Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
File: 1ec007f6-6684-43b6-8751-2e5b258a98b3.roa (raw, json)
Hash identifier: z9WToUueedpiMk0rmx5i4hJMcsAeMMU50v8WRv7acWw=
Subject key identifier: 92:FE:3A:21:3D:12:BF:B1:4B:76:4A:D9:7E:AF:E1:41:E6:FD:2A:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E8BDB04BCE5E120F59FD7B0965D66004B9B97C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
Signing time: Tue 20 May 2025 20:00:13 +0000
ROA not before: Tue 20 May 2025 20:00:13 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:8b:db:04:bc:e5:e1:20:f5:9f:d7:b0:96:5d:66:00:4b:9b:97:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:13 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5e60fc35ceec42628c01d2a0bee6bfe0c5be0bf63cad3f9953d3ac491688e371, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f2:21:56:fc:1d:f1:98:9b:01:40:f8:d7:fd:
68:a7:dd:57:2b:1e:3f:d1:ca:9f:f1:36:7e:32:80:
61:dd:96:f7:c2:b3:0d:ac:56:f6:dd:b2:a0:6f:ed:
41:28:bc:18:5e:3d:86:04:8c:55:ce:69:9e:42:c7:
6a:44:a6:c6:04:54:d5:87:6a:67:03:f7:3b:81:2f:
73:06:d4:a1:b3:09:77:cc:a5:ad:9a:bb:bc:22:46:
65:a4:44:e8:21:46:a5:7d:5d:ad:b3:b9:3a:c2:2d:
78:7c:e2:66:b7:d9:ff:93:cf:ac:3b:52:81:5d:36:
46:9d:e8:1d:ab:71:87:bd:19:22:39:eb:bf:a0:78:
b3:1d:20:ff:9b:65:41:e0:09:9d:52:43:d2:9f:56:
73:d1:0b:67:c5:86:ff:28:40:16:1d:e0:b2:13:2f:
c1:f4:cf:46:3c:e2:10:8d:41:18:a6:6a:ee:63:ac:
96:bd:64:bd:55:da:89:9e:83:25:5c:95:3d:ae:52:
4f:9f:41:78:5d:87:03:95:12:2f:08:4a:85:f6:12:
1d:5d:72:f5:d1:ce:ac:5c:fd:d3:f4:ce:1f:9e:68:
2c:c7:23:9c:ab:94:0a:c6:79:9a:bc:8c:fc:fa:2c:
a7:38:78:e8:7b:b3:bd:54:69:46:17:c8:57:d3:72:
3d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:FE:3A:21:3D:12:BF:B1:4B:76:4A:D9:7E:AF:E1:41:E6:FD:2A:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ab:d6:f5:e1:de:dd:ad:74:5d:7d:11:60:8e:66:55:1c:c1:1d:
64:d9:e2:c8:3f:72:d7:91:f1:4e:b4:7d:d7:92:19:ca:ef:c0:
b5:a3:fe:ab:30:7c:f4:4c:11:d1:7f:99:e9:c3:9e:2b:0e:62:
7c:b4:86:ae:f9:84:f2:3e:58:4f:37:07:ac:16:44:a7:64:0b:
60:3a:2b:6b:e4:3c:c4:08:be:cf:c6:c9:46:64:c9:4d:5d:51:
75:14:25:2c:a8:c8:fa:2d:2e:88:cb:98:13:a6:43:a8:fc:08:
cb:f4:f3:04:67:60:1e:2b:14:ff:91:0e:04:72:bb:eb:f3:be:
29:f0:96:b5:88:49:f5:78:50:6a:12:63:3f:cb:23:80:c1:66:
4a:55:7e:ea:32:04:46:13:55:05:93:8f:8c:bf:c6:53:a5:61:
8f:eb:f6:6e:fe:c1:46:60:a4:07:9d:91:28:95:2c:08:dd:67:
90:01:62:90:79:25:c2:fa:46:f1:04:fe:b1:c9:34:57:17:57:
6a:d3:f1:5d:c5:39:51:5e:5f:96:47:52:65:18:e0:02:30:4c:
dc:df:6e:e6:0b:e8:78:2b:ea:2c:c4:e2:05:8f:f4:ac:18:79:
b8:ea:62:a1:29:8c:f1:c5:d8:5c:10:66:ed:80:00:a0:ba:94:
67:c6:fb:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXovbBLzl4SD1n9ewll1mAEubl8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwMTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlNjBmYzM1Y2VlYzQyNjI4YzAxZDJhMGJlZTZiZmUwYzViZTBiZjYzY2Fk
M2Y5OTUzZDNhYzQ5MTY4OGUzNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHyIVb8HfGYmwFA+Nf9aKfdVyseP9HKn/E2fjKAYd2W98KzDaxW9t2yoG/t
QSi8GF49hgSMVc5pnkLHakSmxgRU1YdqZwP3O4EvcwbUobMJd8ylrZq7vCJGZaRE
6CFGpX1drbO5OsIteHziZrfZ/5PPrDtSgV02Rp3oHatxh70ZIjnrv6B4sx0g/5tl
QeAJnVJD0p9Wc9ELZ8WG/yhAFh3gshMvwfTPRjziEI1BGKZq7mOslr1kvVXaiZ6D
JVyVPa5ST59BeF2HA5USLwhKhfYSHV1y9dHOrFz90/TOH55oLMcjnKuUCsZ5mryM
/Pospzh46HuzvVRpRhfIV9NyPZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSS/joh
PRK/sUt2Stl+r+FB5v0qyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjMDA3ZjYtNjY4NC00M2I2LTg3NTEtMmU1YjI1OGE5OGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCr1vXh3t2tdF19EWCOZlUcwR1k2eLIP3LXkfFO
tH3XkhnK78C1o/6rMHz0TBHRf5npw54rDmJ8tIau+YTyPlhPNwesFkSnZAtgOitr
5DzECL7PxslGZMlNXVF1FCUsqMj6LS6Iy5gTpkOo/AjL9PMEZ2AeKxT/kQ4Ecrvr
874p8Ja1iEn1eFBqEmM/yyOAwWZKVX7qMgRGE1UFk4+Mv8ZTpWGP6/Zu/sFGYKQH
nZEolSwI3WeQAWKQeSXC+kbxBP6xyTRXF1dq0/FdxTlRXl+WR1JlGOACMEzc327m
C+h4K+osxOIFj/SsGHm46mKhKYzxxdhcEGbtgACgupRnxvtD
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:08 2025 by rpki-client