Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: 3IvbT1YgzeOsqhue8XEWssurqykEjYtJkfF2eWUOaRg=
Subject key identifier: CB:5C:8B:0E:69:D8:F6:2C:0F:0E:7C:C6:95:7E:13:7D:14:DC:81:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43FB2B40687B23853D9E7B93C72887EDEA67DE46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Fri 25 Apr 2025 20:30:06 +0000
ROA not before: Fri 25 Apr 2025 20:30:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:fb:2b:40:68:7b:23:85:3d:9e:7b:93:c7:28:87:ed:ea:67:de:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:30:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8867b7da0e58024dd6407a0b2686a858a43afa1651f0a0abf5e6f90d41d88928, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:15:d4:cf:ed:64:52:fa:b8:a4:ac:16:ac:24:
e6:2c:c7:1e:3b:f7:86:bd:a5:fd:b7:ec:27:cf:44:
cd:bb:4b:cf:6e:33:97:3c:0d:b0:e1:08:d2:53:06:
5e:b6:8d:af:15:60:29:8b:7c:94:04:b2:37:a4:02:
bf:4c:13:9c:5e:89:88:42:bc:2e:4b:ad:b6:88:b6:
08:c5:47:2c:af:35:f8:dd:30:82:35:5d:eb:f1:7b:
c6:9a:3f:d3:21:5d:cb:22:12:03:0c:23:13:2f:b5:
7d:a1:9a:e9:51:50:42:6e:39:0e:a2:f4:8a:dd:4d:
05:16:1b:a6:3a:ab:55:a1:05:60:2f:94:86:9a:41:
4f:80:7e:a4:9f:43:2c:99:72:24:78:85:c2:5f:ca:
52:3b:a8:fa:01:f1:57:d0:9b:9f:c6:60:94:a4:b0:
68:fe:c8:b2:4c:db:1b:dc:01:85:a1:71:db:e8:bb:
ed:39:59:ef:46:d4:3e:26:4f:a1:f4:3e:c4:60:c2:
12:27:c4:78:11:93:e5:bd:bd:9a:75:5a:82:ac:3b:
41:b6:80:45:48:fc:1b:75:47:f8:44:a8:a0:5d:0f:
7b:bf:18:e4:e9:cc:fc:90:c9:73:c7:71:03:e9:25:
e0:ac:59:34:b9:c0:92:52:57:2f:ec:da:9f:8e:cd:
6c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5C:8B:0E:69:D8:F6:2C:0F:0E:7C:C6:95:7E:13:7D:14:DC:81:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
48:d6:31:e2:84:08:0d:54:88:fa:02:9f:3e:3c:66:d7:11:68:
28:8e:25:3c:dc:e0:c8:43:cb:50:cf:de:c5:7f:9d:73:db:4e:
bd:28:31:6d:35:93:e4:61:9e:43:de:64:94:88:d4:3b:cc:8a:
de:9d:38:ed:a7:22:f1:60:59:16:fc:f3:bd:8c:a4:80:90:84:
ef:6f:c0:0b:fb:7e:6d:ba:3d:2f:d5:09:7c:62:91:76:6c:fb:
88:52:de:7f:1f:a5:f1:86:91:33:d5:5b:c5:4c:d6:b2:79:79:
17:82:54:ad:cf:74:8b:b8:a7:65:d0:36:e3:e0:97:79:4c:74:
73:4d:7d:6b:6a:cc:50:d9:fb:7a:36:80:89:ab:81:6e:c3:ee:
47:2f:9b:5e:96:72:6a:f6:7e:4f:d0:d6:a0:a1:ce:06:dd:b9:
28:f8:f8:9d:47:64:25:2f:82:0a:2c:bd:63:17:25:5a:6b:c5:
27:80:6a:bc:7e:45:97:8c:80:86:7f:04:fd:d4:84:90:b1:d2:
76:80:cf:2c:74:ce:42:21:d8:75:ad:69:6a:7c:68:4b:26:50:
c7:d6:57:39:6c:1a:8d:56:48:33:eb:64:8c:a4:68:f0:96:bd:
b6:dc:91:63:3f:b6:6d:0a:31:90:cb:fc:2d:b7:0d:5c:94:27:
36:68:2a:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ/srQGh7I4U9nnuTxyiH7epn3kYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDMwMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NjdiN2RhMGU1ODAyNGRkNjQwN2EwYjI2ODZhODU4YTQzYWZhMTY1MWYw
YTBhYmY1ZTZmOTBkNDFkODg5MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOYV1M/tZFL6uKSsFqwk5izHHjv3hr2l/bfsJ89EzbtLz24zlzwNsOEI0lMG
XraNrxVgKYt8lASyN6QCv0wTnF6JiEK8Lkuttoi2CMVHLK81+N0wgjVd6/F7xpo/
0yFdyyISAwwjEy+1faGa6VFQQm45DqL0it1NBRYbpjqrVaEFYC+UhppBT4B+pJ9D
LJlyJHiFwl/KUjuo+gHxV9Cbn8ZglKSwaP7IskzbG9wBhaFx2+i77TlZ70bUPiZP
ofQ+xGDCEifEeBGT5b29mnVagqw7QbaARUj8G3VH+ESooF0Pe78Y5OnM/JDJc8dx
A+kl4KxZNLnAklJXL+zan47NbL8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLXIsO
adj2LA8OfMaVfhN9FNyBwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQBI1jHihAgNVIj6Ap8+PGbXEWgojiU83ODIQ8tQ
z97Ff51z2069KDFtNZPkYZ5D3mSUiNQ7zIrenTjtpyLxYFkW/PO9jKSAkITvb8AL
+35tuj0v1Ql8YpF2bPuIUt5/H6XxhpEz1VvFTNayeXkXglStz3SLuKdl0Dbj4Jd5
THRzTX1rasxQ2ft6NoCJq4Fuw+5HL5telnJq9n5P0Nagoc4G3bko+PidR2QlL4IK
LL1jFyVaa8UngGq8fkWXjICGfwT91ISQsdJ2gM8sdM5CIdh1rWlqfGhLJlDH1lc5
bBqNVkgz62SMpGjwlr223JFjP7ZtCjGQy/wttw1clCc2aCrx
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:15 2025 by rpki-client