Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
File: 1aa38486-cd53-4f48-891d-a0191edf04a1.roa (raw, json)
Hash identifier: G9TWSjpGEZWVRdQaGh9r+M+GDrJLsy6OYckxJx5XZ5s=
Subject key identifier: 03:60:E1:3B:E5:75:EA:E3:5B:46:32:61:61:8B:0E:EE:74:E9:4D:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30C543CBF076392E292B7CEC6E7C8DFFB570BB6B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
Signing time: Tue 20 May 2025 18:40:08 +0000
ROA not before: Tue 20 May 2025 18:40:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:c5:43:cb:f0:76:39:2e:29:2b:7c:ec:6e:7c:8d:ff:b5:70:bb:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=55e6bc11173317db3532d3387f2e3b65fa871e1afebddeefcb94bdfe53361a5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6a:1e:05:01:ed:4f:60:8a:e0:ed:26:be:70:
b0:82:a4:dd:29:41:af:1f:2a:d7:1c:14:c5:b0:20:
7b:0a:f7:29:19:01:f0:f2:c2:3f:7a:f9:39:2a:ae:
d4:95:fc:14:8c:87:a0:31:21:d0:99:30:36:63:6f:
29:31:b9:29:e4:9c:ab:5d:13:77:18:39:f9:63:4f:
fa:78:d7:ad:fd:0f:1e:57:98:5b:71:c0:d1:18:8c:
b1:fb:31:88:17:33:76:2e:cd:f1:1d:44:68:c8:4f:
93:74:63:56:da:bd:cf:ae:df:b7:d8:ac:3b:d2:25:
1a:65:8e:b0:bf:b9:b3:86:57:ac:95:1d:3d:b7:ee:
e5:45:60:16:cc:d6:ac:eb:e7:7b:ab:ea:59:12:b4:
3a:fc:7c:27:9c:bc:8d:c5:11:6f:7d:51:64:fd:99:
18:16:62:90:a3:85:7c:79:6b:67:96:2e:90:2b:6f:
47:49:bf:b6:9a:b6:98:6e:e0:e5:44:73:cd:e5:b8:
69:d7:67:5c:3e:da:92:02:b3:e0:a2:c5:db:b6:3e:
15:ce:fd:3c:ff:ec:31:d1:2e:d2:17:ce:10:0f:28:
65:e2:af:0c:d6:77:68:b6:41:2b:c5:cd:05:cc:55:
10:87:42:09:dd:d5:ff:54:b9:eb:4a:37:8a:56:53:
ac:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:60:E1:3B:E5:75:EA:E3:5B:46:32:61:61:8B:0E:EE:74:E9:4D:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
6a:a7:95:21:18:26:bb:e9:1f:ac:67:86:db:52:ca:26:7f:fa:
14:ed:b4:44:cf:b1:b0:60:cd:b3:47:b5:ac:99:d7:1e:2b:5f:
7a:ee:bd:30:5b:f1:1e:75:32:be:7d:e0:a9:b7:8e:e9:1a:cc:
51:f7:69:06:ce:af:87:ff:33:d8:15:e0:43:bd:d0:2c:45:3e:
2a:28:4a:9f:d5:63:56:81:b8:73:80:b1:66:94:08:2d:ee:2c:
f6:4d:73:40:9c:81:c8:6c:8c:ad:31:6f:97:e1:d3:66:ba:b4:
2d:4e:72:97:11:ea:1b:92:2c:5a:e3:10:40:30:a6:96:65:8d:
91:e7:7c:14:07:b8:0b:74:16:41:a7:fc:5d:07:ab:f7:42:5b:
36:1d:c0:0c:ec:92:d8:a3:a5:8b:bc:9a:84:3d:ce:f5:c6:a1:
bf:88:4a:06:36:00:37:93:f0:50:33:b3:65:19:98:fb:93:ad:
9c:74:9a:89:44:e2:1e:99:23:6e:4e:e0:5f:6f:f1:c5:58:d9:
70:f4:58:df:be:82:85:2a:a5:3f:e1:f3:e0:98:21:dc:b9:39:
75:82:3b:45:6d:8f:8d:fa:61:6c:c2:70:78:41:e5:6c:38:fa:
af:36:67:b9:7a:17:d1:22:60:fd:a5:ec:82:22:c2:ae:70:f5:
a9:5d:39:04
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMMVDy/B2OS4pK3zsbnyN/7Vwu2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1ZTZiYzExMTczMzE3ZGIzNTMyZDMzODdmMmUzYjY1ZmE4NzFlMWFmZWJk
ZGVlZmNiOTRiZGZlNTMzNjFhNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5qHgUB7U9giuDtJr5wsIKk3SlBrx8q1xwUxbAgewr3KRkB8PLCP3r5OSqu
1JX8FIyHoDEh0JkwNmNvKTG5KeScq10Tdxg5+WNP+njXrf0PHleYW3HA0RiMsfsx
iBczdi7N8R1EaMhPk3RjVtq9z67ft9isO9IlGmWOsL+5s4ZXrJUdPbfu5UVgFszW
rOvne6vqWRK0Ovx8J5y8jcURb31RZP2ZGBZikKOFfHlrZ5YukCtvR0m/tpq2mG7g
5URzzeW4addnXD7akgKz4KLF27Y+Fc79PP/sMdEu0hfOEA8oZeKvDNZ3aLZBK8XN
BcxVEIdCCd3V/1S560o3ilZTrB8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQDYOE7
5XXq41tGMmFhiw7udOlNPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFhMzg0ODYtY2Q1My00ZjQ4LTg5MWQtYTAxOTFlZGYwNGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAaqeVIRgmu+kfrGeG21LKJn/6FO20RM+xsGDN
s0e1rJnXHitfeu69MFvxHnUyvn3gqbeO6RrMUfdpBs6vh/8z2BXgQ73QLEU+KihK
n9VjVoG4c4CxZpQILe4s9k1zQJyByGyMrTFvl+HTZrq0LU5ylxHqG5IsWuMQQDCm
lmWNked8FAe4C3QWQaf8XQer90JbNh3ADOyS2KOli7yahD3O9cahv4hKBjYAN5Pw
UDOzZRmY+5OtnHSaiUTiHpkjbk7gX2/xxVjZcPRY376ChSqlP+Hz4Jgh3Lk5dYI7
RW2PjfphbMJweEHlbDj6rzZnuXoX0SJg/aXsgiLCrnD1qV05BA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:19 2025 by rpki-client