Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: NkS1Vq+DpyY1tDUmfXq+1ZjnQ6JsT0X2PL6y/2hCzNY=
Subject key identifier: 3F:30:C3:75:4B:AE:E1:2C:40:E0:45:D0:97:51:C0:51:28:B0:59:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E0540B9B72B5C32E3CB8B03765F921A9B846370
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Tue 20 May 2025 20:00:11 +0000
ROA not before: Tue 20 May 2025 20:00:11 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:05:40:b9:b7:2b:5c:32:e3:cb:8b:03:76:5f:92:1a:9b:84:63:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:11 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=800f9f5dcc80d8b49a031bf1618c7e6cee4e1f4bbcca307e7b1ba1135951eb54, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bb:50:16:9f:2f:f9:7c:30:a8:db:8c:c9:b1:
83:a5:15:0f:d0:28:d9:77:83:81:a6:7e:0a:f8:f1:
de:7d:0e:df:69:2c:f1:a9:fc:c7:ae:3b:2d:82:d2:
fe:99:04:2b:e8:1a:6b:8f:c5:ca:b0:95:bb:4b:7f:
55:b1:a5:41:d4:07:01:81:c0:b4:09:88:25:26:a0:
7e:23:b2:33:e2:84:aa:6f:2a:a2:07:71:93:81:ee:
44:12:8f:91:7c:47:4c:fb:8f:af:43:13:ad:f4:7c:
dc:f4:9a:db:11:80:47:9c:ad:48:d0:d0:1e:a0:45:
6f:60:a0:e3:02:b7:af:ff:0d:0f:be:7c:15:7f:c0:
84:f2:d2:9d:62:e0:d5:02:60:4d:9d:59:66:d3:aa:
18:64:59:77:69:dc:ec:d3:1f:65:32:01:4a:0a:a1:
3d:f5:e7:ff:2f:b9:12:b8:be:37:2e:5c:cf:a0:02:
54:f8:7d:97:70:88:b6:d1:d7:ba:6f:b1:ad:d6:12:
39:3f:cf:af:bc:c3:a0:fb:03:93:4b:3e:39:bc:4f:
3b:d6:f8:de:05:4d:68:03:40:b0:75:bf:3d:08:cb:
f8:33:97:a7:84:da:6d:64:bc:5a:09:f1:0f:16:19:
ff:43:29:3e:aa:14:99:fa:e4:a1:13:06:19:56:ca:
6f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:30:C3:75:4B:AE:E1:2C:40:E0:45:D0:97:51:C0:51:28:B0:59:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
78:e7:61:0e:4a:1b:b5:e4:8e:c9:a1:ad:0a:10:92:55:26:fb:
c5:cc:d7:ef:14:c4:b8:a2:60:8a:98:ee:99:cc:78:fc:cf:b6:
b5:a5:92:d9:67:2c:bd:7c:f3:3d:b8:af:e7:dc:1b:54:21:8c:
ac:bb:e9:76:a5:c9:8e:c2:8c:52:f1:f7:e6:1e:e6:a8:b6:b6:
90:03:7b:57:81:5e:d9:15:45:c4:b9:10:4f:f4:52:ed:ee:57:
ef:7d:4b:5a:88:75:0a:b6:71:ba:3f:2e:d2:41:ff:5e:05:5f:
57:2a:47:ba:1e:66:46:6a:d9:3b:06:e1:c1:43:f6:7e:dc:54:
98:b2:56:28:96:78:49:47:c1:fd:50:48:37:61:04:16:2c:fb:
b8:93:14:d2:ea:d6:2f:24:55:93:40:0c:47:dc:b9:dc:66:ae:
0e:56:85:7d:21:57:99:2b:58:7f:bc:e8:54:6b:47:aa:00:71:
7c:50:17:aa:f9:52:91:b6:21:f9:b9:f4:a9:44:de:a4:c9:45:
47:be:9f:84:84:3f:1b:5d:71:a2:85:4b:21:cc:c2:ac:6b:8d:
2a:f7:5a:63:e3:22:ed:3a:c9:d8:4a:4c:96:37:91:c1:d1:15:
ad:b2:0e:db:58:2e:9c:c9:2f:ee:0e:f1:1b:be:f5:4b:bc:7d:
71:f5:2d:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULgVAubcrXDLjy4sDdl+SGpuEY3AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwMTFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwMGY5ZjVkY2M4MGQ4YjQ5YTAzMWJmMTYxOGM3ZTZjZWU0ZTFmNGJiY2Nh
MzA3ZTdiMWJhMTEzNTk1MWViNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIO7UBafL/l8MKjbjMmxg6UVD9Ao2XeDgaZ+Cvjx3n0O32ks8an8x647LYLS
/pkEK+gaa4/FyrCVu0t/VbGlQdQHAYHAtAmIJSagfiOyM+KEqm8qogdxk4HuRBKP
kXxHTPuPr0MTrfR83PSa2xGAR5ytSNDQHqBFb2Cg4wK3r/8ND758FX/AhPLSnWLg
1QJgTZ1ZZtOqGGRZd2nc7NMfZTIBSgqhPfXn/y+5Eri+Ny5cz6ACVPh9l3CIttHX
um+xrdYSOT/Pr7zDoPsDk0s+ObxPO9b43gVNaANAsHW/PQjL+DOXp4TabWS8Wgnx
DxYZ/0MpPqoUmfrkoRMGGVbKbwkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/MMN1
S67hLEDgRdCXUcBRKLBZTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQB452EOShu15I7Joa0KEJJVJvvFzNfvFMS4omCK
mO6ZzHj8z7a1pZLZZyy9fPM9uK/n3BtUIYysu+l2pcmOwoxS8ffmHuaotraQA3tX
gV7ZFUXEuRBP9FLt7lfvfUtaiHUKtnG6Py7SQf9eBV9XKke6HmZGatk7BuHBQ/Z+
3FSYslYolnhJR8H9UEg3YQQWLPu4kxTS6tYvJFWTQAxH3LncZq4OVoV9IVeZK1h/
vOhUa0eqAHF8UBeq+VKRtiH5ufSpRN6kyUVHvp+EhD8bXXGihUshzMKsa40q91pj
4yLtOsnYSkyWN5HB0RWtsg7bWC6cyS/uDvEbvvVLvH1x9S0B
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:13 2025 by rpki-client