Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
File: f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa (raw, json)
Hash identifier: GImdoP0o+x8BjYJMtCdn2SyvYHjlWFIMHE2cSnEkbDE=
Subject key identifier: 56:5C:65:AD:A5:D9:6B:63:40:0A:9F:E0:9B:FA:B3:B3:04:DF:59:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74820252B23CBB2F8FF8B6A1357A5379925895BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
Signing time: Mon 28 Apr 2025 15:40:08 +0000
ROA not before: Mon 28 Apr 2025 15:40:08 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:82:02:52:b2:3c:bb:2f:8f:f8:b6:a1:35:7a:53:79:92:58:95:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:08 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=fffe9342f5d9e8c2d0aa404b22bdf22de9dd09c2baa80f77a3c0fc016d4fb496, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:eb:96:fc:61:7a:6c:fe:de:5b:03:ca:46:7d:
fc:80:3d:d1:61:c7:26:c6:53:c9:55:d1:7b:4c:22:
6c:b8:d3:4c:34:b7:58:5c:ec:dc:29:cf:89:12:a9:
2c:f6:34:38:13:94:5c:37:ae:e1:22:ac:a4:9b:19:
ec:01:d3:95:bf:e3:66:c2:f5:bc:40:8e:7c:82:6d:
26:cf:96:5c:b9:5a:63:10:b9:93:90:cb:c3:4e:96:
74:1c:5c:a3:24:1a:95:5d:47:42:04:9b:08:42:48:
38:18:56:40:f9:9b:6d:27:11:ca:8f:a9:40:78:e3:
26:58:9a:55:bf:f4:5a:7d:5b:b6:00:00:fe:fe:da:
1c:78:fe:01:a5:fb:dd:4b:57:e5:50:0b:3b:33:b7:
40:c7:06:2e:21:88:49:f8:6e:8b:f5:d3:14:47:ab:
52:64:ea:84:38:c1:64:c5:89:13:58:53:74:82:fb:
77:e5:4b:11:df:09:19:06:9d:3c:cb:99:64:d0:75:
48:3f:e5:06:56:15:b3:b1:ef:17:0f:c2:29:25:3e:
af:25:af:0c:03:4e:b4:26:43:c0:4d:94:b3:14:da:
f2:e0:ce:fb:72:6f:f9:2e:22:3e:f2:56:b8:a0:33:
df:29:f2:74:33:30:be:df:66:4c:f8:b9:3e:c4:3d:
17:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:5C:65:AD:A5:D9:6B:63:40:0A:9F:E0:9B:FA:B3:B3:04:DF:59:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/38
Signature Algorithm: sha256WithRSAEncryption
c6:b9:b8:11:48:8e:c2:9b:63:17:35:07:f8:d2:f7:31:1f:41:
fe:d9:74:14:ec:76:58:81:1a:48:e2:a6:f7:9d:6f:ac:17:32:
d0:a6:36:15:f2:aa:7c:1d:1f:40:60:25:e9:b1:a2:95:54:18:
8b:38:9c:93:c0:03:9f:bd:97:9a:e0:1c:af:27:7d:f4:12:6e:
fb:d3:1c:9a:17:7d:ed:40:8d:ba:2b:c1:6a:db:79:19:5c:ca:
28:11:71:5d:9f:98:41:16:ed:83:55:b1:d4:ff:00:ae:43:b7:
b0:ad:19:c7:31:6e:00:5f:42:fa:03:e6:b4:1b:a6:2e:3c:02:
36:80:11:40:ea:ef:37:d4:8b:cd:ba:94:70:34:b3:40:1e:b4:
05:78:f0:65:f0:7c:f6:fb:a7:7b:32:f6:52:d4:bf:56:c4:98:
9e:50:f1:61:39:63:1c:be:e9:ee:4c:c1:c5:53:66:e4:f2:56:
05:6c:6e:5d:9a:1c:8e:0f:77:eb:7d:5d:f9:40:6a:22:c8:a9:
79:07:f8:b9:2a:c3:8b:47:f7:53:2d:3a:ae:f1:40:fa:47:45:
7f:78:1e:88:cd:46:df:41:36:47:84:cb:49:9c:71:90:de:6a:
17:b0:83:72:f4:ae:f3:6b:f9:2a:91:59:db:8b:b3:19:83:94:
9f:dd:00:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdIICUrI8uy+P+LahNXpTeZJYlb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMDhaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmZmU5MzQyZjVkOWU4YzJkMGFhNDA0YjIyYmRmMjJkZTlkZDA5YzJiYWE4
MGY3N2EzYzBmYzAxNmQ0ZmI0OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXrlvxhemz+3lsDykZ9/IA90WHHJsZTyVXRe0wibLjTTDS3WFzs3CnPiRKp
LPY0OBOUXDeu4SKspJsZ7AHTlb/jZsL1vECOfIJtJs+WXLlaYxC5k5DLw06WdBxc
oyQalV1HQgSbCEJIOBhWQPmbbScRyo+pQHjjJliaVb/0Wn1btgAA/v7aHHj+AaX7
3UtX5VALOzO3QMcGLiGISfhui/XTFEerUmTqhDjBZMWJE1hTdIL7d+VLEd8JGQad
PMuZZNB1SD/lBlYVs7HvFw/CKSU+ryWvDANOtCZDwE2UsxTa8uDO+3Jv+S4iPvJW
uKAz3ynydDMwvt9mTPi5PsQ9F88CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRWXGWt
pdlrY0AKn+Cb+rOzBN9ZGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjViMjViMDgtZWMyNC00ZTE4LTg0YzktMDVhYzAzNWIxNWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCA
MA0GCSqGSIb3DQEBCwUAA4IBAQDGubgRSI7Cm2MXNQf40vcxH0H+2XQU7HZYgRpI
4qb3nW+sFzLQpjYV8qp8HR9AYCXpsaKVVBiLOJyTwAOfvZea4ByvJ330Em770xya
F33tQI26K8Fq23kZXMooEXFdn5hBFu2DVbHU/wCuQ7ewrRnHMW4AX0L6A+a0G6Yu
PAI2gBFA6u831IvNupRwNLNAHrQFePBl8Hz2+6d7MvZS1L9WxJieUPFhOWMcvunu
TMHFU2bk8lYFbG5dmhyOD3frfV35QGoiyKl5B/i5KsOLR/dTLTqu8UD6R0V/eB6I
zUbfQTZHhMtJnHGQ3moXsINy9K7za/kqkVnbi7MZg5Sf3QCc
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:26 2025 by rpki-client