Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
File: 36851825-b64c-4907-b152-006b17b6b7d7.roa (raw, json)
Hash identifier: QS6DbtutZIV8GMAUiafuHwSBMBhsgdCCA9Pt+r4TCW0=
Subject key identifier: 12:62:32:96:D9:9E:A1:C3:37:D1:2B:C7:F5:D3:98:6D:D4:26:07:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5070E280CEBE12ABDEABD572AB5F10E68B8994B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
Signing time: Tue 20 May 2025 18:31:26 +0000
ROA not before: Tue 20 May 2025 18:31:26 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:70:e2:80:ce:be:12:ab:de:ab:d5:72:ab:5f:10:e6:8b:89:94:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:31:26 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e824d4dc6c28aa78ad613f3429b520da658431d32c3cd7a7c0a90a109b55b0d6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:17:44:35:9c:01:2e:63:17:1d:b8:4d:37:77:
01:f0:37:d0:39:16:e6:79:32:48:68:29:ad:b1:14:
ce:b3:c4:1f:60:29:98:e2:30:9b:0f:6d:fe:be:d9:
98:8d:5f:c5:33:5b:0f:80:e9:76:a8:ef:18:9d:d0:
3d:f1:87:54:51:ba:60:54:4e:ab:0b:28:4a:c1:e4:
09:79:6f:eb:e6:ca:16:1b:63:5c:07:39:c5:08:9b:
61:d9:52:1f:ab:27:09:65:3f:01:46:b2:0a:76:2b:
fd:fc:55:10:e0:a2:50:67:f6:c1:5e:74:64:5f:64:
7e:59:98:0a:91:b8:bc:c7:a7:46:65:c7:12:12:13:
0f:11:b1:93:81:87:a6:47:6a:c2:4f:02:bd:a8:38:
20:80:4b:b9:fb:a1:4a:77:14:d3:80:45:7d:fe:c4:
27:25:c4:e5:53:e3:f9:8d:f7:97:f6:f8:fa:df:ef:
d8:a7:3e:91:aa:fd:3b:b1:00:02:03:bb:4c:65:68:
94:59:33:5e:d8:7e:04:94:77:fc:9b:13:00:9d:0f:
86:33:14:70:b9:e8:9c:0f:19:f4:e4:93:84:96:05:
74:36:4d:f7:9f:a9:18:d4:7a:3e:53:5e:37:fe:6f:
a4:ae:23:fc:48:30:6f:1a:40:dd:cf:15:f0:47:5d:
34:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:62:32:96:D9:9E:A1:C3:37:D1:2B:C7:F5:D3:98:6D:D4:26:07:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36851825-b64c-4907-b152-006b17b6b7d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:b000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:1c:3e:34:39:33:c3:04:45:eb:bf:b0:10:59:fd:80:22:f4:
94:57:c1:f7:22:ba:c8:10:47:1c:a3:84:3a:f9:7d:f3:a6:ef:
42:8c:aa:52:b3:41:bf:55:92:45:08:df:27:43:61:de:5b:97:
09:c8:65:37:15:ac:6a:c9:6e:7e:90:ad:64:1e:92:e1:e9:35:
c6:3d:5a:9f:8c:f4:d0:22:66:57:a3:7e:ac:37:08:2a:eb:68:
7f:01:93:70:a3:7d:b8:6e:10:d7:cf:b1:22:4b:f4:a5:1f:da:
cb:2d:df:da:11:63:c3:78:67:6a:2e:31:fe:a6:91:9b:de:3c:
6c:51:45:87:99:3a:88:41:d1:ef:df:21:da:cc:6e:30:79:c7:
38:a5:c2:b4:58:22:cd:1d:30:ff:26:d5:77:0d:0a:df:36:59:
e5:5a:e9:20:8c:d5:1f:b9:e9:5a:72:32:a9:9f:6a:1a:77:50:
ae:39:06:1e:2f:7a:25:1b:de:53:83:ba:80:b9:3c:02:65:13:
17:dd:0e:bd:3c:7a:82:9f:8b:a3:cb:30:2d:0e:6d:3a:45:bb:
89:14:5c:f1:dd:f7:4f:4d:89:8d:e8:1b:c5:49:60:11:1b:3c:
a9:ce:3f:6c:c2:28:60:42:7b:71:fb:86:5e:da:4f:84:98:da:
17:7f:e4:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUHDigM6+Eqveq9Vyq18Q5ouJlLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMxMjZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4MjRkNGRjNmMyOGFhNzhhZDYxM2YzNDI5YjUyMGRhNjU4NDMxZDMyYzNj
ZDdhN2MwYTkwYTEwOWI1NWIwZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwXRDWcAS5jFx24TTd3AfA30DkW5nkySGgprbEUzrPEH2ApmOIwmw9t/r7Z
mI1fxTNbD4DpdqjvGJ3QPfGHVFG6YFROqwsoSsHkCXlv6+bKFhtjXAc5xQibYdlS
H6snCWU/AUayCnYr/fxVEOCiUGf2wV50ZF9kflmYCpG4vMenRmXHEhITDxGxk4GH
pkdqwk8Cvag4IIBLufuhSncU04BFff7EJyXE5VPj+Y33l/b4+t/v2Kc+kar9O7EA
AgO7TGVolFkzXth+BJR3/JsTAJ0PhjMUcLnonA8Z9OSThJYFdDZN95+pGNR6PlNe
N/5vpK4j/EgwbxpA3c8V8EddNFcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSYjKW
2Z6hwzfRK8f105ht1CYHtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzY4NTE4MjUtYjY0Yy00OTA3LWIxNTItMDA2YjE3YjZiN2Q3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGw
MA0GCSqGSIb3DQEBCwUAA4IBAQC5HD40OTPDBEXrv7AQWf2AIvSUV8H3IrrIEEcc
o4Q6+X3zpu9CjKpSs0G/VZJFCN8nQ2HeW5cJyGU3FaxqyW5+kK1kHpLh6TXGPVqf
jPTQImZXo36sNwgq62h/AZNwo324bhDXz7EiS/SlH9rLLd/aEWPDeGdqLjH+ppGb
3jxsUUWHmTqIQdHv3yHazG4wecc4pcK0WCLNHTD/JtV3DQrfNlnlWukgjNUfuela
cjKpn2oad1CuOQYeL3olG95Tg7qAuTwCZRMX3Q69PHqCn4ujyzAtDm06RbuJFFzx
3fdPTYmN6BvFSWARGzypzj9swihgQntx+4Ze2k+EmNoXf+Sz
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:15 2025 by rpki-client