Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
File: 6236cad2-ab49-4574-b740-7b70c27fae87.roa (raw, json)
Hash identifier: 5+Yf7Zj98TFbOlQoRKGUu+xQ1Q8yg1i0Gp45AIo5SfU=
Subject key identifier: 84:B5:0B:CB:9C:CF:2C:DC:F9:AA:4E:10:E9:17:A8:42:2F:6C:C8:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5473A9D3FD4E5A8F06A202EF475F19E59CC0C5F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
Signing time: Mon 28 Apr 2025 15:40:12 +0000
ROA not before: Mon 28 Apr 2025 15:40:12 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:73:a9:d3:fd:4e:5a:8f:06:a2:02:ef:47:5f:19:e5:9c:c0:c5:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:12 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=8903837ea677993f91860d606a868aa352918b0de71e7837c148865f2f2a596a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:90:bf:a5:88:6e:08:33:dd:46:85:74:f8:98:
e2:3b:86:20:8f:3b:25:85:05:ba:f3:10:1b:9a:34:
b8:37:38:59:b3:bf:78:71:f2:e4:e7:5c:d9:98:06:
8f:f7:97:67:4f:3f:30:91:32:af:4f:7e:14:b9:af:
30:42:a4:bf:de:84:f0:25:57:bd:3b:30:76:5f:20:
ad:b3:8e:de:da:11:90:cf:6f:86:2f:08:87:f6:cc:
8e:f5:2c:3d:82:19:ce:9c:d4:f8:c1:7d:11:01:0c:
f4:3b:a4:c5:55:69:22:ce:cd:b5:6a:31:96:ba:b2:
4f:a3:3a:a7:90:fb:ba:b8:e4:3e:26:a5:2c:ea:e5:
17:c2:30:c8:2d:1d:6d:5e:ba:dc:74:e3:e8:22:48:
95:33:dc:b2:cb:45:8c:e9:40:cc:df:79:c1:59:50:
11:00:b6:b3:b5:5a:34:43:35:1b:c1:81:32:d9:fd:
5d:05:d5:8e:3e:b4:de:fb:3a:9e:5c:90:48:17:0a:
c3:3a:fa:36:21:eb:46:0e:ba:b3:63:da:bf:35:ce:
32:e4:98:29:9a:a4:20:ce:5f:63:d0:a3:c5:1d:65:
2a:ac:0b:ec:b0:23:9a:9a:bb:87:4a:e2:4a:3e:60:
1f:5d:ba:c0:50:dd:02:94:dc:7d:82:c3:c4:56:0c:
6d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B5:0B:CB:9C:CF:2C:DC:F9:AA:4E:10:E9:17:A8:42:2F:6C:C8:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8400::/38
Signature Algorithm: sha256WithRSAEncryption
c7:f2:b5:dc:a4:f0:56:17:cf:9c:00:e7:f4:85:15:2b:59:43:
f5:a1:d9:80:13:90:bd:b9:ba:c2:27:1c:c6:01:5d:5a:e3:5b:
00:b3:31:9a:3f:95:ca:93:47:7c:9b:61:ef:73:97:50:de:ea:
26:1d:3c:32:28:7f:58:51:50:da:7a:e7:78:c5:5a:cf:df:b9:
1e:32:a4:03:6a:c2:20:ef:96:5d:6b:bb:24:93:63:3f:59:23:
de:d0:e2:91:22:77:32:60:5f:6a:8b:af:3c:e2:1c:7c:06:c7:
1c:5f:ff:05:7d:88:58:4d:b5:d5:f0:99:c2:90:64:db:06:d3:
ed:08:9c:79:17:4a:ea:08:ce:11:65:4d:60:13:e5:74:49:20:
68:d6:43:27:d2:16:49:42:18:91:6a:80:b0:8b:ca:32:dd:59:
53:a1:0e:85:1b:98:ba:e2:e9:d1:78:7a:3f:13:8f:90:f1:fc:
31:fe:a7:ba:dd:92:a5:fb:1d:cd:51:6a:29:84:c2:82:46:9c:
37:d2:04:48:de:73:26:71:eb:cf:c7:56:76:c0:42:aa:fa:f4:
53:5f:d6:47:45:40:8a:23:67:23:d1:c4:0b:8b:4d:3c:f6:32:
0b:b1:29:35:f0:61:77:f3:3d:71:bb:f0:7b:5b:06:43:38:5b:
00:a0:c2:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVHOp0/1OWo8GogLvR18Z5ZzAxfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMTJaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MDM4MzdlYTY3Nzk5M2Y5MTg2MGQ2MDZhODY4YWEzNTI5MThiMGRlNzFl
NzgzN2MxNDg4NjVmMmYyYTU5NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+Qv6WIbggz3UaFdPiY4juGII87JYUFuvMQG5o0uDc4WbO/eHHy5Odc2ZgG
j/eXZ08/MJEyr09+FLmvMEKkv96E8CVXvTswdl8grbOO3toRkM9vhi8Ih/bMjvUs
PYIZzpzU+MF9EQEM9DukxVVpIs7NtWoxlrqyT6M6p5D7urjkPialLOrlF8IwyC0d
bV663HTj6CJIlTPcsstFjOlAzN95wVlQEQC2s7VaNEM1G8GBMtn9XQXVjj603vs6
nlyQSBcKwzr6NiHrRg66s2PavzXOMuSYKZqkIM5fY9CjxR1lKqwL7LAjmpq7h0ri
Sj5gH126wFDdApTcfYLDxFYMbb8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSEtQvL
nM8s3PmqThDpF6hCL2zIKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjIzNmNhZDItYWI0OS00NTc0LWI3NDAtN2I3MGMyN2ZhZTg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCE
MA0GCSqGSIb3DQEBCwUAA4IBAQDH8rXcpPBWF8+cAOf0hRUrWUP1odmAE5C9ubrC
JxzGAV1a41sAszGaP5XKk0d8m2Hvc5dQ3uomHTwyKH9YUVDaeud4xVrP37keMqQD
asIg75Zda7skk2M/WSPe0OKRIncyYF9qi6884hx8BsccX/8FfYhYTbXV8JnCkGTb
BtPtCJx5F0rqCM4RZU1gE+V0SSBo1kMn0hZJQhiRaoCwi8oy3VlToQ6FG5i64unR
eHo/E4+Q8fwx/qe63ZKl+x3NUWophMKCRpw30gRI3nMmcevPx1Z2wEKq+vRTX9ZH
RUCKI2cj0cQLi0089jILsSk18GF38z1xu/B7WwZDOFsAoMIU
-----END CERTIFICATE-----
Generated at Mon May 5 13:30:29 2025 by rpki-client