Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: C6doJu8PBUkgjIPDjtxhLc5UnkvgLNz6+PsoyTxiWLI=
Subject key identifier: 13:51:17:65:FD:00:A1:15:F1:32:7B:C6:29:64:E1:A5:0B:1C:48:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BC1384760FC24FDBA0D8ACB8088B5AEC8E601BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Tue 20 May 2025 20:01:23 +0000
ROA not before: Tue 20 May 2025 20:01:23 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:c1:38:47:60:fc:24:fd:ba:0d:8a:cb:80:88:b5:ae:c8:e6:01:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:23 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=db0c54efd8be8860d6409327c9eeb2873aa2cdadd59bc220501c3fc6256ff8e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dc:63:e6:f7:30:cc:44:05:f2:7d:60:25:8a:
9f:4d:83:aa:5e:c3:fd:b7:10:5d:ce:d2:90:80:ca:
93:45:af:8e:10:6a:40:4d:11:bd:d3:26:9d:b1:bd:
2b:3a:4f:32:94:b4:1b:68:99:a5:2b:cf:0a:73:2d:
78:c3:03:83:9c:fc:2c:e5:3e:0c:fd:f7:cd:9c:7b:
64:6c:b5:01:8e:3e:1c:bd:cf:5a:7b:dd:de:9a:d1:
a6:55:1b:2f:5b:22:b9:15:7b:00:a9:45:5c:17:45:
8e:00:bb:4c:fe:53:53:64:8f:67:06:bf:e1:5e:2e:
f4:ef:30:d1:94:26:bf:57:44:2a:c3:35:34:27:8f:
ff:10:6d:22:3b:41:62:6f:28:df:51:ea:7d:1f:93:
8d:f2:e6:9f:e0:5c:71:c4:06:68:de:d6:ce:f8:d9:
61:00:9a:ea:72:dc:63:5b:56:a6:16:91:82:10:44:
56:95:ef:28:88:3e:5d:80:ab:8e:40:ba:82:7b:bf:
2c:e6:79:02:a8:d3:4c:c5:5c:a8:94:0b:49:6f:b5:
ce:d3:fc:74:96:c3:9c:77:34:60:a5:2c:ea:7a:8a:
97:5a:a3:99:ad:ef:e1:67:a1:2c:9f:a5:02:53:8b:
b4:fc:f8:59:d7:fb:c5:68:33:ec:49:ef:19:b3:67:
37:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:51:17:65:FD:00:A1:15:F1:32:7B:C6:29:64:E1:A5:0B:1C:48:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
93:d7:d3:2f:2e:bf:b2:92:34:f6:17:7b:58:80:76:8d:d8:a7:
85:ec:42:3f:c1:95:48:7c:bf:3f:f1:87:c5:e5:9e:d8:ec:b0:
71:40:19:cc:dc:64:b2:9f:37:2e:73:2f:87:fb:2f:9b:53:d8:
4d:18:db:76:d1:58:5e:a3:24:ae:07:89:c2:dd:68:53:fe:25:
20:dd:4b:e5:5e:b6:1f:41:37:71:59:ff:42:e7:89:dc:d2:36:
76:81:06:81:8a:be:90:11:d5:fb:c2:93:95:f4:30:d1:80:37:
7a:34:f3:36:24:ae:56:5a:45:c9:ef:fe:e1:1d:9d:0b:01:08:
c9:aa:cb:7b:3b:ac:2b:9a:02:ea:00:5a:7e:d3:ae:f8:82:ab:
f1:df:a2:9d:05:ec:60:58:43:ca:24:50:d8:10:60:46:c5:ac:
ab:e0:34:de:cf:d1:10:ff:5b:52:4a:47:f2:0d:c8:10:8e:a7:
46:2a:7d:bf:fd:46:5a:bd:92:ca:de:e4:be:73:97:34:63:e7:
59:a5:81:51:6d:c9:b4:07:53:fb:bc:3f:be:01:cb:c3:5a:1b:
0a:7e:2e:61:a3:9e:de:08:47:ce:25:08:94:43:2e:00:49:e2:
00:e9:74:47:ae:f9:24:0d:31:66:51:7a:81:5d:14:c3:7f:02:
0b:85:59:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG8E4R2D8JP26DYrLgIi1rsjmAbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMjNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiMGM1NGVmZDhiZTg4NjBkNjQwOTMyN2M5ZWViMjg3M2FhMmNkYWRkNTli
YzIyMDUwMWMzZmM2MjU2ZmY4ZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLcY+b3MMxEBfJ9YCWKn02Dql7D/bcQXc7SkIDKk0WvjhBqQE0RvdMmnbG9
KzpPMpS0G2iZpSvPCnMteMMDg5z8LOU+DP33zZx7ZGy1AY4+HL3PWnvd3prRplUb
L1siuRV7AKlFXBdFjgC7TP5TU2SPZwa/4V4u9O8w0ZQmv1dEKsM1NCeP/xBtIjtB
Ym8o31HqfR+TjfLmn+BcccQGaN7WzvjZYQCa6nLcY1tWphaRghBEVpXvKIg+XYCr
jkC6gnu/LOZ5AqjTTMVcqJQLSW+1ztP8dJbDnHc0YKUs6nqKl1qjma3v4WehLJ+l
AlOLtPz4Wdf7xWgz7EnvGbNnN08CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQTURdl
/QChFfEye8YpZOGlCxxIqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQCT19MvLr+ykjT2F3tYgHaN2KeF7EI/wZVIfL8/
8YfF5Z7Y7LBxQBnM3GSynzcucy+H+y+bU9hNGNt20VheoySuB4nC3WhT/iUg3Uvl
XrYfQTdxWf9C54nc0jZ2gQaBir6QEdX7wpOV9DDRgDd6NPM2JK5WWkXJ7/7hHZ0L
AQjJqst7O6wrmgLqAFp+0674gqvx36KdBexgWEPKJFDYEGBGxayr4DTez9EQ/1tS
SkfyDcgQjqdGKn2//UZavZLK3uS+c5c0Y+dZpYFRbcm0B1P7vD++AcvDWhsKfi5h
o57eCEfOJQiUQy4ASeIA6XRHrvkkDTFmUXqBXRTDfwILhVmM
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:05 2025 by rpki-client