Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json)
Hash identifier: E7k40Gh9FMpJxDN2EoAeTyXe5t3RvXvnAipfohQsnEU=
Subject key identifier: DE:CC:39:A8:74:54:E5:32:1A:56:C7:5B:A8:B8:77:6A:36:76:FF:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40F416618A8E68774F7A8358FE5E30E2B6FEC707
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
Signing time: Tue 20 May 2025 20:21:42 +0000
ROA not before: Tue 20 May 2025 20:21:42 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:f4:16:61:8a:8e:68:77:4f:7a:83:58:fe:5e:30:e2:b6:fe:c7:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:42 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=63e059e36f446efc1775b0599fa227e2e8686a9c2a6f4a34e6f206cc51ee73f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:47:ac:39:c8:46:0b:98:f3:32:c1:57:ad:94:
8b:de:75:4a:25:e0:92:55:54:aa:ee:a3:16:6c:c2:
55:cd:34:dd:32:07:cb:00:3c:ff:ac:bd:f6:1d:4e:
db:1a:0e:a7:f1:4b:b4:d2:4c:a5:cf:cb:94:81:e8:
57:eb:81:e5:e6:f3:d3:99:70:8b:bd:c6:5b:75:4a:
d3:cc:4b:a1:a3:19:e4:73:fb:33:e4:63:2b:00:b7:
de:66:54:d4:1f:77:c7:aa:d6:e5:ff:b6:dc:ec:c7:
bc:52:5d:72:e0:68:9b:1b:de:8e:5e:de:b3:8c:cb:
67:17:3e:6a:16:cf:a5:f4:ce:af:d3:31:27:85:1a:
7e:4c:1b:55:58:15:db:2c:4a:a4:b1:f4:47:42:36:
95:98:94:bf:7c:28:53:5f:29:9b:c0:20:6f:6c:1a:
4a:c2:59:19:54:a1:e0:c7:56:92:6c:bc:83:29:0b:
16:5a:e7:fc:fc:8c:77:71:bf:31:72:27:ba:d7:bf:
a9:f8:7f:6a:1d:18:71:6b:56:76:0a:26:64:b0:36:
ff:e2:56:17:9a:a6:2f:13:e6:b0:2e:43:f4:a9:f1:
4f:61:78:29:47:c0:c4:13:95:7f:0d:f8:b2:ef:24:
2d:33:5e:e6:16:2b:fb:bd:5a:14:f7:9d:94:06:d2:
ef:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:CC:39:A8:74:54:E5:32:1A:56:C7:5B:A8:B8:77:6A:36:76:FF:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:9000::/40
Signature Algorithm: sha256WithRSAEncryption
21:8e:e4:4d:38:30:23:ce:0c:df:5f:b8:0f:5f:46:01:ea:0d:
81:12:5e:84:d0:a3:98:c6:f8:27:9e:d2:3a:e4:0e:67:51:3b:
f2:bf:ce:9e:b1:85:f3:52:d8:a2:85:6a:03:65:e7:60:e2:bb:
06:d2:ba:2f:22:33:f4:0c:38:a5:99:a5:61:7d:52:ce:cc:7d:
df:8e:39:a2:ca:e6:34:d8:74:e7:91:a2:dc:fe:ba:76:72:64:
7e:2b:50:1d:7a:6a:b4:c5:cc:ea:77:10:aa:d4:a4:c0:02:37:
76:91:38:ea:28:06:a2:66:c8:3e:dd:be:db:ce:4e:1d:68:c5:
4d:0d:69:f2:68:6d:90:a2:df:9e:e3:7a:e0:29:f6:22:8d:0d:
38:5b:a5:1a:1a:fb:c6:c9:d8:b8:3b:5b:b2:7f:4b:f7:8f:94:
34:0f:db:8e:2c:62:9b:9d:95:5a:7b:32:a1:c9:1a:e7:fb:4e:
b5:e5:81:ae:4d:13:d6:74:95:85:b1:13:2c:ba:b2:0b:11:b5:
1b:07:f1:a7:a3:fc:02:cd:3b:19:b7:0e:3a:e0:c8:d9:60:94:
d7:4d:c2:e1:b4:96:bb:c2:d2:24:d9:65:ce:fe:26:10:b5:12:
15:64:50:41:c2:11:76:bc:dc:bf:df:51:3b:c4:45:85:df:a8:
69:6e:15:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQPQWYYqOaHdPeoNY/l4w4rb+xwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxNDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzZTA1OWUzNmY0NDZlZmMxNzc1YjA1OTlmYTIyN2UyZTg2ODZhOWMyYTZm
NGEzNGU2ZjIwNmNjNTFlZTczZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdHrDnIRguY8zLBV62Ui951SiXgklVUqu6jFmzCVc003TIHywA8/6y99h1O
2xoOp/FLtNJMpc/LlIHoV+uB5ebz05lwi73GW3VK08xLoaMZ5HP7M+RjKwC33mZU
1B93x6rW5f+23OzHvFJdcuBomxvejl7es4zLZxc+ahbPpfTOr9MxJ4UafkwbVVgV
2yxKpLH0R0I2lZiUv3woU18pm8Agb2waSsJZGVSh4MdWkmy8gykLFlrn/PyMd3G/
MXInute/qfh/ah0YcWtWdgomZLA2/+JWF5qmLxPmsC5D9KnxT2F4KUfAxBOVfw34
su8kLTNe5hYr+71aFPedlAbS76cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTezDmo
dFTlMhpWx1uouHdqNnb/ZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAhjuRNODAjzgzfX7gPX0YB6g2BEl6E0KOYxvgn
ntI65A5nUTvyv86esYXzUtiihWoDZedg4rsG0rovIjP0DDilmaVhfVLOzH3fjjmi
yuY02HTnkaLc/rp2cmR+K1Ademq0xczqdxCq1KTAAjd2kTjqKAaiZsg+3b7bzk4d
aMVNDWnyaG2Qot+e43rgKfYijQ04W6UaGvvGydi4O1uyf0v3j5Q0D9uOLGKbnZVa
ezKhyRrn+0615YGuTRPWdJWFsRMsurILEbUbB/Gno/wCzTsZtw464MjZYJTXTcLh
tJa7wtIk2WXO/iYQtRIVZFBBwhF2vNy/31E7xEWF36hpbhVl
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:21 2025 by rpki-client