Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
File: 04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa (raw, json)
Hash identifier: 0Vze6ObcioJleKSRKReYgzJE5jHe3suUhAEs5isBnSI=
Subject key identifier: 17:11:41:D2:87:5B:87:D8:06:53:BC:3A:8E:97:09:11:B9:F6:CD:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 212ED63D3ECF33C6367C39177494E5E88B96FC46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
Signing time: Fri 23 May 2025 00:40:09 +0000
ROA not before: Fri 23 May 2025 00:40:09 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:2e:d6:3d:3e:cf:33:c6:36:7c:39:17:74:94:e5:e8:8b:96:fc:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:09 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=4298855999379b5e2cc5277a4714a1e94e3b1e4fa4cd11d3baaf9cef55de33cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:da:6f:87:de:0f:66:a3:2a:25:13:4d:07:41:
92:cb:f2:7e:89:2e:3c:5b:84:6c:5a:fc:4d:a1:ec:
50:60:c1:68:b9:d6:00:4a:f1:b1:55:85:79:45:6d:
a7:de:4f:c8:69:a6:f6:89:2a:4d:a2:fa:3f:b2:0c:
22:1d:e5:9e:47:2b:35:03:b6:4d:04:c9:86:80:04:
c2:d2:55:35:6e:1c:72:b0:db:07:fc:5b:68:3b:ac:
23:7a:03:54:34:a9:a7:69:23:a1:9f:81:eb:64:9f:
59:39:df:94:80:aa:87:d9:19:4b:96:03:8d:1f:1a:
bc:c4:c7:97:30:4c:f4:78:d2:58:41:ca:09:e3:2a:
b4:bb:98:7d:93:e9:ca:ff:b9:d6:3b:23:47:11:de:
17:1b:8c:7f:33:b9:2c:2e:91:60:dc:c9:61:72:24:
ed:7e:a7:ce:0f:1d:88:ba:dc:32:41:fa:bd:7f:0e:
9a:50:7d:da:a9:3b:03:85:ce:23:b6:8e:c7:8c:d3:
63:43:a7:14:c1:b4:c0:e4:89:96:3b:2f:2c:09:79:
c6:f2:ef:5f:cc:a2:4c:dd:8c:29:17:86:4e:ec:b5:
23:65:d4:8f:fb:10:74:dc:2f:95:5c:44:4d:dd:22:
83:24:d6:e0:cc:81:55:de:43:8b:cf:21:ce:49:c3:
e0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:11:41:D2:87:5B:87:D8:06:53:BC:3A:8E:97:09:11:B9:F6:CD:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8800::/38
Signature Algorithm: sha256WithRSAEncryption
b9:21:89:ad:0c:c9:03:ec:b8:5a:9c:e1:46:d2:c8:df:67:e2:
e9:15:a8:39:ef:fc:b6:20:ef:64:dc:53:0d:26:0f:ac:d4:e3:
e5:b3:15:87:fd:89:12:68:2c:aa:ce:2d:5d:22:17:93:4a:1e:
be:53:7e:44:fc:cd:c8:d1:30:bc:a8:14:ec:1d:f5:55:93:93:
fb:3c:e7:5d:a8:bd:a9:e8:ae:72:f3:a4:16:e6:2f:55:6b:89:
6e:a3:89:cb:ca:62:0a:1e:eb:06:e7:9a:52:4d:4f:0d:8f:2d:
71:4e:97:f3:4e:47:a7:c1:a1:5f:70:dd:12:cb:c3:2b:5f:de:
dd:e0:ae:fa:2d:1f:24:ee:78:9a:ca:a1:23:59:d6:a9:e6:44:
a4:77:dc:2f:2a:5c:e3:88:9a:e5:af:ab:8b:42:1b:b0:6a:40:
0e:c5:32:47:3e:61:7f:4a:21:aa:a3:c0:eb:9d:aa:4b:83:61:
d9:17:d5:52:fa:fc:12:e8:b7:55:9c:0a:79:75:86:10:49:1f:
e3:76:12:f6:99:6d:b0:50:58:e3:a5:1c:43:01:37:93:5c:e5:
74:91:73:cf:29:c2:a3:96:a6:41:3e:4a:7c:f3:dc:52:ac:bb:
75:9f:6d:f3:68:61:bd:55:aa:08:96:1f:af:72:db:97:96:bb:
a1:c3:5a:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIS7WPT7PM8Y2fDkXdJTl6IuW/EYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMDlaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyOTg4NTU5OTkzNzliNWUyY2M1Mjc3YTQ3MTRhMWU5NGUzYjFlNGZhNGNk
MTFkM2JhYWY5Y2VmNTVkZTMzY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7ab4feD2ajKiUTTQdBksvyfokuPFuEbFr8TaHsUGDBaLnWAErxsVWFeUVt
p95PyGmm9okqTaL6P7IMIh3lnkcrNQO2TQTJhoAEwtJVNW4ccrDbB/xbaDusI3oD
VDSpp2kjoZ+B62SfWTnflICqh9kZS5YDjR8avMTHlzBM9HjSWEHKCeMqtLuYfZPp
yv+51jsjRxHeFxuMfzO5LC6RYNzJYXIk7X6nzg8diLrcMkH6vX8OmlB92qk7A4XO
I7aOx4zTY0OnFMG0wOSJljsvLAl5xvLvX8yiTN2MKReGTuy1I2XUj/sQdNwvlVxE
Td0igyTW4MyBVd5Di88hzknD4EECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXEUHS
h1uH2AZTvDqOlwkRufbNbTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNDY0ZmYtN2I5ZC00M2YwLTg2OWQtN2U3YzY2YTdhNWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCI
MA0GCSqGSIb3DQEBCwUAA4IBAQC5IYmtDMkD7LhanOFG0sjfZ+LpFag57/y2IO9k
3FMNJg+s1OPlsxWH/YkSaCyqzi1dIheTSh6+U35E/M3I0TC8qBTsHfVVk5P7POdd
qL2p6K5y86QW5i9Va4luo4nLymIKHusG55pSTU8Njy1xTpfzTkenwaFfcN0Sy8Mr
X97d4K76LR8k7niayqEjWdap5kSkd9wvKlzjiJrlr6uLQhuwakAOxTJHPmF/SiGq
o8DrnapLg2HZF9VS+vwS6LdVnAp5dYYQSR/jdhL2mW2wUFjjpRxDATeTXOV0kXPP
KcKjlqZBPkp889xSrLt1n23zaGG9VaoIlh+vctuXlruhw1oF
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:51 2025 by rpki-client