Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
File: 0ca11d15-d37b-4319-9b90-152e667f85ef.roa (raw, json)
Hash identifier: 3Vpf5woaxupktvZWW9X7p9pUuApyfC6ZuGiUc05V20I=
Subject key identifier: 99:84:66:42:47:5E:0B:1D:83:15:2E:17:2D:93:5A:14:84:19:23:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EA5E11BE5068046CA9FD3A981D0967B14A95BDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
Signing time: Thu 22 May 2025 01:22:14 +0000
ROA not before: Thu 22 May 2025 01:22:14 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:a5:e1:1b:e5:06:80:46:ca:9f:d3:a9:81:d0:96:7b:14:a9:5b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:14 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=f5be64ef09a1fe7c92a36d0ad041595bf294cbe052a1e34bbd89aafcf32c2d1f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:39:93:c4:52:bf:6e:23:cb:d0:6e:03:06:76:
2f:02:be:6f:a2:a5:2e:c6:93:39:34:b2:97:ab:b9:
e7:32:7b:03:93:fc:f5:dd:b4:81:44:ae:54:e4:05:
1a:26:5f:9a:69:c2:f7:c3:34:71:76:8d:9a:21:3d:
f3:52:d5:d8:11:7c:78:fa:e3:3b:70:72:22:2c:63:
d1:90:01:db:27:53:e3:14:dc:d7:95:57:c6:f9:5e:
80:11:16:2f:14:a9:22:73:de:7c:e8:4c:33:c9:67:
e9:78:21:da:67:14:d9:95:98:21:fa:4c:62:2b:53:
50:78:c7:c0:d5:37:20:9e:0a:2e:07:ca:ec:31:4f:
5a:93:88:75:a5:51:cb:eb:04:0f:03:f8:76:0c:71:
86:eb:54:59:d6:8f:88:19:ae:f4:30:7c:b8:e1:0a:
4d:3f:2b:fb:eb:27:c3:1a:dc:46:ae:e2:53:6e:a0:
fe:a6:52:f3:e7:8a:1f:a8:19:57:88:9f:a6:17:92:
02:fd:c9:40:ef:28:94:6c:ff:c8:00:62:be:da:70:
3a:f8:a7:08:15:19:b8:9f:e9:88:94:37:e4:53:02:
49:0f:f3:b0:95:b5:28:9d:c2:36:01:fe:46:16:09:
79:01:ef:79:5c:10:7b:1f:36:74:a0:d3:f2:af:e1:
1b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:84:66:42:47:5E:0B:1D:83:15:2E:17:2D:93:5A:14:84:19:23:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:10:ec:c3:4a:d4:c6:e8:b1:75:16:a7:2c:68:2c:f7:45:87:
48:8a:b8:c4:e3:ea:e4:b0:93:fa:2b:3d:a1:f4:4d:9b:27:56:
34:5a:98:c0:ac:1d:8f:df:6e:91:ac:17:87:84:b1:16:14:de:
fd:65:a0:59:97:f4:b4:9f:e2:74:b3:8f:36:33:96:bd:2a:c7:
24:a0:0f:3b:44:0d:c4:00:63:cf:52:30:43:0f:8e:8a:be:74:
c4:77:52:52:e9:4c:c2:e7:d2:ba:2b:0e:cf:f7:c4:9c:31:38:
a9:e8:3b:87:0e:2c:98:9c:63:b7:49:cf:8c:b3:07:15:b1:e7:
9d:d4:ca:97:af:73:77:c5:dc:79:83:5d:92:00:b1:7b:ef:cc:
2d:93:6e:fa:50:91:2b:24:81:7f:15:09:7a:02:71:fc:3b:24:
18:4a:fe:04:7d:2a:9a:1b:20:b4:1b:1e:22:89:0f:72:c2:31:
ee:e6:e7:18:f6:7f:fa:04:ad:f4:32:cf:b9:e4:83:20:43:c5:
f2:a3:5c:7f:37:93:9f:04:65:7c:f1:81:f0:5c:44:ee:1f:9f:
3d:40:52:d1:d7:ef:ca:2e:46:1d:eb:c6:04:73:55:5d:c8:c6:
12:aa:51:1b:ee:f4:c6:06:7f:58:c7:fc:47:a1:21:76:7b:0e:
0f:24:d2:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDqXhG+UGgEbKn9OpgdCWexSpW94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMTRaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1YmU2NGVmMDlhMWZlN2M5MmEzNmQwYWQwNDE1OTViZjI5NGNiZTA1MmEx
ZTM0YmJkODlhYWZjZjMyYzJkMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANc5k8RSv24jy9BuAwZ2LwK+b6KlLsaTOTSyl6u55zJ7A5P89d20gUSuVOQF
GiZfmmnC98M0cXaNmiE981LV2BF8ePrjO3ByIixj0ZAB2ydT4xTc15VXxvlegBEW
LxSpInPefOhMM8ln6Xgh2mcU2ZWYIfpMYitTUHjHwNU3IJ4KLgfK7DFPWpOIdaVR
y+sEDwP4dgxxhutUWdaPiBmu9DB8uOEKTT8r++snwxrcRq7iU26g/qZS8+eKH6gZ
V4ifpheSAv3JQO8olGz/yABivtpwOvinCBUZuJ/piJQ35FMCSQ/zsJW1KJ3CNgH+
RhYJeQHveVwQex82dKDT8q/hG50CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZhGZC
R14LHYMVLhctk1oUhBkjLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhMTFkMTUtZDM3Yi00MzE5LTliOTAtMTUyZTY2N2Y4NWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1g
MA0GCSqGSIb3DQEBCwUAA4IBAQDJEOzDStTG6LF1FqcsaCz3RYdIirjE4+rksJP6
Kz2h9E2bJ1Y0WpjArB2P326RrBeHhLEWFN79ZaBZl/S0n+J0s482M5a9KsckoA87
RA3EAGPPUjBDD46KvnTEd1JS6UzC59K6Kw7P98ScMTip6DuHDiyYnGO3Sc+MswcV
seed1MqXr3N3xdx5g12SALF778wtk276UJErJIF/FQl6AnH8OyQYSv4EfSqaGyC0
Gx4iiQ9ywjHu5ucY9n/6BK30Ms+55IMgQ8Xyo1x/N5OfBGV88YHwXETuH589QFLR
1+/KLkYd68YEc1VdyMYSqlEb7vTGBn9Yx/xHoSF2ew4PJNJl
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:11 2025 by rpki-client