Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
File: 52630693-0f5d-4126-ba07-ad0c0c999660.roa (raw, json)
Hash identifier: 8ZTPZKuUG8aYP5TFoh5E89B3I7XAAh+47oWmqxmqSgs=
Subject key identifier: 25:BC:46:17:35:5C:D4:2F:F9:16:E6:C8:C1:AD:F6:4B:E7:8D:3B:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0104CD7A990D1B2DA9F6C2128CF1EE63B0401D4D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
Signing time: Tue 20 May 2025 20:01:37 +0000
ROA not before: Tue 20 May 2025 20:01:37 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:04:cd:7a:99:0d:1b:2d:a9:f6:c2:12:8c:f1:ee:63:b0:40:1d:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:37 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2cdaeac903fc09527a21b1355a7afa0fff3e82940202c49eb4086d9aa46904e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:57:6e:64:1d:28:db:6c:12:8f:7c:23:01:2e:
7d:fe:1b:54:12:84:99:61:0a:8d:07:c1:6b:de:c0:
b7:a3:10:fe:20:ec:a9:38:ee:fb:25:f5:4b:1e:a3:
ab:93:61:54:a3:1c:d9:ba:b4:6e:aa:7f:bb:b2:74:
cc:fb:73:62:19:93:ee:5f:fc:84:58:d2:26:05:54:
30:d1:bd:8b:87:11:00:4e:69:f0:d4:fd:74:3a:fe:
44:5c:20:91:1e:87:f7:91:a8:71:76:70:0c:7e:20:
23:5e:27:7c:f7:7a:b8:63:61:83:b1:9f:15:12:e4:
fd:5d:51:97:3e:57:7e:87:05:0d:d8:36:e8:87:f4:
f7:0a:31:b8:b7:f8:68:b9:fe:c8:d4:38:fe:e6:1b:
57:6a:5d:70:24:92:97:7e:77:e8:89:f7:d1:4b:7b:
df:7a:9e:88:bd:47:64:10:51:03:21:69:b1:77:34:
54:49:19:a2:1c:16:72:0e:dd:20:cd:a8:0a:71:7c:
78:6a:9f:1d:ba:8e:c3:ff:f3:4b:01:ab:d7:51:71:
b4:3c:e3:f4:fa:dd:1b:74:5f:50:ed:7e:92:07:22:
51:f6:61:7a:c8:44:a7:12:22:46:2c:5c:50:d4:d9:
29:8c:49:e9:56:59:82:2e:af:da:63:d2:ac:c8:e4:
ee:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BC:46:17:35:5C:D4:2F:F9:16:E6:C8:C1:AD:F6:4B:E7:8D:3B:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:e000::/40
Signature Algorithm: sha256WithRSAEncryption
46:d9:7d:a2:ea:0b:8a:a3:ee:03:91:fa:35:64:34:06:ed:22:
dd:f2:cc:c4:a0:2c:d3:30:72:98:e0:db:ff:bc:f9:c6:d8:2e:
71:96:ef:bf:f6:98:8b:ed:40:93:f2:f8:91:a6:e3:cc:38:2a:
eb:05:93:46:74:4b:21:59:bc:21:2c:3d:2c:85:39:a8:0c:df:
b2:55:02:b6:1a:af:de:d2:a4:c4:87:d9:b3:48:3e:23:c0:a0:
d7:7e:d6:ed:3a:0f:c8:d7:93:77:2c:d4:eb:4b:16:e8:ab:35:
8a:20:c8:32:16:97:ed:9d:48:9b:7f:4f:1f:d6:b1:56:28:68:
25:3e:f5:7e:22:7d:1d:f1:da:1f:9d:bb:79:5c:34:40:f7:3f:
95:c9:c9:58:ec:c5:de:2f:25:6d:18:c9:4b:7d:ee:88:b2:91:
9e:af:9b:fc:b6:45:db:da:33:d8:40:ed:c6:8b:fc:48:e3:57:
7a:8d:c9:e6:b9:d7:c3:5a:ab:d1:f1:cd:7d:34:c1:f2:0e:73:
91:88:1d:98:5b:a7:0c:ac:58:f1:49:2e:d3:52:db:91:2e:8f:
24:b7:8d:19:6e:17:a6:c9:61:74:ca:20:f7:54:8a:ca:6a:4f:
e5:f0:4a:19:c9:89:03:83:00:a2:f3:24:7a:7d:ef:7b:56:3d:
ed:10:3c:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAQTNepkNGy2p9sISjPHuY7BAHU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMzdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjZGFlYWM5MDNmYzA5NTI3YTIxYjEzNTVhN2FmYTBmZmYzZTgyOTQwMjAy
YzQ5ZWI0MDg2ZDlhYTQ2OTA0ZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpXbmQdKNtsEo98IwEuff4bVBKEmWEKjQfBa97At6MQ/iDsqTju+yX1Sx6j
q5NhVKMc2bq0bqp/u7J0zPtzYhmT7l/8hFjSJgVUMNG9i4cRAE5p8NT9dDr+RFwg
kR6H95GocXZwDH4gI14nfPd6uGNhg7GfFRLk/V1Rlz5XfocFDdg26If09woxuLf4
aLn+yNQ4/uYbV2pdcCSSl3536In30Ut733qeiL1HZBBRAyFpsXc0VEkZohwWcg7d
IM2oCnF8eGqfHbqOw//zSwGr11FxtDzj9PrdG3RfUO1+kgciUfZheshEpxIiRixc
UNTZKYxJ6VZZgi6v2mPSrMjk7nMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQlvEYX
NVzUL/kW5sjBrfZL5407aTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI2MzA2OTMtMGY1ZC00MTI2LWJhMDctYWQwYzBjOTk5NjYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHg
MA0GCSqGSIb3DQEBCwUAA4IBAQBG2X2i6guKo+4Dkfo1ZDQG7SLd8szEoCzTMHKY
4Nv/vPnG2C5xlu+/9piL7UCT8viRpuPMOCrrBZNGdEshWbwhLD0shTmoDN+yVQK2
Gq/e0qTEh9mzSD4jwKDXftbtOg/I15N3LNTrSxboqzWKIMgyFpftnUibf08f1rFW
KGglPvV+In0d8dofnbt5XDRA9z+VyclY7MXeLyVtGMlLfe6IspGer5v8tkXb2jPY
QO3Gi/xI41d6jcnmudfDWqvR8c19NMHyDnORiB2YW6cMrFjxSS7TUtuRLo8kt40Z
bhemyWF0yiD3VIrKak/l8EoZyYkDgwCi8yR6fe97Vj3tEDy/
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:38 2025 by rpki-client