Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: cYfS3jJZpIKA/9oIJqklHdz7upHB+r3dFNzZe+Pst08=
Subject key identifier: B2:FD:D9:41:A2:2D:03:4B:D5:4D:75:13:CD:09:34:F8:5E:8D:D3:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60BAE0F6C89541E456D021C689D0E52DBF21BEC3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Tue 20 May 2025 20:21:41 +0000
ROA not before: Tue 20 May 2025 20:21:41 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:ba:e0:f6:c8:95:41:e4:56:d0:21:c6:89:d0:e5:2d:bf:21:be:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:41 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ce33e701affe0afab90c5baded30302eef5582d6e21cf1878d563c43d1868f9d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:07:b5:3e:bf:f8:fa:b2:59:fe:ac:5a:ab:b4:
ab:12:1f:89:d2:ea:9a:bc:f8:ab:5f:c1:50:90:54:
dd:79:c0:3f:3f:71:24:c0:6e:57:ba:dd:a8:ed:b4:
ac:b4:69:aa:43:65:76:e0:35:4a:31:d9:5b:a8:bd:
ba:d6:5a:eb:78:f7:40:ee:83:a6:3b:94:2f:0a:8c:
34:0d:1f:1c:96:f3:49:65:6f:67:9e:a8:58:fb:b3:
6e:c6:31:41:c0:e4:9e:8e:ae:37:65:8b:dd:80:87:
bc:4f:8c:b2:f6:66:b2:8c:e4:2d:43:ff:20:0a:5c:
bf:e9:39:f0:ba:d7:49:e2:cf:41:f2:f8:02:3f:e4:
7a:09:a0:d6:ac:3d:52:3a:cf:93:7a:53:b6:9c:48:
01:59:82:e2:bf:58:3c:64:36:c8:ef:4c:30:11:78:
eb:b9:56:43:68:46:93:62:dd:91:b6:63:26:e3:43:
7c:b7:f6:02:68:7a:21:12:4b:50:a9:3a:f0:e3:a5:
e1:55:89:32:70:0a:b0:b3:74:14:99:11:08:d4:dd:
1e:cc:02:ea:05:3f:1c:4b:41:ab:b8:ff:c1:98:40:
c8:a9:2c:ce:10:49:9d:b7:b3:02:0d:40:6b:a6:03:
03:63:d9:7c:9e:75:ff:63:29:e2:aa:f9:5a:50:5d:
2c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:FD:D9:41:A2:2D:03:4B:D5:4D:75:13:CD:09:34:F8:5E:8D:D3:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
af:27:6c:e4:4f:f6:f5:db:4d:e1:a2:1d:8e:4f:bc:a4:1c:56:
59:58:a2:cb:f7:ac:f2:95:6e:9f:3f:18:4a:76:e1:a2:db:4c:
61:9c:74:46:fc:ae:5c:09:eb:f7:42:58:87:dd:dd:7d:e8:05:
b1:93:8f:bc:61:3c:57:89:a2:06:aa:9b:da:d9:39:4c:c4:ba:
40:4d:93:2b:b4:42:22:f6:5c:c1:83:71:76:53:b1:39:fd:0b:
49:11:1d:ca:5b:50:c0:36:34:1f:aa:5c:5e:56:d4:3e:9a:e3:
a6:32:8f:23:0e:83:43:98:dc:f2:31:af:26:7c:b9:45:99:1f:
eb:42:4a:f5:0c:ce:da:73:ea:ca:a0:82:9d:95:de:f1:18:a1:
c5:fa:ae:be:66:b8:49:76:85:e5:2f:27:73:f3:bd:93:df:12:
13:33:b1:d6:fa:cb:99:8d:c3:c9:35:48:aa:ec:15:79:a7:57:
d8:40:88:ad:0f:46:7a:a7:de:34:5d:43:1a:71:28:f7:4e:71:
fb:e4:13:3b:ec:cb:69:4d:76:23:43:7b:e4:31:43:9e:f7:9b:
90:a7:d4:2f:78:3c:c1:1c:95:2e:1a:8b:e1:b1:99:49:b4:21:
d6:e3:e7:a6:51:d7:ef:64:a5:01:36:23:9a:92:1a:00:82:96:
c7:87:83:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYLrg9siVQeRW0CHGidDlLb8hvsMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxNDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlMzNlNzAxYWZmZTBhZmFiOTBjNWJhZGVkMzAzMDJlZWY1NTgyZDZlMjFj
ZjE4NzhkNTYzYzQzZDE4NjhmOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsHtT6/+PqyWf6sWqu0qxIfidLqmrz4q1/BUJBU3XnAPz9xJMBuV7rdqO20
rLRpqkNlduA1SjHZW6i9utZa63j3QO6DpjuULwqMNA0fHJbzSWVvZ56oWPuzbsYx
QcDkno6uN2WL3YCHvE+MsvZmsozkLUP/IApcv+k58LrXSeLPQfL4Aj/kegmg1qw9
UjrPk3pTtpxIAVmC4r9YPGQ2yO9MMBF467lWQ2hGk2LdkbZjJuNDfLf2Amh6IRJL
UKk68OOl4VWJMnAKsLN0FJkRCNTdHswC6gU/HEtBq7j/wZhAyKkszhBJnbezAg1A
a6YDA2PZfJ51/2Mp4qr5WlBdLKUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSy/dlB
oi0DS9VNdRPNCTT4Xo3TKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQCvJ2zkT/b1203hoh2OT7ykHFZZWKLL96zylW6f
PxhKduGi20xhnHRG/K5cCev3QliH3d196AWxk4+8YTxXiaIGqpva2TlMxLpATZMr
tEIi9lzBg3F2U7E5/QtJER3KW1DANjQfqlxeVtQ+muOmMo8jDoNDmNzyMa8mfLlF
mR/rQkr1DM7ac+rKoIKdld7xGKHF+q6+ZrhJdoXlLydz872T3xITM7HW+suZjcPJ
NUiq7BV5p1fYQIitD0Z6p940XUMacSj3TnH75BM77MtpTXYjQ3vkMUOe95uQp9Qv
eDzBHJUuGovhsZlJtCHW4+emUdfvZKUBNiOakhoAgpbHh4M5
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:13 2025 by rpki-client