Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
File: 17e30daf-f11a-4af6-8f47-661a735a22e9.roa (raw, json)
Hash identifier: U7kQOTwWOKZsxJPTR0hvg96LcAApc8bRLOBPouCvbII=
Subject key identifier: 4D:45:8D:47:F3:85:95:C6:1E:05:8D:68:13:2A:74:ED:C2:16:9E:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59D7B8EA5A5055D4F689E3F7241CC626C1D5230C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
Signing time: Tue 20 May 2025 19:50:02 +0000
ROA not before: Tue 20 May 2025 19:50:02 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d7:b8:ea:5a:50:55:d4:f6:89:e3:f7:24:1c:c6:26:c1:d5:23:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:50:02 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=888d6c292593ead884793c20788245b9d98b826d0061b7e0ae9cfe34ce01cbdd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b0:dd:2b:dc:a3:33:5f:52:54:02:0f:46:c3:
9c:99:fe:92:d4:da:ec:ae:1c:91:ae:96:e1:25:d7:
18:49:e8:11:ac:31:9f:7a:ef:18:75:cd:cc:9f:91:
42:56:ba:9d:21:ab:f9:e8:fc:82:7a:01:35:35:eb:
f0:e4:81:d6:59:bf:85:80:7f:78:f6:a5:58:ff:7c:
98:6f:d5:fb:f3:2f:6c:ce:7f:5f:8d:ee:79:f3:98:
86:4b:4a:e6:b4:b8:51:3c:23:5a:19:f9:69:68:08:
d9:70:e6:8a:34:68:e4:50:9c:bb:bd:43:ba:40:5c:
e2:72:da:28:45:3f:96:e2:c0:a9:f0:0e:4a:97:11:
b9:19:08:63:b6:52:59:b1:db:04:53:26:d0:8a:8c:
72:f8:1a:d3:24:c8:f3:72:c6:90:a3:a7:58:e1:ec:
4f:89:ad:00:f2:97:97:c9:8b:04:20:06:8c:13:76:
dd:80:26:2b:d3:9f:17:f7:99:e2:ed:ac:8e:70:5a:
0d:94:01:ae:a3:94:7d:fc:f5:fd:b7:32:ff:47:82:
21:86:39:f4:ab:d2:34:0f:d4:da:bc:5d:64:6f:d2:
4c:c6:b8:d1:0d:61:dc:6a:26:9d:09:33:95:5f:ba:
0a:41:c6:d5:96:7d:66:b4:48:d1:d8:99:ad:fd:ad:
c7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:45:8D:47:F3:85:95:C6:1E:05:8D:68:13:2A:74:ED:C2:16:9E:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:5000::/40
Signature Algorithm: sha256WithRSAEncryption
9b:a0:22:7b:de:ec:d1:08:d5:3d:f9:63:af:a9:02:81:7b:ff:
5b:61:14:7c:5c:f2:93:f9:91:54:02:3a:df:f1:14:9a:0a:20:
c1:d8:ea:17:49:fd:32:22:70:b1:cc:86:ea:85:dd:0e:04:96:
3a:2c:5b:c7:ab:71:6e:9b:c8:0a:fd:37:c0:d0:d7:03:25:42:
b2:20:e3:a1:65:b2:1e:08:a4:bb:3d:18:92:bc:ef:8e:ac:75:
2f:40:1f:c5:f7:21:4f:c3:2a:f5:07:20:ac:a4:a5:2d:76:df:
59:99:0a:41:03:72:c9:8a:a5:19:d3:a1:21:f3:2a:8a:23:f5:
d3:9f:c7:f3:9c:7c:25:74:76:8c:ed:a4:d8:59:3b:88:51:cc:
74:b4:f3:5c:83:67:76:1a:5c:14:88:4e:26:f6:31:9f:61:17:
b0:e9:84:d3:a8:4b:db:d3:94:3d:89:35:a5:99:dd:80:11:0c:
b5:11:50:1a:af:d5:bf:73:2d:9f:13:48:1d:cb:4c:13:22:5f:
77:2a:9a:68:6b:2d:06:b9:c0:5d:6e:84:d6:86:67:f2:82:5c:
d5:94:71:4b:4d:8e:e3:a9:69:40:97:4b:5d:2a:b6:d0:9c:33:
c2:66:34:0b:66:e3:a2:8c:a2:14:b4:03:d9:95:92:c2:26:99:
37:2b:c9:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWde46lpQVdT2ieP3JBzGJsHVIwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUwMDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4OGQ2YzI5MjU5M2VhZDg4NDc5M2MyMDc4ODI0NWI5ZDk4YjgyNmQwMDYx
YjdlMGFlOWNmZTM0Y2UwMWNiZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSw3SvcozNfUlQCD0bDnJn+ktTa7K4cka6W4SXXGEnoEawxn3rvGHXNzJ+R
Qla6nSGr+ej8gnoBNTXr8OSB1lm/hYB/ePalWP98mG/V+/MvbM5/X43uefOYhktK
5rS4UTwjWhn5aWgI2XDmijRo5FCcu71DukBc4nLaKEU/luLAqfAOSpcRuRkIY7ZS
WbHbBFMm0IqMcvga0yTI83LGkKOnWOHsT4mtAPKXl8mLBCAGjBN23YAmK9OfF/eZ
4u2sjnBaDZQBrqOUffz1/bcy/0eCIYY59KvSNA/U2rxdZG/STMa40Q1h3GomnQkz
lV+6CkHG1ZZ9ZrRI0diZrf2tx6MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNRY1H
84WVxh4FjWgTKnTtwhaeWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdlMzBkYWYtZjExYS00YWY2LThmNDctNjYxYTczNWEyMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCboCJ73uzRCNU9+WOvqQKBe/9bYRR8XPKT+ZFU
Ajrf8RSaCiDB2OoXSf0yInCxzIbqhd0OBJY6LFvHq3Fum8gK/TfA0NcDJUKyIOOh
ZbIeCKS7PRiSvO+OrHUvQB/F9yFPwyr1ByCspKUtdt9ZmQpBA3LJiqUZ06Eh8yqK
I/XTn8fznHwldHaM7aTYWTuIUcx0tPNcg2d2GlwUiE4m9jGfYRew6YTTqEvb05Q9
iTWlmd2AEQy1EVAar9W/cy2fE0gdy0wTIl93Kppoay0GucBdboTWhmfyglzVlHFL
TY7jqWlAl0tdKrbQnDPCZjQLZuOijKIUtAPZlZLCJpk3K8k8
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:25 2025 by rpki-client