Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
File: 1d9a8425-e89b-4598-a680-84c5b341edfd.roa (raw, json)
Hash identifier: wfDZVDCzxO/gKJ647ZMe2fvm4Q8wl6otSEzoeEP077U=
Subject key identifier: DD:BC:EB:A6:E0:3D:3C:26:3B:56:BF:DD:BA:86:69:DB:C1:32:8C:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06B340FC7EE887BB976742020D40A8877B4BE7C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
Signing time: Tue 20 May 2025 20:00:18 +0000
ROA not before: Tue 20 May 2025 20:00:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:b3:40:fc:7e:e8:87:bb:97:67:42:02:0d:40:a8:87:7b:4b:e7:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a641ff691f1c1fe191343c060ee529a427032e527985829a4feeed94e0f131ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:de:9c:b7:32:82:9c:8d:cd:ba:ef:e2:b0:54:
12:3b:1b:6b:99:e6:6a:85:03:07:57:52:bb:cf:3c:
39:be:da:8c:64:f7:e9:00:b5:ab:68:f4:5c:7a:ea:
b8:c6:1a:cc:86:7f:56:da:e9:32:47:d9:c3:df:15:
bc:95:13:96:e4:4a:c6:e4:27:08:d4:91:4e:27:68:
d3:63:05:fd:61:86:a0:c1:84:6f:d3:f0:52:03:87:
95:1b:c3:8b:1e:db:9d:a7:17:0f:b4:fc:91:c2:b9:
61:77:1a:1b:4f:cb:2f:0b:dd:15:0d:01:fa:d3:f3:
40:d0:99:52:e1:2d:05:09:b5:c5:d6:27:63:a4:ec:
c0:71:54:89:90:06:18:ba:c7:06:cd:2a:7f:4c:66:
a5:3a:f6:40:2b:73:29:2f:a7:f0:26:35:9c:e4:aa:
fe:5b:46:75:1d:04:bf:bf:02:22:f4:10:30:06:c9:
96:56:a2:50:ac:a1:92:9a:c7:af:b7:f8:4c:54:16:
f3:10:3b:3a:54:a0:fd:4d:62:ae:33:80:10:d4:e3:
b4:ea:fc:ef:7d:49:e3:5d:e4:39:61:d1:01:41:d7:
6f:2d:95:ed:bc:41:2b:2d:52:85:73:ee:aa:9b:27:
24:25:bb:74:54:31:e2:fd:f2:bd:1c:81:3f:11:ee:
3e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BC:EB:A6:E0:3D:3C:26:3B:56:BF:DD:BA:86:69:DB:C1:32:8C:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:d2:c4:5b:65:34:3a:58:5a:d4:e0:6d:5d:ea:c7:19:3d:d6:
62:26:e7:f0:00:fa:90:01:23:10:6a:4e:45:27:ab:b4:37:b1:
90:5f:ce:93:7c:a1:8c:c1:10:ba:f6:31:44:e9:cb:25:fe:91:
7e:e6:8f:35:ae:65:1c:75:f6:ff:95:4a:bb:cc:28:0a:45:f7:
dc:30:db:6c:09:bd:a0:c7:65:e8:32:6f:ba:6a:62:05:23:3e:
00:bc:e1:0f:30:bf:77:eb:30:6f:da:9f:05:b2:d0:11:84:6b:
05:50:01:28:5c:a6:73:83:7e:36:7a:ca:78:89:85:56:af:98:
43:3e:fa:02:e8:b7:91:64:bc:7b:05:09:82:d7:d1:8e:42:66:
96:cc:bd:88:ee:95:bd:9b:1c:6b:75:5c:48:99:3d:a5:3f:92:
59:6a:91:81:77:80:86:32:bb:f1:ec:fd:78:b1:8a:e1:2c:15:
52:96:8d:22:52:59:a1:42:68:01:45:1c:51:f8:30:52:a6:d4:
dc:da:da:b0:89:4d:cc:c9:0e:95:55:9b:5b:60:63:58:66:9c:
f0:d4:60:73:78:80:a6:a9:76:54:f9:3c:c4:11:90:7c:f4:8d:
c5:8d:0a:5e:c2:91:03:13:fa:d4:2d:32:d4:1d:8c:fd:2e:e5:
e0:48:90:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBrNA/H7oh7uXZ0ICDUCoh3tL58UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2NDFmZjY5MWYxYzFmZTE5MTM0M2MwNjBlZTUyOWE0MjcwMzJlNTI3OTg1
ODI5YTRmZWVlZDk0ZTBmMTMxZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjenLcygpyNzbrv4rBUEjsba5nmaoUDB1dSu888Ob7ajGT36QC1q2j0XHrq
uMYazIZ/VtrpMkfZw98VvJUTluRKxuQnCNSRTido02MF/WGGoMGEb9PwUgOHlRvD
ix7bnacXD7T8kcK5YXcaG0/LLwvdFQ0B+tPzQNCZUuEtBQm1xdYnY6TswHFUiZAG
GLrHBs0qf0xmpTr2QCtzKS+n8CY1nOSq/ltGdR0Ev78CIvQQMAbJllaiUKyhkprH
r7f4TFQW8xA7OlSg/U1irjOAENTjtOr8731J413kOWHRAUHXby2V7bxBKy1ShXPu
qpsnJCW7dFQx4v3yvRyBPxHuPuECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdvOum
4D08JjtWv926hmnbwTKM1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ5YTg0MjUtZTg5Yi00NTk4LWE2ODAtODRjNWIzNDFlZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAg
MA0GCSqGSIb3DQEBCwUAA4IBAQDJ0sRbZTQ6WFrU4G1d6scZPdZiJufwAPqQASMQ
ak5FJ6u0N7GQX86TfKGMwRC69jFE6csl/pF+5o81rmUcdfb/lUq7zCgKRffcMNts
Cb2gx2XoMm+6amIFIz4AvOEPML936zBv2p8FstARhGsFUAEoXKZzg342esp4iYVW
r5hDPvoC6LeRZLx7BQmC19GOQmaWzL2I7pW9mxxrdVxImT2lP5JZapGBd4CGMrvx
7P14sYrhLBVSlo0iUlmhQmgBRRxR+DBSptTc2tqwiU3MyQ6VVZtbYGNYZpzw1GBz
eICmqXZU+TzEEZB89I3FjQpewpEDE/rULTLUHYz9LuXgSJBU
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:27 2025 by rpki-client