Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa
File: 3901d4e7-d120-481a-a199-4762783cff5b.roa (raw, json)
Hash identifier: xnCVhtJQhUnarCwDE8jmWcXj9vJVr60O59sQujPFvww=
Subject key identifier: 4A:7D:05:A4:4D:EA:5F:57:6C:81:CC:3A:DB:55:7B:C3:C4:67:6F:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 482276C422992809DB3D36AA3EA9315C23D7F770
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa
Signing time: Fri 23 May 2025 00:40:44 +0000
ROA not before: Fri 23 May 2025 00:40:44 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:22:76:c4:22:99:28:09:db:3d:36:aa:3e:a9:31:5c:23:d7:f7:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:44 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=3b979de0cf9e77d880d8eb494511895267f58385ec751be65fdd548096b94054, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bb:c1:37:1b:b3:81:3e:2d:80:df:71:08:ae:
22:a7:90:48:a2:31:57:79:a7:62:7b:54:2d:22:66:
66:b1:03:c4:81:ba:3e:f3:ea:c6:af:00:fb:29:0d:
bd:72:10:38:59:58:35:0c:40:a1:d9:ac:57:09:e6:
95:3b:84:6f:fb:24:ad:6d:9c:c7:5b:2c:1d:0b:fe:
21:05:c7:ec:bd:ec:48:fe:32:69:c1:9d:54:ae:e0:
ba:86:3b:be:43:13:c9:44:0a:ff:f6:40:32:de:47:
83:6a:15:c9:bf:95:d3:44:07:52:12:60:5c:36:28:
0c:ff:ba:1b:a9:f6:ee:da:19:f2:17:c7:77:a2:48:
0e:06:a5:06:f8:a0:a6:c4:e8:27:26:80:8b:11:60:
ed:a9:f7:78:61:e5:54:34:0e:b1:7e:35:3a:3b:86:
87:aa:2c:06:80:55:11:63:db:4b:73:07:fa:e7:9a:
67:bd:3e:e9:1c:55:66:8d:f1:d9:15:14:b1:61:ef:
22:10:17:0c:55:47:57:7a:a8:36:27:e1:ad:cb:0c:
27:58:47:0a:c9:61:bb:27:02:aa:ab:78:a3:bb:d2:
48:29:78:62:a8:b8:2a:33:8a:fb:43:a1:18:a8:ea:
b8:48:0e:12:04:84:d9:2f:10:55:43:4e:61:0f:22:
12:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7D:05:A4:4D:EA:5F:57:6C:81:CC:3A:DB:55:7B:C3:C4:67:6F:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
5c:fb:1f:9f:e5:49:c5:af:a7:84:08:d8:54:7a:73:19:45:af:
89:ab:01:71:67:b4:75:13:02:e6:e6:b9:d0:09:c0:91:d0:47:
64:83:85:33:f7:e7:f2:f5:cc:73:6c:7e:92:2e:41:f9:eb:19:
a1:11:86:de:67:6d:f1:a5:5d:c2:5c:4b:6d:04:1f:f5:84:23:
01:a2:e0:4e:8b:bd:81:43:ea:5b:ce:99:41:f1:eb:7e:3d:e7:
f6:dc:13:8a:48:47:36:76:cf:12:9f:17:28:c5:2c:a6:fb:a5:
92:4b:97:35:f1:58:90:c2:6d:e7:1a:20:c3:81:35:23:61:5b:
a9:05:f3:8e:68:1c:ab:9b:10:12:b7:8d:7c:98:48:7b:e7:ea:
24:2e:be:e7:7a:37:ea:3d:c2:76:3b:ff:62:ca:52:71:6d:d5:
74:6e:aa:80:75:06:27:ce:30:83:ec:03:87:b7:ce:01:2f:a8:
56:26:d5:87:cb:16:fb:6f:86:ba:e0:19:8f:21:17:6b:9c:2a:
5c:1f:8a:9f:24:7e:dd:d6:1f:df:a7:71:f4:35:91:d2:80:4c:
9f:5e:fa:98:96:5f:49:eb:44:f1:73:18:b0:29:52:33:bc:b8:
fd:17:16:28:9d:01:2b:96:f4:56:5b:bc:d7:62:19:f5:c5:d3:
f6:11:c6:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSCJ2xCKZKAnbPTaqPqkxXCPX93AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwNDRaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiOTc5ZGUwY2Y5ZTc3ZDg4MGQ4ZWI0OTQ1MTE4OTUyNjdmNTgzODVlYzc1
MWJlNjVmZGQ1NDgwOTZiOTQwNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALC7wTcbs4E+LYDfcQiuIqeQSKIxV3mnYntULSJmZrEDxIG6PvPqxq8A+ykN
vXIQOFlYNQxAodmsVwnmlTuEb/skrW2cx1ssHQv+IQXH7L3sSP4yacGdVK7guoY7
vkMTyUQK//ZAMt5Hg2oVyb+V00QHUhJgXDYoDP+6G6n27toZ8hfHd6JIDgalBvig
psToJyaAixFg7an3eGHlVDQOsX41OjuGh6osBoBVEWPbS3MH+ueaZ70+6RxVZo3x
2RUUsWHvIhAXDFVHV3qoNifhrcsMJ1hHCslhuycCqqt4o7vSSCl4Yqi4KjOK+0Oh
GKjquEgOEgSE2S8QVUNOYQ8iEjkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRKfQWk
TepfV2yBzDrbVXvDxGdvYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzkwMWQ0ZTctZDEyMC00ODFhLWExOTktNDc2Mjc4M2NmZjViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQBc+x+f5UnFr6eECNhUenMZRa+JqwFxZ7R1EwLm
5rnQCcCR0Edkg4Uz9+fy9cxzbH6SLkH56xmhEYbeZ23xpV3CXEttBB/1hCMBouBO
i72BQ+pbzplB8et+Pef23BOKSEc2ds8SnxcoxSym+6WSS5c18ViQwm3nGiDDgTUj
YVupBfOOaByrmxASt418mEh75+okLr7nejfqPcJ2O/9iylJxbdV0bqqAdQYnzjCD
7AOHt84BL6hWJtWHyxb7b4a64BmPIRdrnCpcH4qfJH7d1h/fp3H0NZHSgEyfXvqY
ll9J60TxcxiwKVIzvLj9FxYonQErlvRWW7zXYhn1xdP2EcYz
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:45 2025 by rpki-client