Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d232961-eb43-42b7-908c-1226b1f4eeac.roa
File: 1d232961-eb43-42b7-908c-1226b1f4eeac.roa (raw, json)
Hash identifier: ZVRAyg+rCpLkJj//0bCJ+6k0CxBcPJcYViMwdqv/CFk=
Subject key identifier: E2:A5:63:2E:F0:6D:97:53:AE:41:C6:AC:21:13:6F:59:FC:78:40:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1470035F4530DA29984ACEA5F36B20E6CB21F4A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d232961-eb43-42b7-908c-1226b1f4eeac.roa
Signing time: Tue 10 Jun 2025 17:20:37 +0000
ROA not before: Tue 10 Jun 2025 17:20:37 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:70:03:5f:45:30:da:29:98:4a:ce:a5:f3:6b:20:e6:cb:21:f4:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:37 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=cb9b0e104770a9c1399b51796a9b63bec8df3ac0effe59f91b8e27be61684f9d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c0:da:72:6b:db:9e:13:8b:9d:e2:a5:30:00:
c0:f7:a5:16:08:b0:9d:da:00:27:0a:0d:69:fd:16:
41:8a:f8:63:18:55:43:fb:61:e0:a5:81:ae:b3:ae:
d1:db:6b:f5:ba:87:6c:5e:61:8f:21:2e:0d:4c:26:
48:d3:a4:27:c9:ad:77:93:7f:b6:26:da:78:c1:d5:
20:75:4d:0d:3b:4c:cd:c8:3f:11:f9:62:68:fc:c2:
7a:d0:67:1b:3a:f5:92:a1:f1:4f:d8:d3:33:59:b5:
0b:ab:5a:45:96:c2:04:70:72:70:8a:f5:a6:be:45:
d8:1e:56:51:12:27:2f:a7:77:fe:be:df:82:4f:c7:
9e:86:72:30:73:b3:e7:18:e6:eb:b1:04:14:54:b8:
2d:19:d7:8c:79:03:d6:6f:d1:ef:80:3c:12:15:d1:
73:e1:09:6e:24:c6:13:fe:ed:68:cb:d4:cf:21:b6:
05:76:ed:24:f1:7c:57:ef:b9:30:c8:c0:42:f1:f3:
d5:64:a3:24:f4:bd:ca:6e:83:61:ef:22:67:7c:7d:
d5:5c:04:91:30:47:59:43:c1:46:8e:07:e2:05:c9:
98:de:e3:d8:2d:b5:e6:1f:65:b4:fc:18:5a:0d:98:
cf:3f:ec:4b:f5:2d:d8:b5:c0:32:09:2d:b6:00:5e:
9f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A5:63:2E:F0:6D:97:53:AE:41:C6:AC:21:13:6F:59:FC:78:40:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d232961-eb43-42b7-908c-1226b1f4eeac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
9e:b4:0b:52:18:f2:e8:85:4b:e6:54:8a:75:bc:9a:cc:90:82:
b4:8c:23:6b:90:12:80:de:36:8c:ba:6e:3c:f9:5d:ea:01:f1:
c2:aa:22:e3:f1:1a:ec:61:b2:e7:40:93:e6:15:17:4b:13:d3:
35:01:4e:e4:71:f9:36:d1:63:1b:82:14:0d:9f:5a:c1:bb:bc:
9b:6a:77:f2:b7:bf:13:4d:e9:e6:8b:f8:02:06:ea:c2:94:ea:
10:ef:fd:1e:45:c6:e6:3e:d9:86:b2:db:1a:06:f0:6c:a7:0e:
fb:77:48:0f:e5:64:51:2e:62:66:af:11:cd:d1:9f:28:62:8b:
d0:d1:a3:5e:a1:2f:75:54:01:4b:f2:22:97:1b:f5:76:5d:f6:
4c:db:15:8f:c6:5e:80:68:48:64:a9:77:22:b1:4e:a1:cc:fd:
03:e5:78:3c:07:45:3d:ef:d2:9c:05:b5:dc:cd:04:83:fd:5c:
3f:27:b5:9d:7a:e1:9c:0c:95:3b:60:92:ad:4c:80:2c:b2:a8:
15:8b:47:1f:f7:04:af:ee:7d:7e:b2:92:f5:7a:16:58:27:a6:
8c:05:8e:cc:40:5b:35:03:c0:e7:39:c5:a6:30:4c:89:7e:41:
b4:bc:55:66:f4:c4:9e:58:6a:54:ca:8f:91:68:fd:3e:37:0f:
8a:de:1e:48
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUFHADX0Uw2imYSs6l82sg5ssh9KAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMzdaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiOWIwZTEwNDc3MGE5YzEzOTliNTE3OTZhOWI2M2JlYzhkZjNhYzBlZmZl
NTlmOTFiOGUyN2JlNjE2ODRmOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjA2nJr254Ti53ipTAAwPelFgiwndoAJwoNaf0WQYr4YxhVQ/th4KWBrrOu
0dtr9bqHbF5hjyEuDUwmSNOkJ8mtd5N/tibaeMHVIHVNDTtMzcg/EfliaPzCetBn
Gzr1kqHxT9jTM1m1C6taRZbCBHBycIr1pr5F2B5WURInL6d3/r7fgk/HnoZyMHOz
5xjm67EEFFS4LRnXjHkD1m/R74A8EhXRc+EJbiTGE/7taMvUzyG2BXbtJPF8V++5
MMjAQvHz1WSjJPS9ym6DYe8iZ3x91VwEkTBHWUPBRo4H4gXJmN7j2C215h9ltPwY
Wg2Yzz/sS/Ut2LXAMgkttgBen1ECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTipWMu
8G2XU65BxqwhE29Z/HhA3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQyMzI5NjEtZWI0My00MmI3LTkwOGMtMTIyNmIxZjRlZWFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBAJ60C1IY8uiFS+ZUinW8msyQgrSMI2uQEoDeNoy6
bjz5XeoB8cKqIuPxGuxhsudAk+YVF0sT0zUBTuRx+TbRYxuCFA2fWsG7vJtqd/K3
vxNN6eaL+AIG6sKU6hDv/R5FxuY+2Yay2xoG8GynDvt3SA/lZFEuYmavEc3Rnyhi
i9DRo16hL3VUAUvyIpcb9XZd9kzbFY/GXoBoSGSpdyKxTqHM/QPleDwHRT3v0pwF
tdzNBIP9XD8ntZ164ZwMlTtgkq1MgCyyqBWLRx/3BK/ufX6ykvV6FlgnpowFjsxA
WzUDwOc5xaYwTIl+QbS8VWb0xJ5YalTKj5Fo/T43D4reHkg=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:21 2025 by rpki-client