Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
File: 278dd4fa-de02-446c-a4ac-184c5f35a577.roa (raw, json)
Hash identifier: aTpO3gLakfmKQ/ytz4051tEfy66pzYFe203ES5NfTXY=
Subject key identifier: 76:33:37:44:E6:1C:54:17:18:21:19:C0:B5:7B:B9:82:E1:6F:E6:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D2CD828BC4116D3032997A3A756FEB3F47CF7D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
Signing time: Tue 20 May 2025 19:10:50 +0000
ROA not before: Tue 20 May 2025 19:10:50 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:2c:d8:28:bc:41:16:d3:03:29:97:a3:a7:56:fe:b3:f4:7c:f7:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:50 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=51079ff2631f37b1130c121bf14fc8e2727812ddc71ac86eae7bf77708881573, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:96:9d:5a:05:b8:86:0c:c6:89:7d:f2:60:8b:
ab:d9:84:74:f1:13:d1:a2:6d:fa:69:52:69:d1:55:
b9:4a:0e:02:72:34:9f:a5:ec:6f:52:76:91:bc:37:
40:d6:3e:39:ae:22:eb:24:d8:10:37:3b:43:90:c0:
36:f0:14:41:b7:9b:e9:d2:36:a6:50:34:27:f5:be:
ed:6e:94:8c:0f:99:4d:97:a6:16:f5:eb:19:21:bd:
bd:df:ac:c2:64:c1:d1:fa:95:83:42:ef:f9:db:84:
01:a2:4d:00:a2:c2:28:30:2b:aa:a7:20:b2:cd:be:
35:c7:8c:b2:b7:00:6f:b0:30:d7:eb:19:ea:82:7e:
21:6f:1b:05:81:97:5a:5e:c4:1d:23:df:f8:f8:65:
4d:dd:e5:77:ef:53:44:24:ab:ea:9b:c9:24:e1:17:
6e:68:7b:60:71:ee:af:67:11:a7:18:d7:7f:91:e2:
03:08:14:61:f0:ab:f0:e4:9b:5b:2e:e1:e1:ad:85:
b1:d2:ce:bf:d2:f9:be:8c:33:e1:c4:95:fe:22:a1:
59:78:44:fa:88:d4:53:81:82:68:ef:3e:c9:24:75:
24:9c:90:57:ec:c4:60:bc:9d:d8:d6:d3:a1:20:99:
9c:2b:c9:6a:31:86:29:bb:1c:c7:a5:c3:c3:67:a8:
ad:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:33:37:44:E6:1C:54:17:18:21:19:C0:B5:7B:B9:82:E1:6F:E6:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
10:ac:d8:d3:47:c3:a6:21:68:84:95:f1:43:f7:76:5f:51:b3:
4a:bb:b5:fc:c5:c4:c0:ee:c7:86:48:aa:59:c2:00:a0:0b:87:
c6:b0:3b:ba:a4:98:36:e2:96:7a:47:3d:0a:f0:df:4e:e8:a1:
93:97:90:18:63:58:22:27:75:42:e0:0c:f8:7d:37:d6:04:69:
34:44:75:46:21:ca:09:17:d0:96:ad:e6:11:2c:09:49:d7:c9:
9f:33:f8:bc:cd:bf:a6:d3:c9:73:dc:26:2d:88:11:fd:ae:fc:
91:c1:74:7c:9e:67:98:d4:6d:ae:64:f0:27:3d:c1:97:b2:ac:
1a:03:8a:9d:c7:9e:16:05:e9:73:d2:c5:04:d6:40:78:8c:b4:
37:83:69:8b:4a:49:ed:29:c6:2f:35:5e:cc:02:b7:42:af:ae:
dd:86:90:47:95:37:1d:de:9c:25:bd:fa:b6:c3:58:c5:57:e1:
97:a8:50:e3:d4:dc:61:16:19:70:2a:f8:2b:3f:f0:a7:99:aa:
e3:86:4a:96:09:7b:42:11:16:13:b5:87:78:6d:8e:15:78:7a:
58:bd:02:24:1f:15:52:56:8d:b0:69:73:79:35:5f:b1:cc:2c:
f8:3e:2f:e2:67:2c:f6:83:19:32:04:34:3e:0e:42:a6:07:b0:
cd:e1:37:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPSzYKLxBFtMDKZejp1b+s/R899QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwNTBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxMDc5ZmYyNjMxZjM3YjExMzBjMTIxYmYxNGZjOGUyNzI3ODEyZGRjNzFh
Yzg2ZWFlN2JmNzc3MDg4ODE1NzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGWnVoFuIYMxol98mCLq9mEdPET0aJt+mlSadFVuUoOAnI0n6Xsb1J2kbw3
QNY+Oa4i6yTYEDc7Q5DANvAUQbeb6dI2plA0J/W+7W6UjA+ZTZemFvXrGSG9vd+s
wmTB0fqVg0Lv+duEAaJNAKLCKDArqqcgss2+NceMsrcAb7Aw1+sZ6oJ+IW8bBYGX
Wl7EHSPf+PhlTd3ld+9TRCSr6pvJJOEXbmh7YHHur2cRpxjXf5HiAwgUYfCr8OSb
Wy7h4a2FsdLOv9L5vowz4cSV/iKhWXhE+ojUU4GCaO8+ySR1JJyQV+zEYLyd2NbT
oSCZnCvJajGGKbscx6XDw2eorckCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2MzdE
5hxUFxghGcC1e7mC4W/m3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4ZGQ0ZmEtZGUwMi00NDZjLWE0YWMtMTg0YzVmMzVhNTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+g
MA0GCSqGSIb3DQEBCwUAA4IBAQAQrNjTR8OmIWiElfFD93ZfUbNKu7X8xcTA7seG
SKpZwgCgC4fGsDu6pJg24pZ6Rz0K8N9O6KGTl5AYY1giJ3VC4Az4fTfWBGk0RHVG
IcoJF9CWreYRLAlJ18mfM/i8zb+m08lz3CYtiBH9rvyRwXR8nmeY1G2uZPAnPcGX
sqwaA4qdx54WBelz0sUE1kB4jLQ3g2mLSkntKcYvNV7MArdCr67dhpBHlTcd3pwl
vfq2w1jFV+GXqFDj1NxhFhlwKvgrP/CnmarjhkqWCXtCERYTtYd4bY4VeHpYvQIk
HxVSVo2waXN5NV+xzCz4Pi/iZyz2gxkyBDQ+DkKmB7DN4TcS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:34 2025 by rpki-client