Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json)
Hash identifier: /tI334ErRd9pZ4GbDY87godeTzRVsKX8Wv1pDWTSRRw=
Subject key identifier: 2D:98:4C:1C:5F:0C:F5:DC:A1:F1:2C:61:F9:1C:7E:7B:A9:9D:AF:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14353CF79925FD8B8DCFF0677A712FBB17DD1277
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
Signing time: Tue 20 May 2025 20:20:04 +0000
ROA not before: Tue 20 May 2025 20:20:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:35:3c:f7:99:25:fd:8b:8d:cf:f0:67:7a:71:2f:bb:17:dd:12:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:20:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=eced51df6b6012806c6b7a55729428d5e784f11a4c36b57832d84cdfb8090362, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1d:63:88:aa:ab:28:73:86:cf:e9:5f:df:23:
3f:43:d6:c2:11:b4:a8:f6:dc:3d:98:d9:0a:23:38:
8d:60:84:a7:9c:3b:f8:af:ee:5e:ee:03:bb:16:bd:
56:43:51:39:e6:d8:af:ba:8f:05:b3:12:6d:41:da:
30:bc:5e:e7:a3:49:32:7e:e2:5a:f5:5d:d1:0b:6a:
82:ca:fc:23:41:12:54:6d:89:d6:58:e7:9e:fa:43:
e5:34:c6:41:a3:20:22:26:3c:97:96:7f:1e:c4:2a:
b0:4e:c9:0a:7a:4e:66:83:23:07:38:bf:f3:9c:23:
91:ec:f4:8d:50:68:33:53:41:ce:3f:3a:53:79:c8:
0a:8a:f8:db:a5:00:b8:44:43:11:b4:e4:02:56:a6:
4c:6b:46:0e:8b:c6:ea:ae:e5:01:8d:73:2b:7f:4b:
21:68:b6:bf:5c:f7:25:17:c6:79:c1:34:a7:21:f9:
e0:e9:d0:69:22:01:ee:e4:8c:a1:f8:8d:49:d4:ee:
cf:2e:9f:c8:e7:85:63:fa:95:bf:f5:1d:ee:ca:ca:
f9:e9:30:0e:72:70:99:aa:81:83:61:88:b9:e3:ed:
9e:54:e8:9d:16:9c:05:1b:5b:4b:e2:a0:db:32:50:
9a:f2:4a:2f:5f:f2:1a:05:8e:35:e3:6c:c7:24:ef:
b6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:98:4C:1C:5F:0C:F5:DC:A1:F1:2C:61:F9:1C:7E:7B:A9:9D:AF:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:c00::/38
Signature Algorithm: sha256WithRSAEncryption
7d:16:82:1d:7e:de:f7:d7:ce:b0:28:1c:ba:58:e2:3a:aa:99:
e9:58:b9:43:35:8e:84:c5:16:74:37:9b:b9:13:31:a4:b1:6c:
23:04:c2:1b:4c:1a:b0:96:02:12:15:34:80:c2:a7:c8:ea:e8:
77:9b:67:25:0c:07:55:66:2c:6c:2a:32:55:4e:27:4b:f6:ab:
fc:eb:59:15:91:9f:e6:63:28:98:18:26:ea:9e:d2:30:57:1e:
bf:ba:f6:b9:60:99:bc:f6:33:0e:10:4e:e1:a4:7e:ec:8c:8d:
3c:74:4b:fd:79:af:08:71:3e:e3:41:1b:8d:ec:8a:19:df:93:
c9:96:a4:5f:d9:df:f5:58:66:a4:b1:5a:15:37:ce:d2:86:c3:
2f:c5:74:42:d5:0a:11:e6:95:0e:f1:32:31:ec:5f:6e:0a:a6:
7c:aa:15:31:7c:bb:81:0a:ec:ef:ce:3c:16:d4:27:36:39:e3:
01:43:10:31:f4:e0:ec:e4:98:fb:16:d6:da:e8:e9:12:5b:25:
31:e4:47:3d:f1:9c:9f:18:83:13:10:d1:54:6c:4c:90:f4:24:
24:01:f1:08:28:78:e0:7a:9a:bf:31:32:96:16:a0:4d:7f:0c:
8b:02:67:9f:7f:3e:60:fc:93:88:b3:95:c8:e1:01:9f:5f:97:
38:21:b2:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFDU895kl/YuNz/BnenEvuxfdEncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIwMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjZWQ1MWRmNmI2MDEyODA2YzZiN2E1NTcyOTQyOGQ1ZTc4NGYxMWE0YzM2
YjU3ODMyZDg0Y2RmYjgwOTAzNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcdY4iqqyhzhs/pX98jP0PWwhG0qPbcPZjZCiM4jWCEp5w7+K/uXu4Duxa9
VkNROebYr7qPBbMSbUHaMLxe56NJMn7iWvVd0Qtqgsr8I0ESVG2J1ljnnvpD5TTG
QaMgIiY8l5Z/HsQqsE7JCnpOZoMjBzi/85wjkez0jVBoM1NBzj86U3nICor426UA
uERDEbTkAlamTGtGDovG6q7lAY1zK39LIWi2v1z3JRfGecE0pyH54OnQaSIB7uSM
ofiNSdTuzy6fyOeFY/qVv/Ud7srK+ekwDnJwmaqBg2GIuePtnlTonRacBRtbS+Kg
2zJQmvJKL1/yGgWONeNsxyTvthsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQtmEwc
Xwz13KHxLGH5HH57qZ2vVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M
MA0GCSqGSIb3DQEBCwUAA4IBAQB9FoIdft73186wKBy6WOI6qpnpWLlDNY6ExRZ0
N5u5EzGksWwjBMIbTBqwlgISFTSAwqfI6uh3m2clDAdVZixsKjJVTidL9qv861kV
kZ/mYyiYGCbqntIwVx6/uva5YJm89jMOEE7hpH7sjI08dEv9ea8IcT7jQRuN7IoZ
35PJlqRf2d/1WGaksVoVN87ShsMvxXRC1QoR5pUO8TIx7F9uCqZ8qhUxfLuBCuzv
zjwW1Cc2OeMBQxAx9ODs5Jj7Ftba6OkSWyUx5Ec98ZyfGIMTENFUbEyQ9CQkAfEI
KHjgepq/MTKWFqBNfwyLAmeffz5g/JOIs5XI4QGfX5c4IbIz
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:24 2025 by rpki-client