Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
File: d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa (raw, json)
Hash identifier: gc5SugzAx708UiKzFpOaw8G+hc9dpTzL0XT9I/faqLU=
Subject key identifier: 20:FA:99:43:63:E6:EA:3D:B5:75:30:42:DE:CB:D8:61:8B:D2:A5:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D3B321433BA6DAA92FA13EA2377ED5B1572FE51
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
Signing time: Fri 25 Apr 2025 20:30:09 +0000
ROA not before: Fri 25 Apr 2025 20:30:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d024::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:3b:32:14:33:ba:6d:aa:92:fa:13:ea:23:77:ed:5b:15:72:fe:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:30:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b890c0d714d1b3c3b69938520131259af6ca16c6c6a9fb1a3b8f2f990e4abc46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:03:0e:d3:22:03:d8:40:c0:68:ad:18:a1:77:
ef:e9:6e:cd:00:7e:b6:17:c1:05:2d:79:f7:7f:33:
71:d8:39:c7:04:9b:fa:c1:14:3c:b0:ff:85:bd:72:
50:9a:8f:45:6c:1c:9b:b2:4b:13:3c:75:33:5f:f9:
4a:87:c1:92:91:12:80:e5:db:67:38:9a:4b:f0:d5:
28:cd:a0:0d:36:84:22:50:d0:9f:51:54:5a:b9:ae:
66:04:ae:5a:3f:a2:1a:9a:91:5f:c4:77:57:35:14:
fa:83:82:bf:71:c7:88:44:a2:af:1c:1f:f4:5a:85:
61:e5:62:46:22:3d:df:11:6d:85:78:c7:57:94:6c:
0d:fd:f2:04:c6:eb:66:87:c1:f6:e1:14:d9:3f:8c:
dc:a9:a7:a4:31:ef:93:9a:d6:01:70:39:f4:c9:f3:
4d:38:f1:dc:5c:97:12:00:60:66:04:ef:23:0b:82:
a6:16:46:36:4a:2d:ae:3b:92:e2:ab:0b:95:6b:de:
4b:9b:5e:f8:32:b9:4e:a4:85:0a:f7:8a:f5:c3:cc:
e9:1f:dd:38:e6:ed:76:0d:bc:6a:b8:fd:47:ed:89:
dc:81:c9:e9:f4:c7:77:95:87:1f:85:8b:22:75:e1:
fe:70:28:51:e1:88:bb:be:78:02:4e:e8:62:3b:e8:
46:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FA:99:43:63:E6:EA:3D:B5:75:30:42:DE:CB:D8:61:8B:D2:A5:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d024::/36
Signature Algorithm: sha256WithRSAEncryption
a2:ee:3f:59:4e:33:a1:f0:4a:65:e9:78:13:4f:ae:71:47:b2:
99:23:f2:85:0b:5b:c9:70:00:01:e7:50:59:57:32:3c:da:e0:
d0:49:88:a3:90:e1:d9:6a:6a:0f:29:22:34:df:d2:cf:eb:d6:
31:d7:a8:0e:1d:1e:e0:9c:88:d8:fa:5a:9a:97:c6:cc:2f:41:
e5:7b:c1:78:d3:4f:9f:75:d0:77:e3:24:43:f8:10:58:ad:8c:
5a:04:4a:79:b3:fc:d5:67:b5:1f:7e:29:6f:39:86:0b:80:ce:
1f:d6:dc:b3:d3:0c:e5:68:2b:11:18:29:4a:aa:96:8c:f5:37:
e4:37:be:59:7d:a4:0a:bf:f2:96:96:68:9a:5b:52:96:9c:e5:
bf:73:7e:81:91:1a:77:a1:f9:d5:8d:67:d9:2d:59:42:7c:43:
9e:8f:7f:0e:5d:81:a8:f2:e9:9b:1e:84:7a:82:1a:f4:19:dd:
bb:11:c9:17:c5:87:a4:ad:9a:e6:4f:04:57:0f:4b:26:c8:e5:
92:d6:17:d3:53:ee:1a:2b:de:78:10:1f:7d:c4:a2:f2:cb:dc:
4d:e7:4e:f4:a3:b1:35:c9:bd:b3:1e:1f:21:e1:8f:c5:0a:0f:
74:20:02:e1:15:92:1f:0c:1f:ee:f1:2a:ec:56:49:b4:f5:0a:
ce:f0:e4:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXTsyFDO6baqS+hPqI3ftWxVy/lEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDMwMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4OTBjMGQ3MTRkMWIzYzNiNjk5Mzg1MjAxMzEyNTlhZjZjYTE2YzZjNmE5
ZmIxYTNiOGYyZjk5MGU0YWJjNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALADDtMiA9hAwGitGKF37+luzQB+thfBBS15938zcdg5xwSb+sEUPLD/hb1y
UJqPRWwcm7JLEzx1M1/5SofBkpESgOXbZziaS/DVKM2gDTaEIlDQn1FUWrmuZgSu
Wj+iGpqRX8R3VzUU+oOCv3HHiESirxwf9FqFYeViRiI93xFthXjHV5RsDf3yBMbr
ZofB9uEU2T+M3KmnpDHvk5rWAXA59MnzTTjx3FyXEgBgZgTvIwuCphZGNkotrjuS
4qsLlWveS5te+DK5TqSFCveK9cPM6R/dOObtdg28arj9R+2J3IHJ6fTHd5WHH4WL
InXh/nAoUeGIu754Ak7oYjvoRrsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQg+plD
Y+bqPbV1MELey9hhi9KlUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhmZjcwMTMtMDhiNi00ZTM2LWFiODgtYzRmOGJkM2U3YTA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CQA
MA0GCSqGSIb3DQEBCwUAA4IBAQCi7j9ZTjOh8Epl6XgTT65xR7KZI/KFC1vJcAAB
51BZVzI82uDQSYijkOHZamoPKSI039LP69Yx16gOHR7gnIjY+lqal8bML0Hle8F4
00+fddB34yRD+BBYrYxaBEp5s/zVZ7UffilvOYYLgM4f1tyz0wzlaCsRGClKqpaM
9TfkN75ZfaQKv/KWlmiaW1KWnOW/c36BkRp3ofnVjWfZLVlCfEOej38OXYGo8umb
HoR6ghr0Gd27EckXxYekrZrmTwRXD0smyOWS1hfTU+4aK954EB99xKLyy9xN5070
o7E1yb2zHh8h4Y/FCg90IALhFZIfDB/u8SrsVkm09QrO8OT0
-----END CERTIFICATE-----
Generated at Mon May 5 05:52:57 2025 by rpki-client