Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3fa7e298-325c-4151-ac0e-2364c78e67e5.roa
File: 3fa7e298-325c-4151-ac0e-2364c78e67e5.roa (raw, json)
Hash identifier: lJPw/zymqdFvVbUxZOWHEO0hJm7sVZSvWyVxKlLXTRk=
Subject key identifier: 80:BE:6F:CE:6C:EE:82:6A:42:FE:AB:62:99:5F:49:A2:9C:5A:2C:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BC7842C23CF10FD8DAB0AFB156B8632719487DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3fa7e298-325c-4151-ac0e-2364c78e67e5.roa
Signing time: Tue 20 May 2025 19:51:59 +0000
ROA not before: Tue 20 May 2025 19:51:59 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:c7:84:2c:23:cf:10:fd:8d:ab:0a:fb:15:6b:86:32:71:94:87:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:59 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=558048b79608dda774406600a94089d5e22e6e03a56d68b767cd7a32db2bd4bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1a:14:12:5a:a3:24:bd:4c:e9:7b:7e:c4:4c:
3a:90:21:44:17:db:dd:09:35:b2:e6:b3:27:4e:a7:
ef:34:fa:3f:f7:a4:28:40:7b:00:2b:93:47:56:ab:
2d:08:1e:ee:ab:56:0a:67:95:45:e5:0d:94:66:43:
48:70:f6:2f:a4:35:b6:f5:b5:e0:0d:be:0b:b3:9d:
10:55:ad:d5:06:f1:d8:f9:25:c9:05:bd:ea:b6:8b:
e2:4d:48:89:4f:0e:8d:51:39:b1:0d:0a:a7:48:03:
ad:52:53:8d:0d:22:75:42:bf:c4:5a:09:ce:03:e4:
7f:84:c2:e6:4e:4c:dd:25:77:c6:76:e7:68:12:be:
e8:50:f3:51:6f:be:d7:7e:ce:b7:b9:91:94:ab:ab:
55:21:82:35:ab:31:b2:a3:45:d5:ac:54:f2:62:11:
50:7f:5b:0f:64:1e:b0:1e:d6:31:f5:51:49:b7:da:
8c:da:6e:7b:9e:fb:67:6e:82:85:3b:d7:bd:44:8c:
68:d2:90:f0:ed:3d:21:8b:75:f3:bd:26:0f:ca:e9:
ee:c5:6c:f1:ae:c1:0b:ec:6b:18:c1:87:38:62:34:
2e:f5:33:6d:35:f3:37:d0:6c:e6:10:cb:41:99:8e:
a1:b9:6c:c9:d1:f0:d4:34:f8:9d:83:9c:c4:8a:80:
14:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BE:6F:CE:6C:EE:82:6A:42:FE:AB:62:99:5F:49:A2:9C:5A:2C:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3fa7e298-325c-4151-ac0e-2364c78e67e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:52:7c:51:79:d2:b0:49:e4:61:a5:44:14:1a:fb:ef:54:3e:
49:a3:db:fa:cb:28:6b:b1:67:6b:89:a2:ed:7c:01:59:fe:59:
51:85:d4:f7:b9:2f:e6:8f:fd:b9:ff:94:46:d7:19:c7:f6:69:
4c:f1:3d:ac:23:97:e0:2a:72:ec:d4:d9:0b:35:4c:9c:c0:95:
7f:44:5c:b8:01:35:77:e8:47:b1:e7:ae:e0:78:20:c7:d1:69:
c0:9e:40:3c:8c:78:3a:ba:e6:03:00:9e:3e:c1:6d:0b:24:3e:
b9:e4:f9:ba:00:bb:08:e0:3b:4f:9a:28:4e:f6:a9:32:98:e0:
8f:87:a3:a8:fa:a3:68:90:d3:a6:4d:69:dd:ee:ea:2d:48:a2:
62:26:9a:e0:16:08:60:4c:9a:fd:c3:d9:e0:74:2b:f8:1d:16:
3d:ae:31:c5:be:f5:1c:65:ec:b9:68:aa:ec:5f:f7:6a:fe:2f:
f6:cc:c0:2a:c7:3b:75:cf:8c:40:ae:2f:70:24:59:3e:4e:09:
7e:86:5d:a4:ad:bc:05:a4:9f:0e:37:83:61:8d:d6:e3:35:60:
22:7e:0e:c3:a6:05:85:32:d3:6e:13:5a:89:1d:0a:4e:6d:df:
3f:ca:1d:e8:b5:14:f5:81:99:c4:0c:81:94:4f:f8:46:63:cd:
1f:eb:1a:0c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG8eELCPPEP2Nqwr7FWuGMnGUh9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxNTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1ODA0OGI3OTYwOGRkYTc3NDQwNjYwMGE5NDA4OWQ1ZTIyZTZlMDNhNTZk
NjhiNzY3Y2Q3YTMyZGIyYmQ0YmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOAaFBJaoyS9TOl7fsRMOpAhRBfb3Qk1suazJ06n7zT6P/ekKEB7ACuTR1ar
LQge7qtWCmeVReUNlGZDSHD2L6Q1tvW14A2+C7OdEFWt1Qbx2PklyQW96raL4k1I
iU8OjVE5sQ0Kp0gDrVJTjQ0idUK/xFoJzgPkf4TC5k5M3SV3xnbnaBK+6FDzUW++
137Ot7mRlKurVSGCNasxsqNF1axU8mIRUH9bD2QesB7WMfVRSbfajNpue577Z26C
hTvXvUSMaNKQ8O09IYt1870mD8rp7sVs8a7BC+xrGMGHOGI0LvUzbTXzN9Bs5hDL
QZmOoblsydHw1DT4nYOcxIqAFHsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAvm/O
bO6CakL+q2KZX0minFos6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ZhN2UyOTgtMzI1Yy00MTUxLWFjMGUtMjM2NGM3OGU2N2U1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hdg
MA0GCSqGSIb3DQEBCwUAA4IBAQB/UnxRedKwSeRhpUQUGvvvVD5Jo9v6yyhrsWdr
iaLtfAFZ/llRhdT3uS/mj/25/5RG1xnH9mlM8T2sI5fgKnLs1NkLNUycwJV/RFy4
ATV36Eex567geCDH0WnAnkA8jHg6uuYDAJ4+wW0LJD655Pm6ALsI4DtPmihO9qky
mOCPh6Oo+qNokNOmTWnd7uotSKJiJprgFghgTJr9w9ngdCv4HRY9rjHFvvUcZey5
aKrsX/dq/i/2zMAqxzt1z4xAri9wJFk+Tgl+hl2krbwFpJ8ON4NhjdbjNWAifg7D
pgWFMtNuE1qJHQpObd8/yh3otRT1gZnEDIGUT/hGY80f6xoM
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:49 2025 by rpki-client