Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
File: 3af05485-fd97-4026-a50e-0227f46bd107.roa (raw, json)
Hash identifier: m7J5VTgd9oPMAayNAwvE/e/i6ALwVwJBf0uJaHQpUJM=
Subject key identifier: CD:FE:BE:69:92:79:10:F1:F6:88:FA:09:B0:EA:27:49:13:3B:80:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7394EEE5E8601165AE3D99858D0765DC24107B0C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
Signing time: Tue 20 May 2025 19:01:38 +0000
ROA not before: Tue 20 May 2025 19:01:38 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:94:ee:e5:e8:60:11:65:ae:3d:99:85:8d:07:65:dc:24:10:7b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:38 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e0698f2094cc86eea0d46498b26db4aec7ec8f11a5ba02385e0d86d06811531e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f8:be:2e:87:a8:8a:3a:4d:2a:50:74:0a:16:
a2:26:e6:ec:24:9b:4b:d9:fc:9b:e2:c2:03:23:f5:
8b:cf:a3:52:b0:18:85:e0:75:78:f6:04:5e:21:a8:
0f:fa:44:e4:40:23:e1:16:37:2d:96:f2:79:06:7b:
af:35:52:f1:22:3f:9b:76:41:aa:19:58:a9:6a:7c:
6a:46:5a:45:29:c4:64:f8:99:bb:32:ea:a1:54:6c:
57:d6:2e:e4:06:a1:a0:f4:5b:2b:e6:9a:80:e9:52:
da:60:1b:ec:3f:cd:a6:56:4e:3b:7f:09:c2:27:53:
76:c0:47:5d:09:ba:c3:1f:38:58:78:48:9a:2d:a2:
93:ca:69:b0:2f:3e:cf:3c:ed:bc:1d:67:95:3e:ac:
15:fc:07:0d:49:3e:d3:ad:9b:7f:19:a1:d7:f5:6d:
e0:0a:fb:ea:4b:9d:f6:64:18:90:c0:aa:fd:de:ad:
cc:20:2c:ba:d4:c4:bf:47:f0:6e:85:f1:d3:61:ad:
91:9e:c7:fb:bc:9c:33:6c:5c:f3:b7:3a:4d:4f:22:
da:71:0c:9c:60:f9:f7:86:6c:d9:78:34:ae:cb:a8:
09:6a:6f:ef:ae:ff:ea:2e:31:38:f3:c4:0b:79:64:
22:49:bd:38:d5:34:af:de:23:d5:a6:ea:8c:1e:b9:
0b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FE:BE:69:92:79:10:F1:F6:88:FA:09:B0:EA:27:49:13:3B:80:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:64:ba:f6:8e:ad:88:95:14:62:32:cf:21:3c:74:f0:fe:c8:
7d:d3:f6:78:17:cd:38:42:d4:76:5f:81:a0:5a:4e:12:3a:73:
95:16:be:f5:2b:2b:d1:43:ea:cc:b8:47:14:08:5a:f0:99:19:
d7:a6:f4:0e:5b:86:84:b6:04:29:64:4a:89:8a:89:f5:8d:0a:
2b:0d:fc:4a:f6:f6:b1:48:8b:9e:7b:69:0f:c8:4b:d9:c6:a5:
6c:82:af:15:25:be:8c:fe:c1:93:8f:e3:7f:04:0e:bc:cc:37:
9c:3b:a4:f8:b1:0a:77:ad:f2:89:23:61:17:9d:11:e4:ce:49:
37:a8:e6:84:6d:62:1d:2b:37:c8:5a:f3:35:fa:67:c7:ac:8e:
5c:12:70:35:a7:86:b6:f3:bc:09:8a:66:9c:1e:b6:de:6a:ff:
70:39:71:b4:05:97:87:9d:ea:eb:e9:c2:0f:1a:90:30:15:9d:
cd:9e:06:b1:0b:4b:cb:23:d5:b1:ee:e0:84:aa:ab:c9:f9:11:
a3:e1:71:30:69:3e:06:0a:5e:ef:42:9c:67:c5:d3:fb:07:e4:
60:2f:4d:63:f5:31:98:6d:c4:86:eb:cc:99:33:38:20:d9:69:
d9:4a:16:f2:e9:50:c1:fb:37:e6:82:65:29:f8:49:ac:12:45:
58:9b:35:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc5Tu5ehgEWWuPZmFjQdl3CQQewwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMzhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwNjk4ZjIwOTRjYzg2ZWVhMGQ0NjQ5OGIyNmRiNGFlYzdlYzhmMTFhNWJh
MDIzODVlMGQ4NmQwNjgxMTUzMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz4vi6HqIo6TSpQdAoWoibm7CSbS9n8m+LCAyP1i8+jUrAYheB1ePYEXiGo
D/pE5EAj4RY3LZbyeQZ7rzVS8SI/m3ZBqhlYqWp8akZaRSnEZPiZuzLqoVRsV9Yu
5AahoPRbK+aagOlS2mAb7D/NplZOO38JwidTdsBHXQm6wx84WHhImi2ik8ppsC8+
zzztvB1nlT6sFfwHDUk+062bfxmh1/Vt4Ar76kud9mQYkMCq/d6tzCAsutTEv0fw
boXx02GtkZ7H+7ycM2xc87c6TU8i2nEMnGD594Zs2Xg0rsuoCWpv767/6i4xOPPE
C3lkIkm9ONU0r94j1abqjB65CxkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTN/r5p
knkQ8faI+gmw6idJEzuA6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2FmMDU0ODUtZmQ5Ny00MDI2LWE1MGUtMDIyN2Y0NmJkMTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9g
MA0GCSqGSIb3DQEBCwUAA4IBAQC6ZLr2jq2IlRRiMs8hPHTw/sh90/Z4F804QtR2
X4GgWk4SOnOVFr71KyvRQ+rMuEcUCFrwmRnXpvQOW4aEtgQpZEqJion1jQorDfxK
9vaxSIuee2kPyEvZxqVsgq8VJb6M/sGTj+N/BA68zDecO6T4sQp3rfKJI2EXnRHk
zkk3qOaEbWIdKzfIWvM1+mfHrI5cEnA1p4a287wJimacHrbeav9wOXG0BZeHnerr
6cIPGpAwFZ3NngaxC0vLI9Wx7uCEqqvJ+RGj4XEwaT4GCl7vQpxnxdP7B+RgL01j
9TGYbcSG68yZMzgg2WnZShby6VDB+zfmgmUp+EmsEkVYmzXy
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:26 2025 by rpki-client