Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json)
Hash identifier: 0ljiybBSbLbA7+w47Vo6IQwuuOUgJl/0960oBtVTC0w=
Subject key identifier: 91:59:A1:3F:55:72:33:D0:A6:D9:30:2A:6D:1D:4E:2F:4E:D2:53:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B458057E5CA03541658DA13EC4B843FBCFEA5DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
Signing time: Fri 23 May 2025 00:40:04 +0000
ROA not before: Fri 23 May 2025 00:40:04 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:45:80:57:e5:ca:03:54:16:58:da:13:ec:4b:84:3f:bc:fe:a5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:04 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=72982f3fa60e1781687f27e2e3fae289e6539e6d5bb9691c1ea178ef7a4cbf88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:55:fc:21:9b:83:41:e2:9f:10:ca:ef:d3:ac:
0b:08:47:5d:be:f6:7f:17:5f:4f:c7:29:ea:05:f2:
64:42:34:5a:30:6d:d3:3e:c7:6b:7b:a3:2b:19:3b:
1d:6a:6a:6c:02:90:62:20:11:cb:1f:70:0c:47:24:
93:66:21:8e:f3:a7:93:ef:60:8e:62:28:5d:95:f4:
85:be:5a:8f:5e:0b:37:73:95:d2:f3:e4:85:d4:70:
d1:ff:4b:3a:98:b0:52:56:16:ad:ac:b3:22:53:41:
6c:d7:6d:a9:d1:de:00:9f:5c:94:89:ee:a7:d0:9f:
43:d4:ee:3c:67:19:0c:c6:2d:c0:3a:2d:4f:d8:f0:
90:66:13:43:01:52:63:1a:28:42:90:6d:7d:f7:17:
40:53:9b:da:bf:63:4b:22:e7:b4:80:99:c5:b0:40:
c4:b3:dd:b7:43:80:e4:26:7e:7e:49:44:11:12:09:
1d:98:dc:de:be:be:88:9e:04:5b:b3:b6:52:48:f1:
e5:5f:28:4d:10:a2:a0:98:5d:62:e4:8a:e5:3d:77:
18:64:63:81:f0:f1:53:a4:e2:85:61:57:ae:67:8b:
2b:c1:ef:27:18:2d:24:24:75:f3:ae:63:1b:72:d1:
1c:8d:14:29:a6:32:37:f6:a6:79:f8:7e:34:7c:fd:
44:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:59:A1:3F:55:72:33:D0:A6:D9:30:2A:6D:1D:4E:2F:4E:D2:53:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:c000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:9e:59:11:1c:87:4f:5e:47:3f:95:71:89:94:e0:44:0e:82:
91:09:b4:5e:8d:11:60:c6:f3:24:68:ab:7a:7a:9b:d8:fa:34:
f5:52:ab:cb:3c:a6:ab:01:6b:f6:50:31:74:fd:12:08:6d:b6:
b9:1f:84:a8:bd:2a:fa:0c:d3:38:9f:28:48:fe:82:89:70:37:
95:3d:37:e7:5c:05:e8:08:26:ab:e3:29:f1:13:3e:5a:d7:50:
4c:d3:23:7c:d3:7d:2f:a2:a1:df:f2:53:5c:a4:84:5a:d2:4c:
15:a8:95:08:f2:3d:95:c3:26:95:11:d7:38:d4:88:b8:51:ba:
15:96:b3:0b:32:54:d5:df:13:fb:87:98:78:71:96:8e:0c:a2:
66:dc:8d:a9:34:52:06:24:4a:0d:e8:cc:8a:99:91:c1:8f:5a:
79:67:37:be:b1:ad:bb:7e:31:8d:56:6e:f3:58:0c:3e:40:bb:
07:47:da:0d:9a:77:ad:90:65:52:c5:42:0c:de:c7:bf:0e:3a:
ee:55:f2:93:4d:d1:96:14:68:e6:0f:60:d2:0a:97:1f:34:ea:
1b:4a:d7:2f:42:c7:9a:14:e5:94:a1:35:b4:26:44:ff:ba:a8:
8b:0f:08:d5:f9:f8:79:87:4d:21:ea:2a:e7:7e:0f:4d:5b:01:
d7:2c:44:52
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW0WAV+XKA1QWWNoT7EuEP7z+pd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMDRaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyOTgyZjNmYTYwZTE3ODE2ODdmMjdlMmUzZmFlMjg5ZTY1MzllNmQ1YmI5
NjkxYzFlYTE3OGVmN2E0Y2JmODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5V/CGbg0HinxDK79OsCwhHXb72fxdfT8cp6gXyZEI0WjBt0z7Ha3ujKxk7
HWpqbAKQYiARyx9wDEckk2YhjvOnk+9gjmIoXZX0hb5aj14LN3OV0vPkhdRw0f9L
OpiwUlYWrayzIlNBbNdtqdHeAJ9clInup9CfQ9TuPGcZDMYtwDotT9jwkGYTQwFS
YxooQpBtffcXQFOb2r9jSyLntICZxbBAxLPdt0OA5CZ+fklEERIJHZjc3r6+iJ4E
W7O2Ukjx5V8oTRCioJhdYuSK5T13GGRjgfDxU6TihWFXrmeLK8HvJxgtJCR1865j
G3LRHI0UKaYyN/amefh+NHz9RKkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSRWaE/
VXIz0KbZMCptHU4vTtJTbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA
MA0GCSqGSIb3DQEBCwUAA4IBAQDHnlkRHIdPXkc/lXGJlOBEDoKRCbRejRFgxvMk
aKt6epvY+jT1UqvLPKarAWv2UDF0/RIIbba5H4SovSr6DNM4nyhI/oKJcDeVPTfn
XAXoCCar4ynxEz5a11BM0yN8030voqHf8lNcpIRa0kwVqJUI8j2VwyaVEdc41Ii4
UboVlrMLMlTV3xP7h5h4cZaODKJm3I2pNFIGJEoN6MyKmZHBj1p5Zze+sa27fjGN
Vm7zWAw+QLsHR9oNmnetkGVSxUIM3se/DjruVfKTTdGWFGjmD2DSCpcfNOobStcv
QseaFOWUoTW0JkT/uqiLDwjV+fh5h00h6irnfg9NWwHXLERS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:55:01 2025 by rpki-client