Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
File: 4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa (raw, json)
Hash identifier: skl9M3oSihljLpWK2c8af5s5IzKt6wLHsgXLjjbbDTM=
Subject key identifier: A4:71:25:D8:EE:B9:48:1E:1A:07:67:BE:30:0C:3F:50:2E:15:50:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69941E542A929C1FDF781E7ABA4280E723717ED3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
Signing time: Tue 20 May 2025 20:31:24 +0000
ROA not before: Tue 20 May 2025 20:31:24 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:94:1e:54:2a:92:9c:1f:df:78:1e:7a:ba:42:80:e7:23:71:7e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:31:24 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=73630f227b9daadddc6439ec01b0214be1b9fb712135192bbab1710da6493be5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ee:b3:fe:e9:7a:18:09:35:52:2d:83:57:52:
c9:0c:0c:fb:d3:3e:2f:3b:90:bd:de:2f:d9:e0:0d:
bc:e5:9b:58:bc:99:98:73:aa:69:a7:09:cd:26:19:
88:98:e4:e7:4e:39:3c:ee:ac:6c:da:a8:de:36:84:
33:c3:62:c0:40:8e:91:d7:c7:6a:37:ea:30:e1:db:
ae:b3:45:ed:01:74:46:da:c7:19:a3:78:e5:2b:df:
04:d2:73:d3:e6:6d:c8:d1:f1:fb:8a:f7:cc:32:dc:
95:c1:0d:19:9e:84:12:aa:6a:5e:4a:d8:3d:a8:ce:
b3:7d:91:92:2d:3c:b0:c9:b9:e0:c7:00:b5:86:a0:
fa:98:bd:5c:d1:19:e9:e5:e0:ff:a3:87:b5:a0:2e:
3b:43:70:52:57:60:82:a1:e7:a9:76:1c:d9:f7:0f:
bd:05:9f:02:45:4d:02:f4:7b:2b:25:24:e0:99:3f:
50:1a:89:db:84:e0:86:75:53:32:b8:83:c6:56:1f:
d6:0d:87:8d:90:67:79:89:0f:90:86:38:23:4c:fd:
98:16:9a:94:ab:a3:40:60:be:d5:52:d0:e0:01:da:
85:9e:9f:0d:4a:05:3d:90:fc:d3:51:f0:98:f7:a7:
6d:26:52:b9:de:a8:5a:bd:ae:b0:79:85:f0:06:55:
c2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:71:25:D8:EE:B9:48:1E:1A:07:67:BE:30:0C:3F:50:2E:15:50:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:400::/38
Signature Algorithm: sha256WithRSAEncryption
57:f1:57:00:c0:4e:a6:65:bb:fe:79:c2:1a:e3:13:7e:17:90:
96:62:44:84:e5:3e:96:ba:ce:74:91:40:f6:ba:0f:e0:47:51:
55:02:46:b8:14:cc:26:8f:bd:73:a6:04:ad:50:31:20:58:bc:
bc:ed:c0:4b:03:21:16:70:25:73:67:0d:7e:8e:fa:5d:2d:ce:
39:e0:e1:f7:3c:2b:7d:90:95:3e:94:ed:0e:09:44:bb:0c:6f:
a7:90:24:4c:7f:e1:67:05:86:35:b6:bd:a5:bf:25:f0:d5:a3:
d6:86:ee:d3:9e:b7:85:93:be:63:75:d1:30:e8:c8:75:e8:2b:
cf:6d:0e:b1:de:47:6b:6d:78:17:4a:29:9a:06:ba:7b:03:ff:
3f:81:89:cf:82:9e:e6:31:e0:76:96:d5:5b:ea:41:2a:0d:a8:
52:6b:bc:9f:ca:97:28:e3:a4:a7:8f:46:03:8c:df:a4:cc:df:
80:1d:65:b4:25:72:1d:15:2b:2f:d6:19:99:e0:58:b0:36:23:
be:f2:31:e2:70:c8:f9:de:1d:68:2c:e5:28:5f:3e:46:f4:c0:
05:0c:7b:26:3a:bd:99:16:b7:58:24:af:88:8b:e6:4d:5e:55:
f3:88:5c:93:f5:ed:06:74:4d:6f:90:57:6a:16:b6:01:ef:86:
3b:3e:43:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaZQeVCqSnB/feB56ukKA5yNxftMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMxMjRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDczNjMwZjIyN2I5ZGFhZGRkYzY0MzllYzAxYjAyMTRiZTFiOWZiNzEyMTM1
MTkyYmJhYjE3MTBkYTY0OTNiZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXus/7pehgJNVItg1dSyQwM+9M+LzuQvd4v2eANvOWbWLyZmHOqaacJzSYZ
iJjk5045PO6sbNqo3jaEM8NiwECOkdfHajfqMOHbrrNF7QF0RtrHGaN45SvfBNJz
0+ZtyNHx+4r3zDLclcENGZ6EEqpqXkrYPajOs32Rki08sMm54McAtYag+pi9XNEZ
6eXg/6OHtaAuO0NwUldggqHnqXYc2fcPvQWfAkVNAvR7KyUk4Jk/UBqJ24TghnVT
MriDxlYf1g2HjZBneYkPkIY4I0z9mBaalKujQGC+1VLQ4AHahZ6fDUoFPZD801Hw
mPenbSZSud6oWr2usHmF8AZVwrUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkcSXY
7rlIHhoHZ74wDD9QLhVQ1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEwNzc2OTktNDhjYi00MmExLTlmMWItMWU3YzlhM2FlODA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQE
MA0GCSqGSIb3DQEBCwUAA4IBAQBX8VcAwE6mZbv+ecIa4xN+F5CWYkSE5T6Wus50
kUD2ug/gR1FVAka4FMwmj71zpgStUDEgWLy87cBLAyEWcCVzZw1+jvpdLc454OH3
PCt9kJU+lO0OCUS7DG+nkCRMf+FnBYY1tr2lvyXw1aPWhu7TnreFk75jddEw6Mh1
6CvPbQ6x3kdrbXgXSimaBrp7A/8/gYnPgp7mMeB2ltVb6kEqDahSa7yfypco46Sn
j0YDjN+kzN+AHWW0JXIdFSsv1hmZ4FiwNiO+8jHicMj53h1oLOUoXz5G9MAFDHsm
Or2ZFrdYJK+Ii+ZNXlXziFyT9e0GdE1vkFdqFrYB74Y7PkP6
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:47 2025 by rpki-client