Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
File: ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa (raw, json)
Hash identifier: 9/PWz7aea9j3Nyvj2RYqAgXSqiU4bRMJC6EHkCHYQhM=
Subject key identifier: 9E:AD:68:22:F3:96:4E:B6:11:FC:04:F7:CE:B7:94:AE:98:0D:D2:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BEE0A09215F70DA5F0E28DA9869A00E052BE6EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
Signing time: Mon 28 Apr 2025 15:41:15 +0000
ROA not before: Mon 28 Apr 2025 15:41:15 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:ee:0a:09:21:5f:70:da:5f:0e:28:da:98:69:a0:0e:05:2b:e6:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:41:15 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=2b7751e655b49505390b591d48cbed4e7d2897a8b63ebc390116ac46643f2a46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:43:78:d5:61:01:27:88:a5:f3:e7:78:de:07:
8d:f1:6c:56:47:a0:da:c9:95:3a:a7:93:41:7f:ea:
0d:fb:ac:ec:e5:0f:ab:b0:da:25:a7:8f:52:21:ef:
1c:35:93:37:b5:f4:7e:80:15:9d:cb:8d:ad:c4:5d:
f6:01:87:20:e0:5d:9b:41:dc:1d:ff:85:33:39:30:
e4:36:d0:92:83:d4:99:0a:65:70:55:23:19:c9:cc:
48:49:9a:d1:5c:9a:8b:f7:bf:16:ed:3b:a6:3b:e6:
cb:3a:da:34:ce:15:f7:24:64:78:c0:a6:ab:9b:ce:
e9:16:58:e1:6f:07:d7:72:aa:97:76:f6:88:32:dc:
dc:ee:dc:5f:ca:04:0c:89:2f:41:35:6e:88:8c:0b:
ef:79:87:a3:0c:3d:32:de:af:89:01:4b:06:45:1a:
44:45:83:1d:84:62:34:df:c1:b4:68:b4:1a:93:f6:
07:f4:fb:cc:f0:78:da:4a:59:e2:84:00:da:69:ae:
91:97:04:87:90:0a:3f:24:e7:94:f9:6c:4f:b8:b0:
d5:e2:04:ec:bd:11:93:d4:fe:39:68:e7:1d:83:72:
82:89:88:f1:d4:b2:94:81:8d:3c:20:7a:74:32:a1:
d6:c2:80:d3:43:78:36:9e:e7:dd:9a:06:0d:d5:ed:
c9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AD:68:22:F3:96:4E:B6:11:FC:04:F7:CE:B7:94:AE:98:0D:D2:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:0f:86:c4:4e:74:06:d9:f1:91:7e:4d:f3:85:fd:89:92:32:
8a:08:77:3f:4c:d4:a9:7a:c5:63:3e:bb:ed:9a:a4:f2:96:1e:
75:0e:10:0f:5b:16:a2:4a:9c:13:40:0e:ad:cb:f7:57:a3:75:
60:80:67:08:ee:75:8e:fa:8d:df:d8:e2:43:ed:f1:fe:fc:43:
c8:3c:65:ae:63:b1:b9:39:61:94:8b:45:89:30:e3:2c:83:c4:
9f:5d:52:eb:9a:9c:41:8c:f5:17:73:14:e6:4f:93:3e:b2:35:
84:98:2e:0d:de:3e:28:8a:4e:83:a3:07:ac:30:f1:d1:36:f5:
df:78:c8:6a:f2:84:ff:f9:2a:2c:8a:55:7c:ac:34:c1:7d:d7:
c2:c3:7c:82:fd:84:e1:73:93:cd:37:9a:a6:59:1a:77:92:d0:
b6:5c:35:1d:37:5b:37:18:13:da:27:34:b6:b2:1b:72:24:80:
12:5f:69:e6:1e:60:ee:09:f0:cd:9d:f9:ab:5c:1d:5c:93:1d:
1e:9d:a0:43:aa:03:49:b6:c2:41:49:4e:ed:14:b4:67:32:e2:
3d:b0:d6:c5:69:40:8c:20:0e:c3:05:3f:ee:42:6a:46:8d:9f:
14:ee:dd:f9:50:e6:96:e6:52:fa:e7:e3:7e:5e:fb:71:f4:5b:
cc:47:6b:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW+4KCSFfcNpfDijamGmgDgUr5u8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQxMTVaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNzc1MWU2NTViNDk1MDUzOTBiNTkxZDQ4Y2JlZDRlN2QyODk3YThiNjNl
YmMzOTAxMTZhYzQ2NjQzZjJhNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1DeNVhASeIpfPneN4HjfFsVkeg2smVOqeTQX/qDfus7OUPq7DaJaePUiHv
HDWTN7X0foAVncuNrcRd9gGHIOBdm0HcHf+FMzkw5DbQkoPUmQplcFUjGcnMSEma
0Vyai/e/Fu07pjvmyzraNM4V9yRkeMCmq5vO6RZY4W8H13Kql3b2iDLc3O7cX8oE
DIkvQTVuiIwL73mHoww9Mt6viQFLBkUaREWDHYRiNN/BtGi0GpP2B/T7zPB42kpZ
4oQA2mmukZcEh5AKPyTnlPlsT7iw1eIE7L0Rk9T+OWjnHYNygomI8dSylIGNPCB6
dDKh1sKA00N4Np7n3ZoGDdXtydECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSerWgi
85ZOthH8BPfOt5SumA3SDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmZkYzNkYTEtMmVjNy00MTFlLTk1NTAtYjdjOTU2ZmI0NmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A
MA0GCSqGSIb3DQEBCwUAA4IBAQBeD4bETnQG2fGRfk3zhf2JkjKKCHc/TNSpesVj
PrvtmqTylh51DhAPWxaiSpwTQA6ty/dXo3VggGcI7nWO+o3f2OJD7fH+/EPIPGWu
Y7G5OWGUi0WJMOMsg8SfXVLrmpxBjPUXcxTmT5M+sjWEmC4N3j4oik6DowesMPHR
NvXfeMhq8oT/+SosilV8rDTBfdfCw3yC/YThc5PNN5qmWRp3ktC2XDUdN1s3GBPa
JzS2shtyJIASX2nmHmDuCfDNnfmrXB1ckx0enaBDqgNJtsJBSU7tFLRnMuI9sNbF
aUCMIA7DBT/uQmpGjZ8U7t35UOaW5lL65+N+Xvtx9FvMR2u2
-----END CERTIFICATE-----
Generated at Tue May 6 13:51:32 2025 by rpki-client