bf:9f:fd:80:8b:33:5b:20:fd:64:5f:a8:9c:a2:
d1:40:01:ef:9c:a5:e2:a1:e1:b1:4a:e2:88:9d:55:
28:5b:71:69:5f:8b:f6:41:5b:b3:63:55:90:7a:8b:
ec:cb:6a:1c:33:9a:77:f7:9e:4a:37:eb:37:b3:58:
5d:9c:9b:96:0d:6c:97:b7:e2:1d:63:f6:fa:68:f9:
ce:4a:a9:f6:74:12:6f:31:c7:9a:f1:05:61:aa:1e:
a9:ee:16:fd:22:a5:12:90:97:82:91:e2:ed:e5:5d:
85:2c:5f:93:18:d4:72:76:5d:de:43:79:6b:46:c1:
f7:37:79:bb:43:d4:7a:e2:7f:44:e0:81:3d:c6:87:
0a:70:b3:a2:2e:02:2c:90:76:9c:c4:6f:2d:84:f6:
fe:d3:60:bd:e4:3a:ee:fe:50:c7:14:41:37:94:97:
7b:17:e8:f1:5b:4f:c6:b5:6b:5c:a5:bf:f8:8a:5a:
df:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E4:16:1C:0B:A8:E6:5B:DC:9E:17:6B:4B:57:68:1D:41:97:A7:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020::/28
Signature Algorithm: sha256WithRSAEncryption
b7:9a:3e:69:0d:6f:f2:ed:3e:43:59:20:70:de:d9:d0:fd:77:
17:d6:0f:c3:e2:f5:1f:28:63:93:84:0d:23:44:32:b6:b5:10:
de:b1:d9:ba:b0:0c:8a:55:9c:a6:91:3a:5e:c0:99:8d:d6:a8:
f0:05:72:74:23:08:2b:75:4f:33:be:ff:a3:b8:69:a3:22:1b:
99:77:d2:88:db:09:c4:02:14:d8:09:d7:0f:5d:0a:c4:29:80:
a6:fe:28:5e:69:3a:da:42:1e:64:9b:d5:3d:b4:9b:38:3f:41:
3a:92:b3:0a:88:46:a9:99:eb:60:c5:11:ff:df:9e:34:dd:a9:
94:d0:69:63:b6:c9:82:ca:71:e7:6d:c8:46:1b:13:8e:0f:3c:
b8:a1:51:50:d6:46:30:13:11:6f:74:53:28:3e:33:d0:6c:3e:
49:1b:5b:35:b3:30:4e:7c:8f:88:fd:01:40:69:0f:f9:62:6d:
e0:8d:44:9e:7a:8a:18:87:dd:c0:1f:58:eb:d3:96:b8:81:ae:
3b:bd:43:01:b7:88:00:da:0a:c9:6d:29:3d:d4:19:74:43:4e:
7e:2b:0e:73:e7:e7:1e:9d:f9:96:ee:c4:40:5a:bf:3a:27:bd:
b1:c4:93:fb:67:8c:20:21:57:10:34:e5:86:1e:86:e9:78:9c:
c1:3b:63:fa
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUFuWqe5Ukn7NnNK4Qswu1TdQV73AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MzAwMDEwMTVaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNzgyOTJlYjA5MzI1Njg1MjNhYTIwODNlNTRkYTUyMzIxNjkwNjcwZTFh
ZmI5ZjQzMWFlMzZmZjYxOTQwMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9qXQkSxzu1ykM/8ygjS1xjm1drZmuRugdcZw49gI7A+aNi/eTlASI2Cblw
EvX8d8LU+V8XjMFUUfXRV88LyITsIfoLzY+KR4wLbr+f/YCLM1sg/WRfqJyi0UAB
75yl4qHhsUriiJ1VKFtxaV+L9kFbs2NVkHqL7MtqHDOad/eeSjfrN7NYXZyblg1s
l7fiHWP2+mj5zkqp9nQSbzHHmvEFYaoeqe4W/SKlEpCXgpHi7eVdhSxfkxjUcnZd
3kN5a0bB9zd5u0PUeuJ/ROCBPcaHCnCzoi4CLJB2nMRvLYT2/tNgveQ67v5QxxRB
N5SXexfo8VtPxrVrXKW/+Ipa31MCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ45BYc
C6jmW9yeF2tLV2gdQZendDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw
DQYJKoZIhvcNAQELBQADggEBALeaPmkNb/LtPkNZIHDe2dD9dxfWD8Pi9R8oY5OE
DSNEMra1EN6x2bqwDIpVnKaROl7AmY3WqPAFcnQjCCt1TzO+/6O4aaMiG5l30ojb
CcQCFNgJ1w9dCsQpgKb+KF5pOtpCHmSb1T20mzg/QTqSswqIRqmZ62DFEf/fnjTd
qZTQaWO2yYLKcedtyEYbE44PPLihUVDWRjATEW90Uyg+M9BsPkkbWzWzME58j4j9
AUBpD/libeCNRJ56ihiH3cAfWOvTlriBrju9QwG3iADaCsltKT3UGXRDTn4rDnPn
5x6d+ZbuxEBavzonvbHEk/tnjCAhVxA05YYehul4nME7Y/o=
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:29 2025 by rpki-client