Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
File: cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa (raw, json)
Hash identifier: tZSEBPw56eSwmc0ARz11BdhfaPdlBJ5fBlyKX55hZGc=
Subject key identifier: 72:EC:C0:36:57:2C:60:DC:BE:64:73:48:84:EE:EB:4F:3B:56:A9:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05B250D3B5DE431EC61905AFE5731BAF393D1B04
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
Signing time: Fri 25 Apr 2025 20:20:47 +0000
ROA not before: Fri 25 Apr 2025 20:20:47 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:b2:50:d3:b5:de:43:1e:c6:19:05:af:e5:73:1b:af:39:3d:1b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:47 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=92cf4f1ee2f5a111dd9de4332cf88a28cf1ad7891b63bd7145a61f985cbe7c99, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1a:88:8c:8f:c9:68:9c:ef:c8:e0:af:12:7a:
17:bd:ad:2b:d8:12:0a:d5:02:d7:3d:07:4a:a2:3f:
6a:18:dd:ba:de:1a:9b:cd:64:c4:e1:33:a0:a5:91:
09:99:d2:d9:df:8d:29:9b:eb:52:53:f2:8b:b5:00:
6c:72:75:57:1f:64:d1:65:b9:7d:42:24:1f:4a:b3:
5e:5f:4a:84:9c:3e:76:6e:be:cb:aa:4f:37:15:63:
61:92:26:a5:c2:9a:c8:65:00:bd:35:f6:bc:e0:7f:
4f:d4:7c:79:63:09:51:67:9f:26:62:07:3a:b7:51:
79:22:de:a3:1f:bf:80:d6:63:3c:9b:ef:40:86:66:
c4:08:85:20:fb:e3:e4:16:d1:05:f6:cb:2a:4a:63:
4e:64:69:ef:0b:2d:89:2c:f1:71:b1:a1:c8:55:ad:
ed:ca:09:16:88:3f:b7:ab:9a:9e:8a:8c:68:5b:18:
ff:46:40:4b:7f:1a:f9:be:ff:e1:78:8d:34:b7:6a:
0e:1d:52:59:1b:6d:73:80:ba:1b:4d:ab:32:4a:3d:
a8:c5:d9:ab:5a:33:d8:67:1a:4d:bc:77:28:22:b3:
5f:0d:d1:1a:e8:79:2e:49:7b:2d:87:2a:53:5b:36:
4e:27:31:74:62:a9:10:5d:85:c1:5a:c8:6c:12:e9:
06:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EC:C0:36:57:2C:60:DC:BE:64:73:48:84:EE:EB:4F:3B:56:A9:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:c00::/38
Signature Algorithm: sha256WithRSAEncryption
a0:5e:94:f3:28:8a:c6:62:02:b8:41:39:c0:59:bc:a9:04:e2:
9f:4e:95:c9:2c:2a:4c:74:9a:3f:b5:be:c7:94:f3:13:f0:4e:
df:82:89:f3:56:bc:59:fa:fe:cb:fc:f5:86:49:18:03:2f:86:
74:19:52:10:0a:88:8d:7f:5b:7a:f6:9f:dc:c9:ea:38:b8:39:
5d:42:56:be:17:cd:3f:7e:be:a6:a0:44:53:d7:01:15:76:e7:
4b:32:4b:82:df:c9:16:1d:de:5e:45:61:4d:d0:e1:8e:1a:6b:
63:57:1b:0a:67:9f:1c:a6:92:f1:4b:23:e9:46:85:b6:bd:b4:
04:fe:4d:2e:47:a0:c0:ba:1a:08:b5:d5:bd:63:e2:b2:44:5f:
cb:3c:ab:37:8f:ca:22:94:63:8b:b6:df:c8:34:5f:15:f3:18:
66:a9:d7:a4:c0:9d:db:ae:10:60:b7:1a:f4:de:59:25:a8:16:
fb:c8:f3:67:57:4c:9b:47:06:1d:36:1e:f8:21:14:02:c3:4f:
71:5d:49:6e:a2:49:f0:ed:37:7e:0e:72:dc:b1:4b:cd:aa:44:
e6:4e:49:bd:ce:7d:2b:10:2e:8c:01:bf:3d:2a:b3:3d:9c:5e:
74:1b:3d:47:52:3f:79:ce:a0:4a:12:40:b0:72:10:9b:b4:97:
77:4e:a7:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBbJQ07XeQx7GGQWv5XMbrzk9GwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwNDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyY2Y0ZjFlZTJmNWExMTFkZDlkZTQzMzJjZjg4YTI4Y2YxYWQ3ODkxYjYz
YmQ3MTQ1YTYxZjk4NWNiZTdjOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUaiIyPyWic78jgrxJ6F72tK9gSCtUC1z0HSqI/ahjdut4am81kxOEzoKWR
CZnS2d+NKZvrUlPyi7UAbHJ1Vx9k0WW5fUIkH0qzXl9KhJw+dm6+y6pPNxVjYZIm
pcKayGUAvTX2vOB/T9R8eWMJUWefJmIHOrdReSLeox+/gNZjPJvvQIZmxAiFIPvj
5BbRBfbLKkpjTmRp7wstiSzxcbGhyFWt7coJFog/t6uanoqMaFsY/0ZAS38a+b7/
4XiNNLdqDh1SWRttc4C6G02rMko9qMXZq1oz2GcaTbx3KCKzXw3RGuh5Lkl7LYcq
U1s2TicxdGKpEF2FwVrIbBLpBsECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRy7MA2
Vyxg3L5kc0iE7utPO1appDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I1ZWU0YzEtZGQzNi00OWE5LThiMDktODlkNThhYTgwMzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEM
MA0GCSqGSIb3DQEBCwUAA4IBAQCgXpTzKIrGYgK4QTnAWbypBOKfTpXJLCpMdJo/
tb7HlPMT8E7fgonzVrxZ+v7L/PWGSRgDL4Z0GVIQCoiNf1t69p/cyeo4uDldQla+
F80/fr6moERT1wEVdudLMkuC38kWHd5eRWFN0OGOGmtjVxsKZ58cppLxSyPpRoW2
vbQE/k0uR6DAuhoItdW9Y+KyRF/LPKs3j8oilGOLtt/INF8V8xhmqdekwJ3brhBg
txr03lklqBb7yPNnV0ybRwYdNh74IRQCw09xXUluoknw7Td+DnLcsUvNqkTmTkm9
zn0rEC6MAb89KrM9nF50Gz1HUj95zqBKEkCwchCbtJd3Tqcv
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:25 2025 by rpki-client