Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
File: ea271f77-763d-42f8-a315-60081847d059.roa (raw, json)
Hash identifier: SHEk/XDNyfagDk4JVVIL1zuZFEQhr6M0V/3//xURli4=
Subject key identifier: BC:A4:02:F5:C7:1B:B1:59:98:28:53:3E:4B:5D:EF:4F:BE:05:19:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78618CF47FE71C2BC12767969DDB48515811FBFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
Signing time: Fri 25 Apr 2025 18:11:16 +0000
ROA not before: Fri 25 Apr 2025 18:11:16 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:61:8c:f4:7f:e7:1c:2b:c1:27:67:96:9d:db:48:51:58:11:fb:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:11:16 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ee0913392a1a443575cd3ba956f07cc30230cfdf8e49a8d00b11a8737606104c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:36:21:b2:f7:1f:59:a6:ac:2e:2e:63:af:bd:
bd:13:7b:9f:0d:b8:10:4c:dd:b2:be:5f:38:6f:e7:
9c:91:4f:15:74:64:c8:e7:14:6c:ab:9e:cb:79:13:
d3:89:29:7f:11:0a:b1:04:79:1f:b8:6b:76:94:34:
33:ae:b5:98:b3:9b:18:47:12:b3:f9:9e:ee:ac:b7:
cc:92:d0:48:46:66:73:0e:e4:38:ab:33:86:43:3b:
ce:01:e6:1b:20:5e:33:92:a9:c5:f0:a6:97:98:4f:
60:06:66:3d:1f:19:3b:c7:90:19:d5:e3:ed:71:69:
3f:fb:aa:a4:f3:54:50:75:87:d5:de:87:c6:45:4f:
ff:49:bc:2a:ab:2c:2e:27:b1:b4:c3:5b:8d:d3:24:
a4:0a:23:84:57:95:2c:72:cc:37:5b:da:24:a0:c0:
d4:87:8e:d8:e8:39:21:7a:4d:ab:97:fc:2c:ba:77:
91:67:41:3b:c1:76:45:dd:d6:17:fc:d2:7e:24:76:
69:63:32:3d:f5:6e:9a:3e:93:a0:39:84:f5:59:54:
1a:d6:b0:08:2f:7e:72:79:4c:1a:6d:ff:95:d0:f9:
45:6e:4c:77:25:da:e5:ab:7a:ed:61:c8:6b:7a:a0:
0f:6b:ae:b3:a0:02:c4:9e:9e:00:e1:da:78:6c:de:
7c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A4:02:F5:C7:1B:B1:59:98:28:53:3E:4B:5D:EF:4F:BE:05:19:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e040::/48
Signature Algorithm: sha256WithRSAEncryption
5a:15:6e:e0:27:1b:93:00:b3:c2:72:ba:c5:9a:3a:41:4f:d9:
44:df:70:dc:6a:7f:70:c3:83:76:40:16:80:22:f1:8b:ef:f1:
aa:3f:f9:a7:ef:1e:6b:9c:61:a8:41:af:bb:95:c1:ac:0a:12:
ec:93:2b:98:d6:63:1b:31:09:a8:02:1d:75:06:82:94:73:d1:
8b:55:5a:f3:94:b5:0f:ee:b5:d8:20:24:dd:f9:14:e9:1c:3b:
00:62:6d:59:42:1e:23:67:f6:7e:bd:f1:24:42:82:41:a7:7f:
14:b6:d2:1d:99:32:cf:cc:5c:28:df:03:ed:6d:fe:19:93:8d:
b8:99:4e:e9:38:96:e2:d0:b7:35:59:15:c8:60:bd:81:4c:bf:
6f:0e:a1:be:52:7c:3c:d6:8c:60:45:6a:8b:02:8d:63:37:31:
23:e3:a4:c3:49:f1:b4:28:77:47:a8:43:b2:d1:8a:0c:fd:00:
76:0d:6e:7f:13:05:a1:76:7b:e2:b3:70:41:1a:ef:66:3c:67:
a8:b0:9b:d5:ac:f1:17:4c:0f:7d:00:1e:76:fe:99:92:28:b1:
ba:57:66:d3:ac:02:61:4e:bc:c5:1d:6c:af:4d:e8:7a:6c:33:
ca:b5:45:18:b5:64:fc:85:2a:1a:6e:b3:54:37:1e:c2:96:ad:
f6:89:19:91
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeGGM9H/nHCvBJ2eWndtIUVgR+/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODExMTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMDkxMzM5MmExYTQ0MzU3NWNkM2JhOTU2ZjA3Y2MzMDIzMGNmZGY4ZTQ5
YThkMDBiMTFhODczNzYwNjEwNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANA2IbL3H1mmrC4uY6+9vRN7nw24EEzdsr5fOG/nnJFPFXRkyOcUbKuey3kT
04kpfxEKsQR5H7hrdpQ0M661mLObGEcSs/me7qy3zJLQSEZmcw7kOKszhkM7zgHm
GyBeM5KpxfCml5hPYAZmPR8ZO8eQGdXj7XFpP/uqpPNUUHWH1d6HxkVP/0m8Kqss
LiextMNbjdMkpAojhFeVLHLMN1vaJKDA1IeO2Og5IXpNq5f8LLp3kWdBO8F2Rd3W
F/zSfiR2aWMyPfVumj6ToDmE9VlUGtawCC9+cnlMGm3/ldD5RW5MdyXa5at67WHI
a3qgD2uus6ACxJ6eAOHaeGzefKcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS8pAL1
xxuxWZgoUz5LXe9PvgUZoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEyNzFmNzctNzYzZC00MmY4LWEzMTUtNjAwODE4NDdkMDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
QDANBgkqhkiG9w0BAQsFAAOCAQEAWhVu4CcbkwCzwnK6xZo6QU/ZRN9w3Gp/cMOD
dkAWgCLxi+/xqj/5p+8ea5xhqEGvu5XBrAoS7JMrmNZjGzEJqAIddQaClHPRi1Va
85S1D+612CAk3fkU6Rw7AGJtWUIeI2f2fr3xJEKCQad/FLbSHZkyz8xcKN8D7W3+
GZONuJlO6TiW4tC3NVkVyGC9gUy/bw6hvlJ8PNaMYEVqiwKNYzcxI+Okw0nxtCh3
R6hDstGKDP0Adg1ufxMFoXZ74rNwQRrvZjxnqLCb1azxF0wPfQAedv6Zkiixuldm
06wCYU68xR1sr03oemwzyrVFGLVk/IUqGm6zVDcewpat9okZkQ==
-----END CERTIFICATE-----
Generated at Mon May 5 08:20:29 2025 by rpki-client