Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
File: 183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa (raw, json)
Hash identifier: APQLmNbJvbM0pb7lZ0o0vRbg8ArHjxTwh74bqyaXKsY=
Subject key identifier: 5D:03:B0:F4:06:21:AC:EC:DD:9D:56:DA:47:01:5E:4B:51:59:D2:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67F885BE39D177B9F5EDFCA21E078A7463811205
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
Signing time: Tue 20 May 2025 20:10:05 +0000
ROA not before: Tue 20 May 2025 20:10:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:f8:85:be:39:d1:77:b9:f5:ed:fc:a2:1e:07:8a:74:63:81:12:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=86fede6a7ffc04c995109f9ee50d4d7931aa346128f30d2b092efbc0b4950981, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:03:57:2c:1d:ed:4f:55:c2:d8:b0:6c:bb:23:
9d:0e:91:30:bc:12:47:7f:d6:ff:a7:2c:c4:cd:4b:
25:1b:61:b5:78:8a:6f:3a:3f:1f:ed:61:5d:45:bf:
54:bc:eb:7f:7b:59:66:20:8a:23:8a:67:ce:6c:c2:
42:9b:b7:a6:a9:03:6c:31:b6:17:f4:f9:f6:85:24:
e6:1f:1d:d8:ab:97:5c:4c:bd:5a:17:45:6d:8d:79:
bc:29:fd:ab:01:5a:e1:0a:80:71:d7:1f:2c:1f:98:
30:59:c2:2c:70:ae:07:b3:a3:f3:39:67:51:3c:4c:
f2:a2:15:92:06:27:48:f3:5d:a6:3f:85:d7:c4:c9:
27:ae:9d:02:01:a5:a2:52:f5:57:52:f8:16:96:cc:
26:6d:a7:49:d0:22:dc:f0:e6:63:79:ff:6d:a2:74:
74:8d:eb:da:91:89:e8:1c:22:6a:46:0b:4b:1b:1f:
e7:07:f3:f5:68:63:4b:6c:97:a5:7d:b0:69:f5:8a:
a7:ed:6c:d7:ec:57:91:b2:83:0e:8c:01:9f:53:9c:
54:6a:c5:dc:c0:d1:80:2a:98:76:76:3c:3f:2a:0d:
a5:aa:56:1b:1f:78:74:c0:e8:f6:ee:b7:fb:fc:a0:
1c:09:d8:af:2e:0f:53:52:b2:0e:33:b8:0e:5a:50:
75:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:03:B0:F4:06:21:AC:EC:DD:9D:56:DA:47:01:5E:4B:51:59:D2:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:1000::/40
Signature Algorithm: sha256WithRSAEncryption
91:05:d1:42:9b:c3:a2:03:30:75:77:78:67:46:09:90:54:fc:
7e:f1:e8:a2:2f:09:fa:e6:08:de:98:1d:73:16:c0:7a:fa:61:
f5:36:a6:6a:6b:ea:27:22:2a:4c:09:83:57:fb:31:8b:db:1d:
20:69:b0:f6:d1:cb:c7:e6:58:f5:d8:b1:47:59:33:ad:c3:2a:
91:85:fb:2a:31:80:e7:d4:94:3c:ab:19:36:a7:da:da:be:3a:
bc:6d:05:47:9c:17:25:d0:f6:bf:c7:12:77:58:59:14:88:40:
d1:f0:92:d0:10:0c:89:8f:a3:61:de:bf:aa:8b:2f:6d:d6:dc:
16:42:22:e1:86:20:f9:1f:ab:fb:a2:8e:4d:ea:ca:d5:7a:d4:
0d:01:b5:8c:97:51:dd:f8:8a:e1:9c:0e:cc:b1:48:54:9c:bc:
cc:f6:31:63:6a:9e:2b:70:72:62:04:f5:81:05:ab:9d:1a:bc:
ed:82:5c:f5:f9:4c:4c:fb:a9:d3:70:82:ba:e5:e8:16:ea:4f:
77:4d:4d:54:70:53:37:7f:15:6d:9e:83:57:a0:82:b7:d2:da:
95:a8:80:11:64:36:6f:47:07:d4:25:f5:ca:56:50:99:7f:33:
ad:7d:80:4e:ee:a2:91:68:40:89:f6:02:b4:67:a7:b7:74:32:
8c:98:b6:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ/iFvjnRd7n17fyiHgeKdGOBEgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2ZmVkZTZhN2ZmYzA0Yzk5NTEwOWY5ZWU1MGQ0ZDc5MzFhYTM0NjEyOGYz
MGQyYjA5MmVmYmMwYjQ5NTA5ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgDVywd7U9VwtiwbLsjnQ6RMLwSR3/W/6csxM1LJRthtXiKbzo/H+1hXUW/
VLzrf3tZZiCKI4pnzmzCQpu3pqkDbDG2F/T59oUk5h8d2KuXXEy9WhdFbY15vCn9
qwFa4QqAcdcfLB+YMFnCLHCuB7Oj8zlnUTxM8qIVkgYnSPNdpj+F18TJJ66dAgGl
olL1V1L4FpbMJm2nSdAi3PDmY3n/baJ0dI3r2pGJ6BwiakYLSxsf5wfz9WhjS2yX
pX2wafWKp+1s1+xXkbKDDowBn1OcVGrF3MDRgCqYdnY8PyoNpapWGx94dMDo9u63
+/ygHAnYry4PU1KyDjO4DlpQdbkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdA7D0
BiGs7N2dVtpHAV5LUVnSEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgzZWI1ODMtM2ZiMy00YzNhLWJhZGItOWZlMGE0ZTUwZmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCRBdFCm8OiAzB1d3hnRgmQVPx+8eiiLwn65gje
mB1zFsB6+mH1NqZqa+onIipMCYNX+zGL2x0gabD20cvH5lj12LFHWTOtwyqRhfsq
MYDn1JQ8qxk2p9ravjq8bQVHnBcl0Pa/xxJ3WFkUiEDR8JLQEAyJj6Nh3r+qiy9t
1twWQiLhhiD5H6v7oo5N6srVetQNAbWMl1Hd+IrhnA7MsUhUnLzM9jFjap4rcHJi
BPWBBaudGrztglz1+UxM+6nTcIK65egW6k93TU1UcFM3fxVtnoNXoIK30tqVqIAR
ZDZvRwfUJfXKVlCZfzOtfYBO7qKRaECJ9gK0Z6e3dDKMmLaD
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:23 2025 by rpki-client