Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
File: 288fb7c1-6c49-475a-9dd0-2637b4e09492.roa (raw, json)
Hash identifier: CnlHnxu467MRAqjcLudNJWb5nzZEQV4uF4zprC7Jy8k=
Subject key identifier: 50:F3:D2:69:2D:3E:0E:50:5C:C1:09:F1:8E:1B:85:61:57:56:43:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5ADF827159382DAC626279107BC3A3395C9107FD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
Signing time: Tue 20 May 2025 20:20:18 +0000
ROA not before: Tue 20 May 2025 20:20:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:df:82:71:59:38:2d:ac:62:62:79:10:7b:c3:a3:39:5c:91:07:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:20:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=39b4db706e38afdf1e18f0c3192170a7c3471db271c384c59e5103f3c83723b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4a:15:d3:97:96:0a:61:99:06:0c:00:92:04:
6f:e9:a7:ee:d2:06:15:fc:7c:cc:87:51:82:ba:55:
9a:ca:0b:96:cf:da:63:99:3f:6a:40:34:12:4c:5a:
bd:bf:b1:b0:9e:e4:af:e2:d9:5a:92:25:87:cc:14:
0f:21:16:56:05:b5:7a:f7:4f:e7:f8:5b:12:cb:73:
20:71:32:3f:ff:c2:6c:d4:71:98:6d:b0:bb:2e:f0:
85:e1:88:bc:80:53:33:a1:15:9d:2c:88:9b:5c:92:
fa:90:90:ca:ad:4c:d6:9c:0a:d2:c2:47:5a:72:42:
0f:96:f1:df:03:88:2c:af:45:76:3f:9d:c7:34:83:
1b:7f:6f:95:45:f2:07:7d:f8:6c:3e:f9:1f:22:07:
59:30:16:a5:5d:d2:67:63:a5:80:4a:d1:22:ee:9f:
1e:d4:af:f9:61:3b:a5:07:c5:c0:07:43:f3:d6:03:
ca:c4:ee:31:6c:d0:ff:45:a2:26:e9:ff:aa:b1:80:
58:ad:ae:bd:b3:96:32:31:43:96:03:a9:f1:68:58:
f7:96:4a:4d:97:ec:54:41:30:31:1c:3b:45:24:a4:
7c:6a:66:30:01:6c:42:d7:79:e5:e2:83:d4:e7:10:
65:fa:1c:74:41:44:6f:15:84:c3:7d:de:a0:dc:d2:
e0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F3:D2:69:2D:3E:0E:50:5C:C1:09:F1:8E:1B:85:61:57:56:43:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:400::/38
Signature Algorithm: sha256WithRSAEncryption
5f:d8:53:8f:a2:55:7d:b3:f7:66:86:1c:d8:2a:5f:2e:48:60:
d1:7c:62:e5:cc:3c:fb:ae:9e:3e:92:72:f1:fa:e9:47:f4:8f:
7f:67:f4:73:2e:fd:b4:c5:45:fb:fd:48:fb:bd:02:a1:e7:0d:
fc:4c:d5:42:34:cd:26:e8:00:66:f5:85:46:7d:27:72:ba:68:
8a:47:5d:fa:9f:8f:5e:67:e0:8a:81:55:c5:d6:be:f1:7e:48:
ed:58:ad:c0:39:6e:1a:d3:66:14:a0:3e:d9:70:04:3f:d5:ae:
ef:5f:aa:94:8e:fd:5a:79:8f:21:fe:62:e9:e5:cb:d7:75:45:
6f:d4:3d:5e:df:90:24:df:f6:23:1a:e6:92:c9:cf:99:84:be:
76:d1:b8:cc:7d:de:f6:97:68:df:e8:bd:78:ce:83:2e:7f:c2:
97:3e:76:d2:1d:01:7b:74:2d:58:f2:51:ec:aa:58:07:12:41:
f1:79:65:60:f4:ff:5d:81:35:41:98:2f:b5:26:1f:be:eb:66:
c6:bf:b8:77:54:1c:02:ba:57:2b:fa:73:f3:58:dd:98:d2:92:
5d:47:69:86:fc:56:4f:61:22:46:16:87:31:b4:21:c4:0e:85:
69:bf:f3:12:d9:c5:72:bd:9a:03:c7:64:80:d8:b9:a4:f5:58:
73:31:09:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWt+CcVk4LaxiYnkQe8OjOVyRB/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIwMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5YjRkYjcwNmUzOGFmZGYxZTE4ZjBjMzE5MjE3MGE3YzM0NzFkYjI3MWMz
ODRjNTllNTEwM2YzYzgzNzIzYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBKFdOXlgphmQYMAJIEb+mn7tIGFfx8zIdRgrpVmsoLls/aY5k/akA0Ekxa
vb+xsJ7kr+LZWpIlh8wUDyEWVgW1evdP5/hbEstzIHEyP//CbNRxmG2wuy7wheGI
vIBTM6EVnSyIm1yS+pCQyq1M1pwK0sJHWnJCD5bx3wOILK9Fdj+dxzSDG39vlUXy
B334bD75HyIHWTAWpV3SZ2OlgErRIu6fHtSv+WE7pQfFwAdD89YDysTuMWzQ/0Wi
Jun/qrGAWK2uvbOWMjFDlgOp8WhY95ZKTZfsVEEwMRw7RSSkfGpmMAFsQtd55eKD
1OcQZfocdEFEbxWEw33eoNzS4BMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRQ89Jp
LT4OUFzBCfGOG4VhV1ZDRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg4ZmI3YzEtNmM0OS00NzVhLTlkZDAtMjYzN2I0ZTA5NDkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4E
MA0GCSqGSIb3DQEBCwUAA4IBAQBf2FOPolV9s/dmhhzYKl8uSGDRfGLlzDz7rp4+
knLx+ulH9I9/Z/RzLv20xUX7/Uj7vQKh5w38TNVCNM0m6ABm9YVGfSdyumiKR136
n49eZ+CKgVXF1r7xfkjtWK3AOW4a02YUoD7ZcAQ/1a7vX6qUjv1aeY8h/mLp5cvX
dUVv1D1e35Ak3/YjGuaSyc+ZhL520bjMfd72l2jf6L14zoMuf8KXPnbSHQF7dC1Y
8lHsqlgHEkHxeWVg9P9dgTVBmC+1Jh++62bGv7h3VBwCulcr+nPzWN2Y0pJdR2mG
/FZPYSJGFocxtCHEDoVpv/MS2cVyvZoDx2SA2Lmk9VhzMQk9
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:30 2025 by rpki-client