Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
File: bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa (raw, json)
Hash identifier: r/NLM8jVcoqRkuAYWM+dYjEqnkDJnwla/NxPcF47PX8=
Subject key identifier: 81:FF:A2:59:6A:3C:D6:2C:B6:67:35:5E:74:95:95:73:75:34:53:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55BFC4D1AE1CA4643360ACBFE3C41ACB552434A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
Signing time: Fri 25 Apr 2025 20:00:17 +0000
ROA not before: Fri 25 Apr 2025 20:00:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:bf:c4:d1:ae:1c:a4:64:33:60:ac:bf:e3:c4:1a:cb:55:24:34:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:00:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e4cacfe63267b41eb972975535a3c0658e25de354c79dda43b585344d41d78cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:72:0a:29:e8:46:2c:2f:07:7c:61:df:19:12:
88:06:85:c8:22:7c:2c:ed:13:3f:75:7a:71:75:87:
d8:88:70:73:b2:86:47:c8:74:92:d1:7c:f8:05:68:
02:93:28:56:d8:6c:0c:d4:2e:17:d2:24:0f:21:0a:
ad:2c:e0:5e:bb:e4:5f:c3:e9:cc:7a:f7:75:db:79:
9d:f7:3d:78:b8:c1:18:60:2a:bf:f5:dd:c6:cc:78:
8f:e4:54:f4:82:a8:82:cf:d5:5e:ca:fa:a7:b9:81:
4f:bd:42:07:49:9e:71:6f:77:df:67:51:ae:58:d7:
9f:13:59:57:a4:57:e8:ae:f2:50:b3:d6:46:88:f2:
98:62:fc:a6:b2:8f:3e:19:9d:bd:21:32:7d:dd:9d:
e6:c8:41:89:09:42:e5:13:77:77:e9:c6:bb:59:c6:
2f:b8:93:08:b5:c8:f5:06:68:38:52:4d:59:4b:6c:
03:5d:c2:c4:81:aa:d1:bf:cf:af:e9:a7:1b:23:a4:
c3:06:a3:0d:9d:37:cf:db:56:5b:71:c6:b9:0e:20:
36:07:2d:d3:66:4a:db:84:e1:06:2e:65:d4:48:d8:
ee:84:e2:37:8f:21:8c:de:6c:a5:07:27:ab:63:30:
a6:82:e6:bd:3e:20:2f:c3:9d:48:de:f1:da:7a:79:
55:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FF:A2:59:6A:3C:D6:2C:B6:67:35:5E:74:95:95:73:75:34:53:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
bd:5f:86:12:18:93:85:cd:87:8e:2c:d0:fc:d6:39:02:9f:48:
f9:aa:43:d4:1e:38:cd:5b:3b:7f:bd:bc:f4:26:da:f2:b9:4e:
2c:1b:8d:a2:f8:47:e9:5c:e0:de:f7:6d:ca:f7:28:3e:7d:ff:
09:5f:f6:49:ee:65:d0:c2:88:14:6e:f7:83:49:02:4b:2d:80:
70:be:b5:f8:bd:fa:7a:f0:3f:01:97:94:35:28:0f:ee:6e:33:
02:73:d0:12:bc:41:5c:a1:57:70:db:b5:a3:6e:c7:06:cc:2f:
8e:6b:d4:a8:2a:1f:68:ec:b6:14:c0:0f:01:30:fa:df:fc:8f:
f5:f5:90:19:9e:ff:38:ca:8b:44:1d:ff:c6:ae:8e:2e:c9:af:
7d:9e:32:3b:16:e3:1b:9b:24:78:6f:7e:13:33:b7:40:4d:70:
fa:d1:13:14:1c:7e:ee:8f:8e:34:bb:5a:3e:18:ae:12:71:57:
8a:cb:b5:3e:9e:d7:3b:34:8c:e5:75:32:3a:88:7e:be:79:87:
bc:40:54:17:4d:2f:7a:ca:4a:57:df:0f:9b:03:41:b6:1f:cf:
21:d4:b9:7f:85:f4:ef:6b:14:bd:31:3d:f2:51:9a:35:d5:e7:
47:4a:8d:d8:08:bc:25:1a:41:ed:24:7f:44:0e:93:d6:a9:1b:
51:66:a1:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVb/E0a4cpGQzYKy/48Qay1UkNKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAwMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0Y2FjZmU2MzI2N2I0MWViOTcyOTc1NTM1YTNjMDY1OGUyNWRlMzU0Yzc5
ZGRhNDNiNTg1MzQ0ZDQxZDc4Y2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVyCinoRiwvB3xh3xkSiAaFyCJ8LO0TP3V6cXWH2Ihwc7KGR8h0ktF8+AVo
ApMoVthsDNQuF9IkDyEKrSzgXrvkX8PpzHr3ddt5nfc9eLjBGGAqv/Xdxsx4j+RU
9IKogs/VXsr6p7mBT71CB0mecW9332dRrljXnxNZV6RX6K7yULPWRojymGL8prKP
PhmdvSEyfd2d5shBiQlC5RN3d+nGu1nGL7iTCLXI9QZoOFJNWUtsA13CxIGq0b/P
r+mnGyOkwwajDZ03z9tWW3HGuQ4gNgct02ZK24ThBi5l1EjY7oTiN48hjN5spQcn
q2MwpoLmvT4gL8OdSN7x2np5VWcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSB/6JZ
ajzWLLZnNV50lZVzdTRT2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmIyMTcxMGEtYTM3YS00NDc2LWFiNmItM2QwNzllOWQxY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5A
MA0GCSqGSIb3DQEBCwUAA4IBAQC9X4YSGJOFzYeOLND81jkCn0j5qkPUHjjNWzt/
vbz0JtryuU4sG42i+EfpXODe923K9yg+ff8JX/ZJ7mXQwogUbveDSQJLLYBwvrX4
vfp68D8Bl5Q1KA/ubjMCc9ASvEFcoVdw27WjbscGzC+Oa9SoKh9o7LYUwA8BMPrf
/I/19ZAZnv84yotEHf/Gro4uya99njI7FuMbmyR4b34TM7dATXD60RMUHH7uj440
u1o+GK4ScVeKy7U+ntc7NIzldTI6iH6+eYe8QFQXTS96ykpX3w+bA0G2H88h1Ll/
hfTvaxS9MT3yUZo11edHSo3YCLwlGkHtJH9EDpPWqRtRZqF2
-----END CERTIFICATE-----
Generated at Mon May 5 20:58:35 2025 by rpki-client