Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
File: 10e25f26-1142-4a43-8091-69f9ddd435c1.roa (raw, json)
Hash identifier: 6eifBfKpOqGq7FtmIKj6UuUWxVWjVuN9BZgIRzVUu/o=
Subject key identifier: 72:5F:89:6D:37:60:7D:91:C0:C2:80:C6:D7:E8:B6:CC:44:2A:D3:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44AF78BD90B9DA88D80D4CDCDA139E986AE01DB9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
Signing time: Tue 20 May 2025 20:10:13 +0000
ROA not before: Tue 20 May 2025 20:10:13 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:af:78:bd:90:b9:da:88:d8:0d:4c:dc:da:13:9e:98:6a:e0:1d:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:13 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=6a89b7c0d81963a09b3c6afa46eb9b362ea64ef71630e07bb8cee51d64db89dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:fc:54:6f:cb:1b:d6:61:86:bb:58:94:f2:
f3:c5:bd:81:c1:a0:8f:d8:b6:2e:3f:e2:5d:40:ef:
4b:cf:84:97:d5:e0:42:07:aa:62:2a:f3:b7:57:4b:
ad:c6:73:fc:f1:27:83:2e:76:99:25:8f:d2:51:d9:
c1:2e:6b:02:32:65:fb:d0:1e:d3:1d:a1:75:da:8b:
c3:6e:55:4f:30:85:58:e7:4b:e0:bc:2f:28:84:d1:
89:13:89:0c:5d:f3:53:1f:11:ad:c0:49:ee:81:83:
26:ad:ce:e7:ae:54:77:17:7c:d6:07:9b:33:58:7d:
c5:55:bf:1f:5b:8a:b0:bd:56:0c:09:3f:1d:f0:a8:
9f:b2:69:64:12:24:27:dc:ce:07:0f:ee:e7:18:27:
1b:ff:de:c1:16:d4:13:7a:b7:9a:0e:c2:4c:9d:e6:
3f:95:85:0e:30:f5:b9:26:8e:2f:2a:97:84:01:ed:
f7:6f:ac:18:47:37:7a:4b:35:0a:e4:2c:bb:aa:c3:
99:c6:4d:b0:99:6c:b0:f6:6d:f3:cc:95:8c:1a:c8:
b7:23:2e:51:bd:42:e8:65:3e:06:93:ef:8a:40:a3:
70:b9:e9:70:12:83:17:2a:92:c3:3a:60:2f:2e:b6:
63:00:0e:f2:8e:df:be:ac:f2:d5:18:f3:6b:e5:26:
96:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5F:89:6D:37:60:7D:91:C0:C2:80:C6:D7:E8:B6:CC:44:2A:D3:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:1000::/40
Signature Algorithm: sha256WithRSAEncryption
53:81:6e:1f:91:49:3b:43:cc:18:61:de:3b:40:7d:4c:31:7d:
3f:fd:78:25:ab:5c:10:47:54:03:c7:f7:73:ab:db:9a:ae:86:
65:61:c0:69:f3:42:d6:21:c4:2b:ef:65:7c:70:49:b3:a8:c3:
a6:ea:3d:b3:5f:de:8f:ce:e8:0b:c8:f7:05:5e:a9:9f:71:6c:
78:3d:dc:db:b8:19:28:2b:b7:90:74:d9:62:50:e8:4e:4a:39:
b2:89:ad:83:2f:50:67:ce:f7:a9:57:dc:77:41:2c:24:9f:ae:
cd:bf:9b:d9:35:0e:8d:61:18:be:85:a4:e6:b7:67:e3:75:51:
40:ea:99:ba:36:15:0f:65:44:4c:9c:40:b1:cd:d6:13:97:23:
41:fb:cf:fd:0b:49:6f:de:81:c7:3d:b5:9f:d5:a1:58:b3:55:
ab:7c:f7:0c:a5:5e:3f:bc:31:a1:f7:40:7a:c9:81:9c:a2:3c:
9c:15:79:00:7e:98:e6:51:a6:27:cf:47:94:53:c3:66:81:90:
06:6d:dd:e6:b8:7e:fd:33:e3:5f:51:f6:e3:33:93:05:4f:43:
a6:77:5e:11:05:f2:35:cd:ab:1e:b9:95:b1:f2:6d:1f:3b:1f:
f1:d7:d0:c9:9e:f3:77:80:a6:58:ba:c5:24:6f:44:9e:ce:8f:
42:db:2d:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURK94vZC52ojYDUzc2hOemGrgHbkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwMTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhODliN2MwZDgxOTYzYTA5YjNjNmFmYTQ2ZWI5YjM2MmVhNjRlZjcxNjMw
ZTA3YmI4Y2VlNTFkNjRkYjg5ZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKL/FRvyxvWYYa7WJTy88W9gcGgj9i2Lj/iXUDvS8+El9XgQgeqYirzt1dL
rcZz/PEngy52mSWP0lHZwS5rAjJl+9Ae0x2hddqLw25VTzCFWOdL4LwvKITRiROJ
DF3zUx8RrcBJ7oGDJq3O565Udxd81gebM1h9xVW/H1uKsL1WDAk/HfCon7JpZBIk
J9zOBw/u5xgnG//ewRbUE3q3mg7CTJ3mP5WFDjD1uSaOLyqXhAHt92+sGEc3eks1
CuQsu6rDmcZNsJlssPZt88yVjBrItyMuUb1C6GU+BpPvikCjcLnpcBKDFyqSwzpg
Ly62YwAO8o7fvqzy1Rjza+UmlmkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyX4lt
N2B9kcDCgMbX6LbMRCrT2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTBlMjVmMjYtMTE0Mi00YTQzLTgwOTEtNjlmOWRkZDQzNWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBTgW4fkUk7Q8wYYd47QH1MMX0//Xglq1wQR1QD
x/dzq9uaroZlYcBp80LWIcQr72V8cEmzqMOm6j2zX96PzugLyPcFXqmfcWx4Pdzb
uBkoK7eQdNliUOhOSjmyia2DL1BnzvepV9x3QSwkn67Nv5vZNQ6NYRi+haTmt2fj
dVFA6pm6NhUPZURMnECxzdYTlyNB+8/9C0lv3oHHPbWf1aFYs1WrfPcMpV4/vDGh
90B6yYGcojycFXkAfpjmUaYnz0eUU8NmgZAGbd3muH79M+NfUfbjM5MFT0Omd14R
BfI1zaseuZWx8m0fOx/x19DJnvN3gKZYusUkb0Sezo9C2y2t
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:34 2025 by rpki-client