Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
File: 3bde61a2-7506-48c2-8365-3447411d858e.roa (raw, json)
Hash identifier: lfYdnU0K4NuNhi4ewDDV1Gc5euTy5Ioj2mzDYPphUxQ=
Subject key identifier: E2:B1:6D:20:9E:98:42:C1:4B:77:CC:D4:62:34:CE:2D:E7:38:AA:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4380B3EEA6969275E85D1C0FE9DD80C436DF1BD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
Signing time: Tue 20 May 2025 20:11:35 +0000
ROA not before: Tue 20 May 2025 20:11:35 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:80:b3:ee:a6:96:92:75:e8:5d:1c:0f:e9:dd:80:c4:36:df:1b:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:35 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a4df2f20ef36f545eb829840ee09c076c2c0e2835947f23c4b1ff31dcf7157ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2e:b7:c7:33:df:d7:a9:c6:e5:73:40:f9:27:
e4:52:56:35:3e:78:5a:b9:19:7e:19:03:69:0e:fd:
05:52:95:e6:80:58:e8:ee:5a:83:a8:b9:99:cd:ec:
22:39:b8:b1:81:f3:4a:2a:a4:e0:f6:ed:ff:17:54:
8e:ac:c4:5d:ff:e2:1e:7a:81:3a:51:69:e7:08:94:
c5:17:bb:c5:6f:0d:4e:9a:3a:72:6e:37:d7:4a:7e:
c2:d9:02:a5:c9:68:39:98:e7:1f:d1:e0:f8:73:ba:
6c:d8:2a:48:24:7f:fb:b4:77:86:36:fb:11:1a:95:
24:1c:0d:af:00:b6:2a:95:93:2c:73:0c:54:d0:0c:
8f:e6:b4:c9:93:96:9f:ad:02:48:b2:36:00:01:fc:
f1:47:ab:59:f9:da:4f:be:13:dd:c8:55:2b:43:f0:
88:cd:d0:7a:f5:c6:73:f7:83:04:07:70:18:97:01:
ad:44:5a:5c:9b:3f:36:fe:85:be:81:d4:25:20:4d:
05:cd:7e:89:54:33:71:c0:b9:b4:5d:1b:fc:6a:30:
4e:02:cc:a6:8c:31:d2:06:f1:ea:a1:63:b5:57:08:
87:49:f0:07:71:50:b7:16:26:66:09:d0:0f:d9:2c:
b9:cd:ee:4a:4a:2b:f8:43:66:53:0f:1d:2e:21:86:
f8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B1:6D:20:9E:98:42:C1:4B:77:CC:D4:62:34:CE:2D:E7:38:AA:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:5000::/40
Signature Algorithm: sha256WithRSAEncryption
35:60:f4:9a:ad:30:7b:fb:45:a4:e5:de:94:88:c9:43:ef:d8:
71:e6:92:06:22:5f:30:a2:67:1b:98:5f:d0:a3:f7:44:86:ee:
e8:83:73:db:69:a0:bd:e4:cf:2c:df:7d:ad:1d:23:74:6e:d6:
0f:8d:5e:76:19:b1:5a:f5:9f:60:84:0b:fd:5d:57:ef:15:b5:
af:d0:3e:85:a6:93:cb:62:f7:bd:13:bd:ce:34:78:bc:f9:eb:
cf:05:63:e6:66:68:ad:8d:ca:f5:0a:71:08:26:89:68:7a:74:
94:d9:56:3e:f9:bd:a6:03:d1:d6:e5:66:4b:ad:a2:46:67:76:
5e:d4:fb:2a:58:66:9c:bc:91:53:38:a0:c3:6d:cb:13:b1:58:
0e:b4:b5:7b:47:48:f7:0c:1f:b8:d6:7a:15:4a:90:1b:d7:12:
51:4a:ba:76:cb:af:cf:56:3e:21:2a:1c:75:ce:55:19:30:b7:
93:90:8d:7a:7f:db:22:7a:9d:51:53:e5:5f:75:36:0e:cd:92:
32:24:df:73:1e:7f:0d:9b:ac:90:9f:cd:c0:15:67:d2:a9:d9:
77:96:b6:a3:7f:6a:91:19:26:19:fa:c4:20:f1:77:06:8a:66:
6b:0c:d1:04:4a:c3:c5:13:6b:d9:ea:e7:41:fa:23:8a:0d:ea:
5b:85:fe:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ4Cz7qaWknXoXRwP6d2AxDbfG9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMzVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0ZGYyZjIwZWYzNmY1NDVlYjgyOTg0MGVlMDljMDc2YzJjMGUyODM1OTQ3
ZjIzYzRiMWZmMzFkY2Y3MTU3YWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN8ut8cz39epxuVzQPkn5FJWNT54WrkZfhkDaQ79BVKV5oBY6O5ag6i5mc3s
Ijm4sYHzSiqk4Pbt/xdUjqzEXf/iHnqBOlFp5wiUxRe7xW8NTpo6cm4310p+wtkC
pcloOZjnH9Hg+HO6bNgqSCR/+7R3hjb7ERqVJBwNrwC2KpWTLHMMVNAMj+a0yZOW
n60CSLI2AAH88UerWfnaT74T3chVK0PwiM3QevXGc/eDBAdwGJcBrURaXJs/Nv6F
voHUJSBNBc1+iVQzccC5tF0b/GowTgLMpowx0gbx6qFjtVcIh0nwB3FQtxYmZgnQ
D9ksuc3uSkor+ENmUw8dLiGG+AECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTisW0g
nphCwUt3zNRiNM4t5ziqODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JkZTYxYTItNzUwNi00OGMyLTgzNjUtMzQ0NzQxMWQ4NThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA1YPSarTB7+0Wk5d6UiMlD79hx5pIGIl8womcb
mF/Qo/dEhu7og3PbaaC95M8s332tHSN0btYPjV52GbFa9Z9ghAv9XVfvFbWv0D6F
ppPLYve9E73ONHi8+evPBWPmZmitjcr1CnEIJoloenSU2VY++b2mA9HW5WZLraJG
Z3Ze1PsqWGacvJFTOKDDbcsTsVgOtLV7R0j3DB+41noVSpAb1xJRSrp2y6/PVj4h
Khx1zlUZMLeTkI16f9siep1RU+VfdTYOzZIyJN9zHn8Nm6yQn83AFWfSqdl3lraj
f2qRGSYZ+sQg8XcGimZrDNEESsPFE2vZ6udB+iOKDepbhf5F
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:16 2025 by rpki-client