Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json)
Hash identifier: Vmg6n7x5lTrNg+QVAXwMzrrJ1jEOLGRdkF+geTseG74=
Subject key identifier: 87:B0:7A:6C:39:D4:53:45:17:D9:EB:11:50:3E:5F:DD:3A:B5:77:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22BB27E7316A2DB5980EE06CCF0F6630B5F09FF0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
Signing time: Mon 28 Apr 2025 15:41:03 +0000
ROA not before: Mon 28 Apr 2025 15:41:03 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:bb:27:e7:31:6a:2d:b5:98:0e:e0:6c:cf:0f:66:30:b5:f0:9f:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:41:03 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=c668b10e35af694e41cb8127057f3b555151d14692e8cd6402a65b7786c5c746, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a6:04:59:a8:d4:d0:c0:ab:48:d5:c8:ef:2c:
af:ed:a6:97:bc:0c:58:90:f0:64:2a:10:85:30:72:
22:ea:71:e1:46:67:ee:9b:8f:24:10:67:5a:d2:05:
ad:37:31:56:3d:66:ab:37:ce:aa:7c:9e:ee:50:5c:
9e:dd:86:24:24:b4:bb:aa:05:eb:42:ac:cf:cf:81:
bd:fb:cc:0a:8e:12:1c:f5:bf:a8:39:a1:11:ef:a1:
45:68:6d:2f:6d:2e:ed:19:52:a5:95:7a:79:0c:9d:
f7:3b:a2:1d:3d:a6:f1:6d:88:c6:20:f7:a9:4e:5c:
14:2a:30:01:6d:9d:5d:1c:ba:70:c3:d0:26:00:ef:
fa:84:76:25:e2:57:75:4c:6e:0b:ac:fb:a8:05:8a:
63:b9:b7:b6:3e:1d:37:27:c0:7f:f3:55:98:85:56:
f8:32:1c:db:e2:ab:9d:8e:7e:d1:d6:e9:96:e8:75:
c0:61:1e:e0:78:7d:c0:e4:2a:ef:24:96:1e:c6:fa:
7a:5c:b4:96:67:1f:2e:1e:17:59:64:f8:58:6c:90:
cf:36:a3:8d:4b:6c:ee:7c:4f:4d:4d:4d:36:84:68:
f1:13:8a:e3:98:c5:a4:21:a7:aa:f0:56:b2:11:59:
48:88:1a:55:02:76:5a:7b:7f:13:04:86:68:c1:80:
9a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B0:7A:6C:39:D4:53:45:17:D9:EB:11:50:3E:5F:DD:3A:B5:77:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:c000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:d2:0c:d1:67:a6:65:ec:39:a0:01:00:61:94:03:a8:18:69:
e8:72:3a:da:97:f5:3b:81:81:05:3e:f8:d1:7d:b8:82:c6:0c:
f5:dd:17:6d:88:f1:d1:05:f5:6b:fa:f9:1c:cb:ff:5e:21:cd:
cf:1e:cf:24:f3:60:70:51:80:93:90:92:3e:76:e4:9b:2e:88:
fd:92:04:47:4d:f1:05:fb:63:a1:fa:aa:85:10:89:68:24:45:
a4:d3:64:77:a7:98:28:38:d3:14:ef:41:07:73:0e:14:5f:19:
5e:92:ec:ba:85:aa:1c:ab:ce:45:54:17:7f:9d:33:4b:02:71:
56:38:7c:c4:51:c1:ac:26:fa:c2:03:c7:48:76:24:9c:e8:95:
88:32:d8:01:ea:a4:4a:a9:d8:89:90:10:cb:08:70:e0:01:d2:
f1:5a:c7:aa:e9:e1:24:79:00:75:4f:07:4b:21:7b:0f:1f:9f:
54:33:19:9e:7f:86:2a:86:4b:ef:7c:79:1f:88:25:0e:3b:47:
e7:ab:76:11:16:c9:49:22:72:26:64:86:7d:1b:23:a3:34:f6:
0b:94:28:f5:f5:4d:e5:c6:78:db:ad:f9:1c:df:75:25:98:69:
e1:f1:2b:2c:95:53:83:38:4e:5c:18:61:16:17:26:40:c3:41:
37:40:f6:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIrsn5zFqLbWYDuBszw9mMLXwn/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQxMDNaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NjhiMTBlMzVhZjY5NGU0MWNiODEyNzA1N2YzYjU1NTE1MWQxNDY5MmU4
Y2Q2NDAyYTY1Yjc3ODZjNWM3NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2mBFmo1NDAq0jVyO8sr+2ml7wMWJDwZCoQhTByIupx4UZn7puPJBBnWtIF
rTcxVj1mqzfOqnye7lBcnt2GJCS0u6oF60Ksz8+BvfvMCo4SHPW/qDmhEe+hRWht
L20u7RlSpZV6eQyd9zuiHT2m8W2IxiD3qU5cFCowAW2dXRy6cMPQJgDv+oR2JeJX
dUxuC6z7qAWKY7m3tj4dNyfAf/NVmIVW+DIc2+KrnY5+0dbpluh1wGEe4Hh9wOQq
7ySWHsb6ely0lmcfLh4XWWT4WGyQzzajjUts7nxPTU1NNoRo8ROK45jFpCGnqvBW
shFZSIgaVQJ2Wnt/EwSGaMGAmm0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHsHps
OdRTRRfZ6xFQPl/dOrV3uzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA
MA0GCSqGSIb3DQEBCwUAA4IBAQAN0gzRZ6Zl7DmgAQBhlAOoGGnocjral/U7gYEF
PvjRfbiCxgz13RdtiPHRBfVr+vkcy/9eIc3PHs8k82BwUYCTkJI+duSbLoj9kgRH
TfEF+2Oh+qqFEIloJEWk02R3p5goONMU70EHcw4UXxlekuy6haocq85FVBd/nTNL
AnFWOHzEUcGsJvrCA8dIdiSc6JWIMtgB6qRKqdiJkBDLCHDgAdLxWseq6eEkeQB1
TwdLIXsPH59UMxmef4YqhkvvfHkfiCUOO0fnq3YRFslJInImZIZ9GyOjNPYLlCj1
9U3lxnjbrfkc33UlmGnh8SsslVODOE5cGGEWFyZAw0E3QPa3
-----END CERTIFICATE-----
Generated at Mon May 5 10:54:28 2025 by rpki-client