Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
File: 28181159-5695-4944-b901-f84b836b4d8f.roa (raw, json)
Hash identifier: bL//opzABnOPqDEvXKlmWJ3spKpFk4+tINEnfUAtLbU=
Subject key identifier: 96:AF:E3:D9:D9:D5:4A:18:1E:07:74:BD:7B:89:12:F4:D9:5E:F3:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CFEFE063349425E06BA6FE19B0BB5952A342160
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
Signing time: Tue 13 May 2025 18:30:18 +0000
ROA not before: Tue 13 May 2025 18:30:18 +0000
ROA not after: Tue 17 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:fe:fe:06:33:49:42:5e:06:ba:6f:e1:9b:0b:b5:95:2a:34:21:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 13 18:30:18 2025 GMT
Not After : Jun 17 23:59:59 2025 GMT
Subject: serialNumber=3761c4a403a30d29e78990ddc5829a08b775be0bc06cad3520424b2542605a5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:49:ae:26:d7:db:c8:a3:b6:6d:cf:f3:b7:74:
80:56:93:68:cc:01:29:b9:78:1e:4b:85:88:2e:e5:
8b:c7:34:c7:3a:df:6a:38:94:db:b1:34:cd:b3:84:
a2:6d:89:3b:1b:18:e4:b7:d7:52:b4:2c:df:3a:3d:
a9:3e:f5:7c:92:e9:86:57:c0:82:c1:96:f6:71:61:
4c:df:36:c0:e4:90:9e:3b:2c:b0:b2:4c:ef:5d:ff:
ba:6e:94:43:dc:6b:d6:6b:a2:90:cf:df:52:82:74:
ce:92:79:16:6b:d9:eb:09:8d:38:44:aa:f5:05:0e:
f9:c0:25:e2:df:20:d0:e0:b5:b5:a2:fb:94:77:1b:
14:e2:12:90:61:3d:c6:96:ed:aa:f0:15:8c:4a:80:
64:30:84:65:a6:e2:7c:21:f5:a5:c7:66:9c:6a:78:
88:e8:e0:c7:c6:fc:65:37:9e:d4:e8:fa:e7:4d:0f:
e3:0a:76:2d:3d:f3:6e:72:ad:91:1e:99:6a:1c:4c:
1d:6a:6b:dc:bc:fd:9c:66:4e:c3:d1:65:e2:dd:34:
09:b2:81:54:aa:6c:50:31:c2:25:23:48:32:a7:8f:
82:39:fa:dc:b8:70:12:07:93:1d:a8:9c:e4:cf:37:
ce:0a:60:c2:dc:cb:3c:a3:73:6b:83:7f:79:e9:a9:
06:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AF:E3:D9:D9:D5:4A:18:1E:07:74:BD:7B:89:12:F4:D9:5E:F3:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:7c:3e:9b:34:0b:58:ec:67:81:a0:66:69:3a:ea:1e:4e:05:
44:34:c7:ec:76:f3:cc:0f:08:c6:90:ea:3b:9e:fd:20:2e:26:
df:e7:4e:4b:e4:fc:fd:9f:b3:a4:a8:bf:25:6d:4e:06:33:eb:
28:72:dc:26:05:07:e0:f3:f5:3b:a5:2f:d9:d0:87:38:c1:6f:
8a:69:c1:0d:71:f0:43:e7:7f:c2:ec:8c:03:b1:d0:40:ec:99:
6d:0d:02:92:95:5a:96:7d:b2:41:f3:3c:5c:38:37:20:78:bc:
e8:2b:6c:6c:eb:4b:9a:5f:ac:a9:6b:21:20:01:38:fa:99:6c:
76:05:97:6b:26:cb:97:15:9e:d9:1c:68:94:df:00:9d:7b:df:
ff:2e:f0:3e:e1:0a:2b:84:3a:80:fb:2a:13:fb:8e:ac:b9:d7:
da:be:fd:96:39:1a:49:dc:d6:6b:e7:ac:3c:de:be:02:a0:70:
96:0e:75:d2:a3:2b:03:07:fc:98:ac:95:c1:b7:54:29:5d:fb:
57:6e:c1:b0:b0:37:f1:86:e3:d2:05:ac:32:18:5f:5d:67:da:
58:5a:0b:bb:09:21:da:cb:d7:ad:69:00:82:fb:5e:c9:90:53:
9f:22:aa:6a:6d:c9:c3:20:6a:75:69:0e:28:77:f8:31:73:bf:
c5:8b:16:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXP7+BjNJQl4Gum/hmwu1lSo0IWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTMxODMwMThaFw0yNTA2MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3NjFjNGE0MDNhMzBkMjllNzg5OTBkZGM1ODI5YTA4Yjc3NWJlMGJjMDZj
YWQzNTIwNDI0YjI1NDI2MDVhNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJJribX28ijtm3P87d0gFaTaMwBKbl4HkuFiC7li8c0xzrfajiU27E0zbOE
om2JOxsY5LfXUrQs3zo9qT71fJLphlfAgsGW9nFhTN82wOSQnjsssLJM713/um6U
Q9xr1muikM/fUoJ0zpJ5FmvZ6wmNOESq9QUO+cAl4t8g0OC1taL7lHcbFOISkGE9
xpbtqvAVjEqAZDCEZabifCH1pcdmnGp4iOjgx8b8ZTee1Oj6500P4wp2LT3zbnKt
kR6ZahxMHWpr3Lz9nGZOw9Fl4t00CbKBVKpsUDHCJSNIMqePgjn63LhwEgeTHaic
5M83zgpgwtzLPKNza4N/eempBqkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSWr+PZ
2dVKGB4HdL17iRL02V7zPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjgxODExNTktNTY5NS00OTQ0LWI5MDEtZjg0YjgzNmI0ZDhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQClfD6bNAtY7GeBoGZpOuoeTgVENMfsdvPMDwjG
kOo7nv0gLibf505L5Pz9n7OkqL8lbU4GM+soctwmBQfg8/U7pS/Z0Ic4wW+KacEN
cfBD53/C7IwDsdBA7JltDQKSlVqWfbJB8zxcODcgeLzoK2xs60uaX6ypayEgATj6
mWx2BZdrJsuXFZ7ZHGiU3wCde9//LvA+4QorhDqA+yoT+46sudfavv2WORpJ3NZr
56w83r4CoHCWDnXSoysDB/yYrJXBt1QpXftXbsGwsDfxhuPSBawyGF9dZ9pYWgu7
CSHay9etaQCC+17JkFOfIqpqbcnDIGp1aQ4od/gxc7/FixYU
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:29:49 2025 by rpki-client