Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
File: 17057de1-0841-47c5-9f52-f4f803d5e2d4.roa (raw, json)
Hash identifier: eZWpM5QIl6baVyoKg7SXREFKTWPB+agihTp4YBg6838=
Subject key identifier: 7C:56:DC:86:D1:6D:6F:73:CD:6D:11:DC:AA:C7:CA:2B:22:11:01:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69057E258C6956F6C4355D89AB21BC2C2C045185
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
Signing time: Tue 20 May 2025 20:01:35 +0000
ROA not before: Tue 20 May 2025 20:01:35 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:05:7e:25:8c:69:56:f6:c4:35:5d:89:ab:21:bc:2c:2c:04:51:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:35 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=767f2f568ca665ca6c1913283014bfe8b09991cbdece4cb97f7529acb658e948, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b6:d3:19:88:87:9e:b3:f2:cc:3c:68:29:20:
d1:94:7c:b7:99:70:1d:53:02:55:80:57:05:7c:74:
0f:e5:be:0b:8b:13:2e:47:41:bc:e7:5f:6f:31:be:
82:71:71:2b:be:36:12:45:ff:5f:90:35:43:24:36:
ea:ca:cf:7f:03:3e:bb:6f:84:66:73:43:5f:3f:a9:
fc:6e:d1:87:6e:ad:f7:2d:0f:49:44:54:1c:2e:e8:
ce:8f:b3:a1:39:c2:ad:09:c3:9b:22:7a:82:07:1e:
ff:aa:15:16:f2:4b:5a:2c:fd:df:be:08:dd:64:40:
51:4b:9b:e3:f8:f3:2d:b4:1d:a0:e2:34:38:20:a6:
5b:c4:15:05:6e:9a:60:f7:96:ac:94:12:46:74:2a:
d6:b9:b5:79:aa:6b:1a:f2:8e:ed:25:bb:c1:67:19:
62:3b:70:4b:9b:b5:ed:fd:87:df:d5:2b:1d:a3:fc:
c1:fd:97:67:07:b5:49:3e:e5:e4:25:04:94:df:ac:
6c:4f:2a:a7:9d:99:34:32:eb:1f:87:ef:bc:0f:4f:
47:da:6c:61:9f:bc:91:86:21:be:29:25:4e:d9:d9:
1f:a1:ac:c5:dd:71:ff:c9:1a:aa:5d:f1:08:5a:3d:
87:66:58:11:4b:9b:2a:e8:d4:2f:15:17:3d:0e:14:
dc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:56:DC:86:D1:6D:6F:73:CD:6D:11:DC:AA:C7:CA:2B:22:11:01:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
76:be:e9:9e:63:8f:5f:e7:e3:20:d3:2c:9b:0e:52:84:ea:e3:
60:f5:87:8f:97:92:13:c1:db:82:2e:a5:93:58:67:36:39:1c:
27:08:97:15:e1:6f:58:d8:df:45:e0:1e:d5:33:fa:a4:44:0e:
73:18:36:20:9b:8c:ce:95:38:72:60:b6:bf:e8:a3:6a:ff:75:
fc:c6:5e:10:74:f3:de:2e:7c:d4:32:c4:73:84:4e:07:01:83:
7b:82:e2:ae:fc:4f:52:f4:d2:56:c4:09:c8:38:92:87:88:ae:
86:a5:96:a6:26:6d:62:f2:5f:d6:b1:4a:36:6c:6a:17:bd:a8:
66:2b:16:80:ae:f8:a8:0f:67:07:49:e3:a9:7b:68:70:ea:72:
07:2a:d6:7e:bd:8d:81:f4:c9:d9:0a:be:cf:16:8a:6b:41:8c:
fc:b5:d5:cd:df:10:84:83:e5:94:dd:71:53:f1:15:c5:0b:85:
ad:a7:67:cf:84:a0:d8:48:c3:ec:58:7b:a9:20:fc:12:35:de:
ff:74:c8:7d:f5:2f:36:d6:fe:c2:53:9e:33:38:2e:3f:05:f7:
a7:c2:79:2b:6d:f7:d6:ab:a3:88:38:02:f4:3b:6a:31:0e:ed:
82:f4:ff:d2:17:be:02:e4:b4:a9:08:db:5f:83:90:50:7b:3e:
5b:06:1d:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaQV+JYxpVvbENV2JqyG8LCwEUYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMzVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2N2YyZjU2OGNhNjY1Y2E2YzE5MTMyODMwMTRiZmU4YjA5OTkxY2JkZWNl
NGNiOTdmNzUyOWFjYjY1OGU5NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMu20xmIh56z8sw8aCkg0ZR8t5lwHVMCVYBXBXx0D+W+C4sTLkdBvOdfbzG+
gnFxK742EkX/X5A1QyQ26srPfwM+u2+EZnNDXz+p/G7Rh26t9y0PSURUHC7ozo+z
oTnCrQnDmyJ6ggce/6oVFvJLWiz9374I3WRAUUub4/jzLbQdoOI0OCCmW8QVBW6a
YPeWrJQSRnQq1rm1eaprGvKO7SW7wWcZYjtwS5u17f2H39UrHaP8wf2XZwe1ST7l
5CUElN+sbE8qp52ZNDLrH4fvvA9PR9psYZ+8kYYhviklTtnZH6Gsxd1x/8kaql3x
CFo9h2ZYEUubKujULxUXPQ4U3FUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR8VtyG
0W1vc81tEdyqx8orIhEBPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTcwNTdkZTEtMDg0MS00N2M1LTlmNTItZjRmODAzZDVlMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQB2vumeY49f5+Mg0yybDlKE6uNg9YePl5ITwduC
LqWTWGc2ORwnCJcV4W9Y2N9F4B7VM/qkRA5zGDYgm4zOlThyYLa/6KNq/3X8xl4Q
dPPeLnzUMsRzhE4HAYN7guKu/E9S9NJWxAnIOJKHiK6GpZamJm1i8l/WsUo2bGoX
vahmKxaArvioD2cHSeOpe2hw6nIHKtZ+vY2B9MnZCr7PFoprQYz8tdXN3xCEg+WU
3XFT8RXFC4Wtp2fPhKDYSMPsWHupIPwSNd7/dMh99S821v7CU54zOC4/Bfenwnkr
bffWq6OIOAL0O2oxDu2C9P/SF74C5LSpCNtfg5BQez5bBh3A
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:07 2025 by rpki-client