Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
File: 50253a85-74b2-4a74-ab18-15a98f3496b2.roa (raw, json)
Hash identifier: JXZhSXXgfs2kVWOd4wcK4z8NaEE95Po8mjluABQ1ql8=
Subject key identifier: 29:5D:DA:83:29:FE:DA:41:B2:E9:0B:BC:1B:7D:D5:8E:90:52:92:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DB8ADE1806D5D9279300D817C534D7968064CBA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
Signing time: Tue 20 May 2025 20:01:28 +0000
ROA not before: Tue 20 May 2025 20:01:28 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:b8:ad:e1:80:6d:5d:92:79:30:0d:81:7c:53:4d:79:68:06:4c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:28 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4e3d7349353881c0ba01c3a3b2e0ff3e552c146721c5d982697037b7066ec43d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a1:c7:18:7e:ef:92:2f:3f:b2:07:9b:28:f3:
24:da:55:f7:33:bf:b2:ae:3d:86:49:74:66:0f:8e:
7b:ea:d9:9a:a2:36:d1:4d:90:01:5b:c0:a8:df:27:
0f:0f:4d:35:7f:af:a2:d2:df:c6:35:b7:f6:1a:76:
fc:35:73:2d:b5:86:e3:e5:4f:1f:94:8a:20:b9:b4:
6e:f0:4a:bc:40:a3:22:bf:09:92:5c:55:b4:2c:38:
a4:43:56:36:74:ef:43:ee:b7:1c:bc:dd:69:10:a6:
8a:1c:e1:07:1e:7a:ab:e9:e4:1a:70:fb:b5:e9:8b:
fe:69:9d:1c:1a:7c:67:a1:1f:5c:d7:b6:a9:e8:68:
e4:ac:9f:76:7e:0d:32:88:c4:19:3e:a4:be:2f:f5:
92:ec:79:36:54:57:61:9c:ba:55:4d:cb:00:ac:ce:
91:e7:3b:64:00:77:00:d3:c2:e8:b4:9c:42:fc:b0:
6c:e6:0c:8c:1b:f3:cc:ee:dd:90:0c:35:67:23:90:
fe:7e:7f:79:aa:94:25:31:37:61:01:75:6f:11:f5:
cb:27:51:22:d7:a2:b6:65:bd:77:ec:c7:e4:d6:f1:
db:aa:80:77:5e:9f:81:57:e2:ee:ac:c7:2f:c5:d6:
eb:4f:88:1b:6c:0f:fb:ea:a2:73:e7:dd:a9:bc:29:
e4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5D:DA:83:29:FE:DA:41:B2:E9:0B:BC:1B:7D:D5:8E:90:52:92:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:8000::/40
Signature Algorithm: sha256WithRSAEncryption
83:1a:4b:b7:97:6b:09:b5:f8:05:b9:b6:e7:b4:fd:fa:3e:1b:
7e:83:6e:02:64:e5:87:0c:c4:e3:52:42:2c:9e:d6:4d:b2:db:
c5:03:e4:aa:0b:43:f7:79:e7:b0:2b:d6:89:92:0d:c2:96:b7:
7c:e2:a9:00:31:1e:cb:7b:5c:49:b6:27:bf:95:b8:19:a4:0b:
a8:5a:dd:79:b8:aa:67:8e:21:ea:9b:fa:c2:4d:fb:61:58:34:
de:04:3e:02:18:49:09:b0:be:12:dc:cc:73:44:a8:5e:ca:d2:
de:f1:8b:26:c4:eb:b5:37:63:ff:da:3c:b2:da:b7:81:6f:63:
ca:d8:6f:06:93:7d:d5:80:6f:eb:13:9b:f9:de:11:42:21:1d:
ef:78:d3:53:44:a1:9d:60:94:fa:eb:65:8a:b0:53:a3:4b:e2:
53:26:4b:f6:98:6e:ae:f6:10:dc:2f:c3:96:c0:34:41:80:1a:
1f:10:1f:47:64:de:ff:be:ae:cb:fd:dd:be:4d:e5:da:63:da:
ec:fe:dc:d8:e2:13:a9:b3:8a:49:9e:25:de:fa:7a:d5:28:1d:
03:47:46:2f:3f:eb:6f:d6:ad:a0:54:f4:ef:72:c2:9e:66:37:
f5:08:c7:b0:22:ad:c7:03:0d:9b:c8:57:e1:37:15:59:3d:d7:
b8:67:90:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTbit4YBtXZJ5MA2BfFNNeWgGTLowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMjhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlM2Q3MzQ5MzUzODgxYzBiYTAxYzNhM2IyZTBmZjNlNTUyYzE0NjcyMWM1
ZDk4MjY5NzAzN2I3MDY2ZWM0M2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJShxxh+75IvP7IHmyjzJNpV9zO/sq49hkl0Zg+Oe+rZmqI20U2QAVvAqN8n
Dw9NNX+votLfxjW39hp2/DVzLbWG4+VPH5SKILm0bvBKvECjIr8JklxVtCw4pENW
NnTvQ+63HLzdaRCmihzhBx56q+nkGnD7temL/mmdHBp8Z6EfXNe2qeho5Kyfdn4N
MojEGT6kvi/1kux5NlRXYZy6VU3LAKzOkec7ZAB3ANPC6LScQvywbOYMjBvzzO7d
kAw1ZyOQ/n5/eaqUJTE3YQF1bxH1yydRIteitmW9d+zH5Nbx26qAd16fgVfi7qzH
L8XW60+IG2wP++qic+fdqbwp5JkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpXdqD
Kf7aQbLpC7wbfdWOkFKSrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTAyNTNhODUtNzRiMi00YTc0LWFiMTgtMTVhOThmMzQ5NmIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWA
MA0GCSqGSIb3DQEBCwUAA4IBAQCDGku3l2sJtfgFubbntP36Pht+g24CZOWHDMTj
UkIsntZNstvFA+SqC0P3eeewK9aJkg3Clrd84qkAMR7Le1xJtie/lbgZpAuoWt15
uKpnjiHqm/rCTfthWDTeBD4CGEkJsL4S3MxzRKheytLe8YsmxOu1N2P/2jyy2reB
b2PK2G8Gk33VgG/rE5v53hFCIR3veNNTRKGdYJT662WKsFOjS+JTJkv2mG6u9hDc
L8OWwDRBgBofEB9HZN7/vq7L/d2+TeXaY9rs/tzY4hOps4pJniXe+nrVKB0DR0Yv
P+tv1q2gVPTvcsKeZjf1CMewIq3HAw2byFfhNxVZPde4Z5BZ
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:12 2025 by rpki-client