Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
File: 27140a0d-612c-4da4-a60a-55c28faff6fe.roa (raw, json)
Hash identifier: 81J5cVb5SlXeu9J1/y38bM9lw1j5dJ7n4yDsJaosQzg=
Subject key identifier: D6:B7:85:E5:F0:1B:50:6D:88:25:C5:9E:F7:84:07:E6:69:BF:F1:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D313BCED4A98144054C188EDF022E083C8D50BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
Signing time: Fri 23 May 2025 00:41:24 +0000
ROA not before: Fri 23 May 2025 00:41:24 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:31:3b:ce:d4:a9:81:44:05:4c:18:8e:df:02:2e:08:3c:8d:50:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:24 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=200ca428350af1a65f8504dfbea108b9e52e8c2e1d863300b8a4374e6e6427da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:bf:4c:35:27:c7:4e:cd:8d:a6:0a:a0:49:b3:
bb:95:be:fc:9a:c1:a6:5c:bc:db:ff:4f:99:3c:cf:
e2:e0:61:c4:73:d3:f9:ad:e8:23:eb:5a:9f:31:30:
8c:15:b9:27:a5:a2:d5:50:7a:3d:b2:95:04:40:29:
4d:dc:61:72:42:58:de:4b:43:d8:d8:b9:51:3b:33:
01:fa:ca:a6:df:d6:49:6a:03:7a:ca:90:26:64:0c:
ed:e8:f0:ea:d3:4b:e9:2d:a6:6f:f9:19:c8:ab:33:
32:21:d9:a6:eb:79:0d:5c:fe:d6:74:76:f8:63:b2:
c5:8c:41:3c:d4:76:00:dd:0c:df:c8:ae:1e:32:a9:
c2:99:f0:df:8b:5e:95:13:07:29:55:d8:ad:4c:80:
5c:31:18:e9:2a:e6:0d:fd:94:fb:fe:19:18:4b:1c:
1b:13:96:38:dd:54:82:ef:2a:b7:b9:3f:4e:c5:c8:
75:ff:59:8b:e4:52:8f:0d:6b:d0:48:b2:5b:f6:74:
07:9a:e9:da:73:88:63:a5:61:74:0e:60:da:f9:38:
4f:13:8d:7e:fe:6b:65:c1:ed:10:ad:9c:b6:1e:07:
9b:57:77:5c:32:52:48:63:8f:da:61:ed:f4:62:9a:
6e:e3:25:10:22:2d:cc:0e:2f:1d:d6:d8:bc:09:6a:
85:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B7:85:E5:F0:1B:50:6D:88:25:C5:9E:F7:84:07:E6:69:BF:F1:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:86:a2:4f:71:82:60:71:ea:61:97:67:b4:48:01:e4:99:7b:
84:8e:ee:2c:47:f8:b0:05:90:1b:c5:7f:76:88:8a:9b:aa:1c:
99:ff:7e:20:34:f6:5f:0f:9f:a8:92:8d:03:0b:bd:63:16:60:
6c:7d:23:0f:78:38:2b:6f:26:70:fc:12:28:29:5f:f2:dd:d7:
35:50:95:69:cc:e7:14:15:5c:2a:66:88:34:6b:73:12:54:1c:
1a:91:0c:fc:ca:9d:5c:3f:82:ba:5e:58:a6:d4:1d:48:87:0e:
34:0b:6b:10:7b:3d:3c:76:5b:15:41:29:69:bc:fa:f9:91:98:
28:d2:85:bc:29:40:09:55:c3:a0:17:a3:4a:ea:ff:8f:2d:8d:
8e:36:0b:7c:30:d8:85:0f:f3:df:d0:94:4e:a1:5e:b8:82:ad:
de:39:1d:a7:fa:5e:48:cc:78:ec:44:92:bf:29:5b:ce:46:9a:
d9:08:9a:40:3d:b7:17:d1:78:50:4b:33:9b:40:dc:b5:eb:36:
88:b3:6f:58:6b:d2:4d:59:4b:24:3d:1e:b3:a8:4c:fc:12:bf:
69:b4:16:0f:ed:95:e8:6d:2d:47:6e:83:ef:aa:d1:1c:f2:8a:
f4:ba:c0:5b:5b:87:7b:fd:04:ad:aa:7b:44:21:b9:08:36:5b:
65:7d:ce:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPTE7ztSpgUQFTBiO3wIuCDyNULswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMjRaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwMGNhNDI4MzUwYWYxYTY1Zjg1MDRkZmJlYTEwOGI5ZTUyZThjMmUxZDg2
MzMwMGI4YTQzNzRlNmU2NDI3ZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANe/TDUnx07NjaYKoEmzu5W+/JrBply82/9PmTzP4uBhxHPT+a3oI+tanzEw
jBW5J6Wi1VB6PbKVBEApTdxhckJY3ktD2Ni5UTszAfrKpt/WSWoDesqQJmQM7ejw
6tNL6S2mb/kZyKszMiHZput5DVz+1nR2+GOyxYxBPNR2AN0M38iuHjKpwpnw34te
lRMHKVXYrUyAXDEY6SrmDf2U+/4ZGEscGxOWON1Ugu8qt7k/TsXIdf9Zi+RSjw1r
0EiyW/Z0B5rp2nOIY6VhdA5g2vk4TxONfv5rZcHtEK2cth4Hm1d3XDJSSGOP2mHt
9GKabuMlECItzA4vHdbYvAlqhYsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWt4Xl
8BtQbYglxZ73hAfmab/x5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjcxNDBhMGQtNjEyYy00ZGE0LWE2MGEtNTVjMjhmYWZmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQDJhqJPcYJgcephl2e0SAHkmXuEju4sR/iwBZAb
xX92iIqbqhyZ/34gNPZfD5+oko0DC71jFmBsfSMPeDgrbyZw/BIoKV/y3dc1UJVp
zOcUFVwqZog0a3MSVBwakQz8yp1cP4K6Xlim1B1Ihw40C2sQez08dlsVQSlpvPr5
kZgo0oW8KUAJVcOgF6NK6v+PLY2ONgt8MNiFD/Pf0JROoV64gq3eOR2n+l5IzHjs
RJK/KVvORprZCJpAPbcX0XhQSzObQNy16zaIs29Ya9JNWUskPR6zqEz8Er9ptBYP
7ZXobS1HboPvqtEc8or0usBbW4d7/QStqntEIbkINltlfc6a
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:49 2025 by rpki-client