Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
File: 2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa (raw, json)
Hash identifier: pN5L0b3DOkvPEha2X8ZQlAEF1UewewzcivI3Q5iJdGg=
Subject key identifier: 5B:3D:03:0D:29:47:E3:26:39:B7:83:7B:9D:A1:8D:C3:8C:65:9D:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15EB362DDAAD9B104E760BCB714942F8621863D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
Signing time: Tue 20 May 2025 18:50:40 +0000
ROA not before: Tue 20 May 2025 18:50:40 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:eb:36:2d:da:ad:9b:10:4e:76:0b:cb:71:49:42:f8:62:18:63:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:40 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=09d1ee91e08757057f048a702d202f27c6dc46f66097e7e63fc19ae5d441cb08, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:61:85:7a:fd:02:eb:f2:b4:fe:60:c5:99:c8:
82:6f:89:d8:87:5f:cc:4b:5b:27:fe:ee:ca:e3:05:
76:b6:29:06:2d:34:6b:54:7c:26:8f:43:85:3f:3b:
bf:e1:88:41:a9:ad:5c:c3:97:83:af:22:a6:c1:b0:
80:42:43:97:50:7f:9c:13:a3:f7:ab:db:14:84:f6:
bb:9f:ec:1c:16:20:e2:17:b6:ac:34:7f:09:6d:41:
c5:8f:d6:55:94:ad:39:1d:34:07:f2:8e:cf:96:04:
09:c2:20:99:fe:2a:f9:e8:19:ea:3e:9f:b4:87:9e:
10:34:79:e0:89:e1:6e:8e:d9:e3:60:d5:18:98:94:
ff:7d:11:df:80:85:59:2b:a8:45:74:9e:36:94:aa:
3f:a3:31:20:22:3a:fe:ff:f9:2f:c2:91:db:e8:c9:
45:36:55:0c:d3:4c:2b:ab:84:a1:61:58:e9:46:9b:
7e:e3:67:3c:69:d2:d0:31:40:ed:28:26:3e:22:4d:
89:28:6f:61:1a:a7:a7:c7:ec:74:09:4d:f7:13:b7:
25:75:19:6c:89:37:0b:d6:fb:19:00:a1:d7:5c:30:
38:84:37:2f:ad:14:e0:32:a8:90:1d:8a:c2:74:8f:
96:f7:00:f5:50:ce:1f:7d:22:6a:3e:80:77:05:79:
62:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3D:03:0D:29:47:E3:26:39:B7:83:7B:9D:A1:8D:C3:8C:65:9D:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1080::/48
Signature Algorithm: sha256WithRSAEncryption
1d:a9:cd:60:f5:a9:53:22:e6:e5:37:90:c6:b0:c1:e1:3b:d3:
84:1a:4b:02:85:b6:ba:ea:7e:62:81:d0:f2:b9:1d:aa:10:50:
4a:7c:b3:64:42:40:67:2e:82:57:f6:d5:d2:6c:ed:2c:79:82:
a6:ce:14:33:92:29:23:cd:4a:f4:c9:1b:42:6e:8c:52:43:fb:
b1:45:4b:46:13:eb:2d:f4:61:99:af:09:e1:31:05:9e:86:dc:
49:37:88:d3:2f:db:45:9d:dd:5b:51:05:be:8f:07:8b:0e:02:
5e:3b:d1:3c:17:29:95:6a:56:64:6d:85:66:44:8a:12:d7:ca:
cd:eb:e7:0a:da:e6:1d:e0:3a:3a:84:51:58:3e:24:dc:9b:af:
03:6c:a3:dd:1f:91:05:2d:04:c5:22:9e:d8:b5:40:57:ed:a4:
62:11:33:4d:db:58:ac:db:93:d8:79:73:fb:b8:a7:2a:15:14:
23:98:e6:76:71:df:f6:57:74:44:c3:b0:d2:23:57:cc:7c:13:
51:25:c9:3b:15:86:37:d3:9a:8b:e2:c0:27:87:dd:84:c9:e9:
8a:6b:ed:ad:2b:3f:e1:27:fa:dc:28:ce:95:00:5d:7d:6f:ca:
50:ad:7e:b1:94:fb:fa:2c:c3:3d:26:f3:05:c8:76:9b:4b:f6:
04:ff:e2:75
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFes2LdqtmxBOdgvLcUlC+GIYY9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwNDBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5ZDFlZTkxZTA4NzU3MDU3ZjA0OGE3MDJkMjAyZjI3YzZkYzQ2ZjY2MDk3
ZTdlNjNmYzE5YWU1ZDQ0MWNiMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVhhXr9AuvytP5gxZnIgm+J2IdfzEtbJ/7uyuMFdrYpBi00a1R8Jo9DhT87
v+GIQamtXMOXg68ipsGwgEJDl1B/nBOj96vbFIT2u5/sHBYg4he2rDR/CW1BxY/W
VZStOR00B/KOz5YECcIgmf4q+egZ6j6ftIeeEDR54Inhbo7Z42DVGJiU/30R34CF
WSuoRXSeNpSqP6MxICI6/v/5L8KR2+jJRTZVDNNMK6uEoWFY6UabfuNnPGnS0DFA
7SgmPiJNiShvYRqnp8fsdAlN9xO3JXUZbIk3C9b7GQCh11wwOIQ3L60U4DKokB2K
wnSPlvcA9VDOH30iaj6AdwV5YgUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRbPQMN
KUfjJjm3g3udoY3DjGWdFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmE5M2JkYzItODIzYy00MTZhLWFjNDAtNmY2YzgyM2JjZWY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAHanNYPWpUyLm5TeQxrDB4TvThBpLAoW2uup+
YoHQ8rkdqhBQSnyzZEJAZy6CV/bV0mztLHmCps4UM5IpI81K9MkbQm6MUkP7sUVL
RhPrLfRhma8J4TEFnobcSTeI0y/bRZ3dW1EFvo8Hiw4CXjvRPBcplWpWZG2FZkSK
EtfKzevnCtrmHeA6OoRRWD4k3JuvA2yj3R+RBS0ExSKe2LVAV+2kYhEzTdtYrNuT
2Hlz+7inKhUUI5jmdnHf9ld0RMOw0iNXzHwTUSXJOxWGN9Oai+LAJ4fdhMnpimvt
rSs/4Sf63CjOlQBdfW/KUK1+sZT7+izDPSbzBch2m0v2BP/idQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:12 2025 by rpki-client