Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
File: 2cee858e-c572-427b-8123-23b2e05abc40.roa (raw, json)
Hash identifier: VyA/LFpwoUH/cO8AyHwyHUp0QmTOHlINbDvpOvk84D0=
Subject key identifier: AD:0E:55:0F:9E:62:A9:54:E7:A9:D6:3D:E0:4A:60:F3:5B:2B:B9:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CA4993CB69040F8941F79528CC83F025F0E363D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
Signing time: Tue 20 May 2025 18:21:19 +0000
ROA not before: Tue 20 May 2025 18:21:19 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:a4:99:3c:b6:90:40:f8:94:1f:79:52:8c:c8:3f:02:5f:0e:36:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:21:19 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ee175245fc224180564bda3e1df80e20cdbc2caf18338fac1fb34728e872107a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:80:6f:a8:29:98:b9:e8:47:f1:12:cf:e5:49:
0e:99:b2:08:69:10:7f:c7:7e:3f:d4:e2:6b:be:8c:
15:32:5e:d9:64:32:b5:27:53:c0:95:49:63:c7:d6:
d3:a8:2d:d3:ca:bb:79:36:da:04:da:4a:ac:3c:69:
61:aa:07:51:68:05:28:03:22:cc:83:e1:97:5a:40:
5e:c5:8b:7d:32:d4:37:88:08:7f:a9:0b:1f:c5:34:
c7:66:a9:84:20:88:77:3a:c9:35:87:f9:91:61:4a:
bd:05:23:ca:9e:82:3b:78:4a:51:e0:dc:26:de:54:
b3:1b:d0:43:5f:e1:5b:c9:4e:4b:34:c7:37:f0:1d:
83:97:bb:55:48:01:95:4a:ce:f8:6c:41:33:c3:89:
9d:e5:03:05:8c:ba:fb:02:6a:1c:48:71:b3:cc:f6:
1e:57:b6:bf:bd:17:6d:7a:80:6c:c7:37:71:2d:29:
58:1d:ba:da:1e:60:fb:6b:14:a7:2c:ae:3f:22:14:
49:ed:c2:75:54:e4:cb:df:77:59:69:03:bd:0a:54:
7f:91:5b:f1:37:b7:75:19:eb:8c:fe:55:34:c4:e8:
26:30:bb:bb:bd:22:78:82:52:60:06:da:9a:7b:d1:
97:be:05:9f:32:9a:c7:b1:a3:80:e0:39:a6:7e:f9:
42:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0E:55:0F:9E:62:A9:54:E7:A9:D6:3D:E0:4A:60:F3:5B:2B:B9:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c080::/48
Signature Algorithm: sha256WithRSAEncryption
53:87:fc:ff:d4:97:3f:81:a1:ad:88:0d:c8:34:f3:db:d0:a9:
5f:d2:e0:45:b7:b7:73:2f:29:fa:53:42:d2:fa:a1:90:cc:d1:
cc:c4:03:a7:90:be:8e:25:e5:4d:ca:ae:44:0c:f9:f7:4f:8d:
97:40:80:d3:80:b1:b3:b8:0c:c5:43:74:d5:ff:64:63:3f:97:
42:3e:37:4a:fa:e5:e9:43:91:c0:c1:5b:dd:33:16:5f:3e:dd:
9c:0b:63:c6:7a:d7:5f:87:2b:0c:bc:9d:eb:13:63:18:40:8a:
35:d5:ca:16:22:cf:72:eb:9f:8a:77:0d:8e:75:1b:92:c6:5c:
b7:1e:01:db:05:c9:32:1f:cc:8a:72:dc:a7:64:65:c1:6a:93:
8f:a1:37:bb:6e:9f:f2:f9:0e:f4:1b:36:0b:32:d6:02:ec:37:
69:17:e8:55:40:2d:0b:0c:62:ea:d2:23:11:d5:b3:9e:bb:49:
7e:7f:9e:f8:88:ce:a3:b0:b9:a3:d9:0f:d0:c4:5c:d1:4d:2a:
a3:3c:fc:61:1d:89:57:fe:6a:7a:02:bf:fd:ee:6f:0a:db:55:
6b:73:5b:3d:b0:8f:e3:68:0d:bb:b9:a3:83:db:81:d1:09:91:
69:12:41:e4:e8:05:b1:12:f9:06:ae:31:87:fe:79:62:b0:09:
06:70:9b:29
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXKSZPLaQQPiUH3lSjMg/Al8ONj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIxMTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMTc1MjQ1ZmMyMjQxODA1NjRiZGEzZTFkZjgwZTIwY2RiYzJjYWYxODMz
OGZhYzFmYjM0NzI4ZTg3MjEwN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaAb6gpmLnoR/ESz+VJDpmyCGkQf8d+P9Tia76MFTJe2WQytSdTwJVJY8fW
06gt08q7eTbaBNpKrDxpYaoHUWgFKAMizIPhl1pAXsWLfTLUN4gIf6kLH8U0x2ap
hCCIdzrJNYf5kWFKvQUjyp6CO3hKUeDcJt5UsxvQQ1/hW8lOSzTHN/Adg5e7VUgB
lUrO+GxBM8OJneUDBYy6+wJqHEhxs8z2Hle2v70XbXqAbMc3cS0pWB262h5g+2sU
pyyuPyIUSe3CdVTky993WWkDvQpUf5Fb8Te3dRnrjP5VNMToJjC7u70ieIJSYAba
mnvRl74FnzKax7GjgOA5pn75QssCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBStDlUP
nmKpVOep1j3gSmDzWyu5NDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmNlZTg1OGUtYzU3Mi00MjdiLTgxMjMtMjNiMmUwNWFiYzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
gDANBgkqhkiG9w0BAQsFAAOCAQEAU4f8/9SXP4GhrYgNyDTz29CpX9LgRbe3cy8p
+lNC0vqhkMzRzMQDp5C+jiXlTcquRAz590+Nl0CA04Cxs7gMxUN01f9kYz+XQj43
Svrl6UORwMFb3TMWXz7dnAtjxnrXX4crDLyd6xNjGECKNdXKFiLPcuufincNjnUb
ksZctx4B2wXJMh/MinLcp2RlwWqTj6E3u26f8vkO9Bs2CzLWAuw3aRfoVUAtCwxi
6tIjEdWznrtJfn+e+IjOo7C5o9kP0MRc0U0qozz8YR2JV/5qegK//e5vCttVa3Nb
PbCP42gNu7mjg9uB0QmRaRJB5OgFsRL5Bq4xh/55YrAJBnCbKQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:13 2025 by rpki-client