Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
File: 455a2efe-3411-42cf-a196-73c25845d48c.roa (raw, json)
Hash identifier: kkgPRN7aaVz6QhFRrYc0GS/1tM1YI4HT8TQBna9v9bA=
Subject key identifier: 71:9C:61:75:0F:2C:2F:C5:54:8D:56:27:A5:7F:BE:24:8B:EF:A1:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 212704C62C9A7A020CEE8AE45CFD86B1F3C63476
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
Signing time: Tue 20 May 2025 20:11:06 +0000
ROA not before: Tue 20 May 2025 20:11:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:27:04:c6:2c:9a:7a:02:0c:ee:8a:e4:5c:fd:86:b1:f3:c6:34:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=681e97b1e3575bca54a31e6b7850428f03d2340d72ee9b0b83d053169281f8f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cb:27:ac:0b:57:09:c0:39:46:58:cf:39:16:
a1:bc:25:30:df:fe:dd:be:d5:a3:a6:45:2e:a5:36:
4d:08:fc:e2:7d:39:5a:5c:fb:5e:71:61:70:14:f5:
71:70:ad:fc:f8:81:50:a7:f2:f4:32:26:93:6c:34:
f8:cb:ce:b1:5e:a2:8d:5e:57:32:8a:00:36:52:48:
78:36:c6:20:0a:66:74:03:c5:58:b3:82:37:a9:43:
63:0e:46:ea:11:a3:d5:f0:1f:0e:1b:2a:9f:3a:b1:
0f:be:52:4f:0e:85:9f:eb:32:36:e9:42:3a:dd:3d:
7b:11:a6:a2:aa:bf:6f:a8:9f:a5:62:a4:ac:b6:d7:
8a:51:cf:dc:be:2f:9f:3a:86:aa:09:3f:a0:04:67:
78:c8:b8:df:c2:f6:b0:31:d5:f4:23:b0:f6:97:1a:
23:da:f2:6e:a9:46:15:87:64:d4:12:25:7d:7d:d7:
af:f7:f5:72:1a:b4:f9:87:c5:99:b1:f0:95:82:20:
b8:bd:8e:a2:4d:9e:ed:3e:f7:e3:2a:85:c2:d1:0a:
34:36:ca:fb:92:87:97:7f:31:44:95:ab:5e:cc:75:
9c:f6:8f:6a:cd:89:2f:2c:cc:4b:57:35:57:63:2a:
4c:b4:83:c7:f8:41:2c:5e:6b:0e:f9:ad:a7:dc:4c:
86:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9C:61:75:0F:2C:2F:C5:54:8D:56:27:A5:7F:BE:24:8B:EF:A1:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:2000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:7d:cd:a3:b4:4e:3e:d7:ef:d6:8e:6f:af:75:aa:42:04:30:
d6:50:08:94:95:dc:18:17:06:a9:ec:33:e8:a4:54:64:ea:39:
b2:38:90:a2:b0:f2:7d:26:7d:10:12:83:65:dd:0c:2e:59:c6:
72:54:6b:49:56:2e:9b:9a:f8:79:0d:c0:b1:88:a6:e0:42:be:
eb:c1:2e:ea:e0:bf:12:59:6e:50:ab:fc:9f:ab:8d:cb:df:3a:
63:05:16:64:e8:53:85:7d:de:3b:df:91:35:01:1f:e5:48:bb:
01:5c:18:85:63:df:74:aa:29:2f:21:40:49:ca:a7:f0:d4:36:
b2:29:ca:3c:e8:c5:a8:ed:7c:c8:e8:13:56:e6:77:b8:00:42:
c2:63:91:db:5c:8d:a6:ee:63:f6:ee:19:7a:43:86:0a:cf:48:
72:b8:d7:37:80:ea:8c:59:25:8e:f1:6a:a4:61:1f:2f:e6:7a:
0f:f8:62:c7:af:a3:93:72:b1:75:e2:a4:65:db:87:f2:e1:46:
b8:82:57:a5:b9:be:57:46:4a:10:71:5d:0d:8e:19:e1:d8:b6:
75:79:d2:33:7d:dc:2a:aa:5b:07:f5:6e:9b:65:75:80:6c:d6:
0c:b3:ff:fe:12:16:46:2c:21:50:79:32:e4:4b:f7:3b:95:38:
79:36:1a:e0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIScExiyaegIM7orkXP2GsfPGNHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MWU5N2IxZTM1NzViY2E1NGEzMWU2Yjc4NTA0MjhmMDNkMjM0MGQ3MmVl
OWIwYjgzZDA1MzE2OTI4MWY4ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDLJ6wLVwnAOUZYzzkWobwlMN/+3b7Vo6ZFLqU2TQj84n05Wlz7XnFhcBT1
cXCt/PiBUKfy9DImk2w0+MvOsV6ijV5XMooANlJIeDbGIApmdAPFWLOCN6lDYw5G
6hGj1fAfDhsqnzqxD75STw6Fn+syNulCOt09exGmoqq/b6ifpWKkrLbXilHP3L4v
nzqGqgk/oARneMi438L2sDHV9COw9pcaI9rybqlGFYdk1BIlfX3Xr/f1chq0+YfF
mbHwlYIguL2Ook2e7T734yqFwtEKNDbK+5KHl38xRJWrXsx1nPaPas2JLyzMS1c1
V2MqTLSDx/hBLF5rDvmtp9xMhh8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxnGF1
DywvxVSNVielf74ki++hNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1YTJlZmUtMzQxMS00MmNmLWExOTYtNzNjMjU4NDVkNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fgg
MA0GCSqGSIb3DQEBCwUAA4IBAQAMfc2jtE4+1+/Wjm+vdapCBDDWUAiUldwYFwap
7DPopFRk6jmyOJCisPJ9Jn0QEoNl3QwuWcZyVGtJVi6bmvh5DcCxiKbgQr7rwS7q
4L8SWW5Qq/yfq43L3zpjBRZk6FOFfd4735E1AR/lSLsBXBiFY990qikvIUBJyqfw
1DayKco86MWo7XzI6BNW5ne4AELCY5HbXI2m7mP27hl6Q4YKz0hyuNc3gOqMWSWO
8WqkYR8v5noP+GLHr6OTcrF14qRl24fy4Ua4glelub5XRkoQcV0Njhnh2LZ1edIz
fdwqqlsH9W6bZXWAbNYMs//+EhZGLCFQeTLkS/c7lTh5Nhrg
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:20 2025 by rpki-client