Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: tijpIL9VIceW08wJVpfGJCtk/6icsYnLlUkIZSh1JYw=
Subject key identifier: 75:51:D0:DB:99:CD:93:DF:71:A4:6A:F5:F0:6E:D7:41:85:96:61:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BC54AD3BCDF7795C1F07482C6EE5D460E53BC3F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Tue 20 May 2025 20:30:12 +0000
ROA not before: Tue 20 May 2025 20:30:12 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:c5:4a:d3:bc:df:77:95:c1:f0:74:82:c6:ee:5d:46:0e:53:bc:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:12 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=80782e0261265a2e5d571f68be0111adc7b96653d61f935d0c96380e0ded49fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:12:5c:15:d4:49:4f:03:bc:f7:f2:d1:70:b6:
41:63:ff:76:af:fd:24:78:18:d2:44:90:e6:a4:d7:
d8:b1:9e:6d:90:3d:06:37:9e:5b:13:b5:53:49:60:
02:4f:7e:0d:9d:91:c7:b4:46:b6:84:0a:c6:e9:a3:
50:fe:bf:e1:66:50:9c:36:ff:bb:b3:1a:db:47:5e:
62:1e:a6:ce:e1:ad:41:c7:13:c2:29:ab:61:23:53:
e2:4e:01:03:f4:8b:27:64:7e:ea:12:8e:80:6d:25:
7a:d1:dd:b5:a0:5c:e0:2d:d3:2d:21:60:01:8e:36:
a3:53:35:cc:07:54:72:dd:28:22:fa:b6:1c:6f:21:
0b:6b:b3:be:ba:7d:70:64:40:96:e0:19:94:75:bf:
70:0b:8d:a3:7d:ff:ea:f6:de:3a:a1:14:ef:60:09:
05:43:46:b5:98:de:8b:30:15:a1:bf:36:28:95:cd:
19:fe:23:a5:9a:5b:c1:46:85:ff:8a:c4:d6:1e:b8:
4f:67:fb:3b:c4:a4:08:f7:e8:0d:49:73:84:50:13:
e0:6f:68:44:60:6e:c1:b5:65:b5:87:68:1b:89:1f:
a5:6f:f3:c3:fe:dd:32:9f:9d:8f:5c:e1:54:f5:e7:
10:95:40:cf:c9:47:84:2c:bf:15:25:30:09:78:e6:
fd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:51:D0:DB:99:CD:93:DF:71:A4:6A:F5:F0:6E:D7:41:85:96:61:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
82:95:0e:fa:b3:bf:e1:d5:0a:f6:55:c1:9c:66:be:d8:d7:c0:
0f:9e:4b:4a:49:55:ac:cc:8f:de:c3:b4:6e:5c:ec:6e:d3:f9:
b3:67:6b:61:72:a0:08:5d:84:43:cd:d1:14:76:30:e5:46:0a:
3b:6e:bb:4a:85:40:91:c0:42:94:60:93:93:03:69:07:95:a0:
10:e3:bd:18:39:42:5e:4b:a8:f9:c1:27:41:35:0b:bf:ed:e3:
cf:e8:a4:c7:c4:bf:a4:0f:5a:c3:49:5d:e0:9e:55:28:5e:e0:
fe:21:17:88:22:3c:38:df:1b:fd:a9:d9:38:3d:32:99:40:3c:
48:af:05:68:2b:ef:68:bd:b1:78:00:e3:cc:ea:0a:ab:c0:f0:
ca:de:28:7a:63:33:44:b6:55:47:f1:90:b1:f5:66:84:08:ba:
d5:f8:e8:95:09:38:24:2f:d4:a9:04:24:a1:c4:dd:0e:ce:8e:
9d:4b:74:f0:11:0f:be:4f:cf:75:f6:d2:38:e0:9e:59:bb:43:
d9:73:0d:f1:95:63:3c:ea:cc:0a:ba:53:42:a7:6c:af:56:1b:
08:55:43:37:62:be:8f:5d:ba:e8:1c:95:53:c7:1f:43:ce:55:
ea:3a:f4:be:23:0b:b0:81:fa:6b:cd:82:c0:fb:16:02:ee:29:
b0:82:ef:8a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK8VK07zfd5XB8HSCxu5dRg5TvD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwMTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNzgyZTAyNjEyNjVhMmU1ZDU3MWY2OGJlMDExMWFkYzdiOTY2NTNkNjFm
OTM1ZDBjOTYzODBlMGRlZDQ5ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsSXBXUSU8DvPfy0XC2QWP/dq/9JHgY0kSQ5qTX2LGebZA9BjeeWxO1U0lg
Ak9+DZ2Rx7RGtoQKxumjUP6/4WZQnDb/u7Ma20deYh6mzuGtQccTwimrYSNT4k4B
A/SLJ2R+6hKOgG0letHdtaBc4C3TLSFgAY42o1M1zAdUct0oIvq2HG8hC2uzvrp9
cGRAluAZlHW/cAuNo33/6vbeOqEU72AJBUNGtZjeizAVob82KJXNGf4jpZpbwUaF
/4rE1h64T2f7O8SkCPfoDUlzhFAT4G9oRGBuwbVltYdoG4kfpW/zw/7dMp+dj1zh
VPXnEJVAz8lHhCy/FSUwCXjm/YUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1UdDb
mc2T33GkavXwbtdBhZZh2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQCClQ76s7/h1Qr2VcGcZr7Y18APnktKSVWszI/e
w7RuXOxu0/mzZ2thcqAIXYRDzdEUdjDlRgo7brtKhUCRwEKUYJOTA2kHlaAQ470Y
OUJeS6j5wSdBNQu/7ePP6KTHxL+kD1rDSV3gnlUoXuD+IReIIjw43xv9qdk4PTKZ
QDxIrwVoK+9ovbF4AOPM6gqrwPDK3ih6YzNEtlVH8ZCx9WaECLrV+OiVCTgkL9Sp
BCShxN0Ozo6dS3TwEQ++T8919tI44J5Zu0PZcw3xlWM86swKulNCp2yvVhsIVUM3
Yr6PXbroHJVTxx9DzlXqOvS+IwuwgfprzYLA+xYC7imwgu+K
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:44 2025 by rpki-client