Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
File: 0b28278f-4fad-45f4-a194-c2e785f1c443.roa (raw, json)
Hash identifier: rkuuQDTkx2Hmc4GDaMZlG1F1cinFmShIa/9CWUS5fDs=
Subject key identifier: 4B:60:25:08:58:FB:EF:D5:61:59:24:8B:4F:87:16:18:CA:E3:60:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F69EA793C7F84913302E6BA79920D7D7AB72D46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
Signing time: Tue 20 May 2025 20:21:43 +0000
ROA not before: Tue 20 May 2025 20:21:43 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:69:ea:79:3c:7f:84:91:33:02:e6:ba:79:92:0d:7d:7a:b7:2d:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:43 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=eaf3cdfda7f943680ddbd60a76f4ad6a029ac6b346f512a34dc9d071cc7174d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:71:c9:aa:1c:03:99:1d:d4:2f:60:0d:cf:4a:
4a:f1:b8:01:2e:37:17:ee:67:b4:ff:15:2d:07:a0:
a3:72:98:3e:b4:51:81:c6:30:f6:2e:e3:76:3e:43:
35:35:0b:e8:10:fd:22:74:08:ef:67:26:79:43:d7:
d4:e7:e6:17:a1:71:50:ce:22:be:96:00:b0:dd:93:
a1:16:08:fa:40:52:fc:1f:b4:42:11:9d:e5:12:f8:
53:77:eb:d0:19:0c:a9:15:3e:19:5a:bb:84:4d:d3:
1f:4d:c9:ba:a4:50:ce:50:7f:11:42:1e:47:75:44:
9e:59:e3:31:d5:74:df:90:8e:b8:de:ae:5b:67:26:
e4:b5:16:21:42:90:1a:2b:91:ef:be:d7:6c:b5:b8:
f9:52:75:05:65:7c:2a:77:99:46:a5:8a:5a:55:b5:
79:08:de:0e:ab:11:c7:87:92:6f:f6:ca:99:7a:64:
db:ae:7f:64:4c:2f:cc:64:e6:83:12:cb:49:52:b1:
6f:27:7e:be:66:f0:d2:51:b5:a1:0e:28:f6:22:23:
b3:5c:9d:08:1b:91:a4:2f:de:98:47:24:c5:d4:74:
81:a3:fa:6c:b8:e1:99:09:e1:c4:e1:4a:e9:1e:29:
b8:04:b2:ce:dc:f6:94:26:d2:23:19:89:ad:82:c1:
3f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:60:25:08:58:FB:EF:D5:61:59:24:8B:4F:87:16:18:CA:E3:60:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:800::/38
Signature Algorithm: sha256WithRSAEncryption
5a:e5:ea:71:b2:9d:27:00:f8:ce:4a:32:08:4b:e8:97:17:83:
f2:0d:53:56:29:48:51:1c:df:49:1d:54:b6:c2:59:29:cb:1c:
42:c2:dd:87:d1:2d:57:36:86:50:c4:56:99:40:51:89:70:1e:
0d:30:e0:8a:84:68:50:9d:05:0d:56:af:c6:04:9f:b1:ab:b2:
3b:9c:1f:74:8c:0c:61:1c:2b:d4:2d:dd:5b:ce:7d:dc:61:61:
dd:c1:dc:ea:a6:85:46:2c:61:dd:ab:e6:0f:61:73:35:a8:89:
1b:71:01:0a:f5:73:e0:7a:20:a2:8f:57:b5:b3:67:a7:d0:7a:
ca:fb:9c:55:0a:3c:46:88:3f:44:86:3e:d5:f6:20:40:d0:8a:
c9:c5:cf:19:19:2d:d8:2b:ad:d2:b1:68:72:54:2b:58:6c:39:
82:42:af:7f:d9:80:73:53:71:6b:5d:e8:f1:57:62:c7:41:1e:
35:89:dd:3e:58:da:a2:0e:c9:c7:e0:5d:a9:7a:b8:76:8e:91:
a6:d9:c0:1c:8c:4e:e7:7d:95:b5:83:e6:f6:3c:7d:90:12:f2:
96:99:42:d7:f9:cf:02:5b:fb:42:36:ac:4f:ca:b4:aa:6c:69:
6c:50:d5:7d:6c:78:13:d7:45:49:3c:cf:79:1f:01:e4:20:b2:
71:54:1f:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf2nqeTx/hJEzAua6eZINfXq3LUYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxNDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhZjNjZGZkYTdmOTQzNjgwZGRiZDYwYTc2ZjRhZDZhMDI5YWM2YjM0NmY1
MTJhMzRkYzlkMDcxY2M3MTc0ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1xyaocA5kd1C9gDc9KSvG4AS43F+5ntP8VLQego3KYPrRRgcYw9i7jdj5D
NTUL6BD9InQI72cmeUPX1OfmF6FxUM4ivpYAsN2ToRYI+kBS/B+0QhGd5RL4U3fr
0BkMqRU+GVq7hE3TH03JuqRQzlB/EUIeR3VEnlnjMdV035COuN6uW2cm5LUWIUKQ
GiuR777XbLW4+VJ1BWV8KneZRqWKWlW1eQjeDqsRx4eSb/bKmXpk265/ZEwvzGTm
gxLLSVKxbyd+vmbw0lG1oQ4o9iIjs1ydCBuRpC/emEckxdR0gaP6bLjhmQnhxOFK
6R4puASyztz2lCbSIxmJrYLBP4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLYCUI
WPvv1WFZJItPhxYYyuNgiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyODI3OGYtNGZhZC00NWY0LWExOTQtYzJlNzg1ZjFjNDQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBa5epxsp0nAPjOSjIIS+iXF4PyDVNWKUhRHN9J
HVS2wlkpyxxCwt2H0S1XNoZQxFaZQFGJcB4NMOCKhGhQnQUNVq/GBJ+xq7I7nB90
jAxhHCvULd1bzn3cYWHdwdzqpoVGLGHdq+YPYXM1qIkbcQEK9XPgeiCij1e1s2en
0HrK+5xVCjxGiD9Ehj7V9iBA0IrJxc8ZGS3YK63SsWhyVCtYbDmCQq9/2YBzU3Fr
XejxV2LHQR41id0+WNqiDsnH4F2perh2jpGm2cAcjE7nfZW1g+b2PH2QEvKWmULX
+c8CW/tCNqxPyrSqbGlsUNV9bHgT10VJPM95HwHkILJxVB9j
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:25 2025 by rpki-client