Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
File: 0cadec3e-a35e-4321-b172-825de7a521d7.roa (raw, json)
Hash identifier: lioh+vf4dVnx2rTOiW6p7HfdNCSnusnLazP1sCOfB2s=
Subject key identifier: AE:7D:37:58:14:9B:E0:D8:3A:EF:E1:77:40:9A:D0:D5:D3:3A:F1:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F66505EB4300D0892F720CC283F842D1BF8D760
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
Signing time: Tue 20 May 2025 18:41:28 +0000
ROA not before: Tue 20 May 2025 18:41:28 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:66:50:5e:b4:30:0d:08:92:f7:20:cc:28:3f:84:2d:1b:f8:d7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:28 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f117694498ac53e7628c9a8e959c910b15217a2a1116bbce3e13685f2123b2bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b2:78:76:59:02:1e:e7:46:da:e4:19:ad:70:
f9:c6:9f:6a:1f:7e:db:af:16:b9:b5:87:d9:d9:02:
d6:bd:9c:18:c8:c9:e1:a9:a7:b3:a9:d6:85:a0:f0:
1b:81:e1:df:ca:4e:2f:59:55:d2:3b:16:5e:91:60:
5a:0b:0d:80:d8:c6:23:6e:99:88:4b:81:24:90:3e:
9d:5c:9c:d8:0c:7b:4e:cb:7a:21:fc:23:04:be:a0:
31:fb:2a:59:62:21:5d:fe:6f:ae:3e:cf:48:fd:83:
36:2c:1e:fd:e7:d2:d0:fd:6e:02:ff:60:c2:e2:16:
50:e5:53:48:08:46:9a:31:e3:bd:50:b5:de:1e:41:
ee:69:70:63:b9:38:76:e1:07:e2:27:c8:66:cd:c2:
0c:04:68:a9:2e:54:33:0c:01:0b:ce:06:e0:f8:31:
e9:6a:25:1b:fd:3f:7d:d0:ac:75:a0:b0:ae:13:67:
72:ec:07:cb:c5:62:b3:9b:4c:5c:28:4c:26:af:c7:
56:c2:a5:fa:ee:6c:1a:70:d5:65:1e:19:96:28:da:
b4:c0:93:45:e8:30:93:e0:36:d4:bd:08:85:12:f3:
d8:fe:8f:f3:be:18:42:30:03:3c:ca:3e:11:31:98:
e7:0b:fe:e4:db:bf:87:61:55:6e:83:e0:49:45:12:
fb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7D:37:58:14:9B:E0:D8:3A:EF:E1:77:40:9A:D0:D5:D3:3A:F1:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
25:49:a6:3b:9a:91:bb:28:76:2d:91:0e:3a:76:51:11:22:da:
cd:4e:7b:64:6c:c7:dd:34:de:fb:50:ef:a3:2f:35:a8:b8:27:
4d:75:cc:78:36:26:cf:29:a1:7d:a5:12:df:31:b2:67:8e:47:
41:8c:4d:0e:77:84:c3:a5:8d:fe:14:70:c7:75:42:d4:0d:31:
a5:6c:d7:7b:28:69:95:99:1e:2c:62:7c:d1:f6:a5:c7:f1:46:
ff:44:16:af:f9:94:df:8c:a7:92:8a:a7:77:95:c2:c3:1d:a3:
07:5c:05:98:25:9e:89:c6:d3:99:8e:af:72:cb:08:5c:72:8b:
00:e4:e4:9b:ad:49:15:8f:a6:9b:a3:e5:64:1b:8f:a2:ab:30:
f3:9e:10:76:5c:2f:14:e5:3d:48:b1:3f:8e:97:77:80:30:d4:
54:89:6e:4b:b8:84:32:b4:54:91:20:3b:92:10:23:7b:91:43:
3a:4b:11:ff:2e:9c:4b:a7:6c:46:26:a2:0a:f4:a8:3d:73:62:
f7:6e:e7:f8:16:0e:b0:c4:2c:a3:5d:12:df:77:d9:ab:f6:47:
16:a6:75:39:f4:3f:d0:e4:bb:05:36:2b:39:2a:e4:38:e6:28:
b0:9e:fe:5c:03:bf:d7:8f:6c:34:32:0b:22:80:17:b1:62:76:
23:33:bb:03
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP2ZQXrQwDQiS9yDMKD+ELRv412AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxMjhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMTc2OTQ0OThhYzUzZTc2MjhjOWE4ZTk1OWM5MTBiMTUyMTdhMmExMTE2
YmJjZTNlMTM2ODVmMjEyM2IyYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiyeHZZAh7nRtrkGa1w+cafah9+268WubWH2dkC1r2cGMjJ4amns6nWhaDw
G4Hh38pOL1lV0jsWXpFgWgsNgNjGI26ZiEuBJJA+nVyc2Ax7Tst6IfwjBL6gMfsq
WWIhXf5vrj7PSP2DNiwe/efS0P1uAv9gwuIWUOVTSAhGmjHjvVC13h5B7mlwY7k4
duEH4ifIZs3CDARoqS5UMwwBC84G4Pgx6WolG/0/fdCsdaCwrhNncuwHy8Vis5tM
XChMJq/HVsKl+u5sGnDVZR4ZlijatMCTRegwk+A21L0IhRLz2P6P874YQjADPMo+
ETGY5wv+5Nu/h2FVboPgSUUS+zUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSufTdY
FJvg2Drv4XdAmtDV0zrxyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhZGVjM2UtYTM1ZS00MzIxLWIxNzItODI1ZGU3YTUyMWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAJUmmO5qRuyh2LZEOOnZRESLazU57ZGzH3TTe
+1Dvoy81qLgnTXXMeDYmzymhfaUS3zGyZ45HQYxNDneEw6WN/hRwx3VC1A0xpWzX
eyhplZkeLGJ80falx/FG/0QWr/mU34ynkoqnd5XCwx2jB1wFmCWeicbTmY6vcssI
XHKLAOTkm61JFY+mm6PlZBuPoqsw854QdlwvFOU9SLE/jpd3gDDUVIluS7iEMrRU
kSA7khAje5FDOksR/y6cS6dsRiaiCvSoPXNi927n+BYOsMQso10S33fZq/ZHFqZ1
OfQ/0OS7BTYrOSrkOOYosJ7+XAO/149sNDILIoAXsWJ2IzO7Aw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:42 2025 by rpki-client