Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: UDi2ploSW+BJzn4Ot91x9w33DcWwRfuXPkyUX8Vse7w=
Subject key identifier: 08:57:90:FA:C4:84:E7:2C:BF:B4:AA:28:66:12:18:64:05:C7:D1:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 212FF8016C87D426D7A1F0147BB826FD461AB91D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Tue 20 May 2025 20:30:21 +0000
ROA not before: Tue 20 May 2025 20:30:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:2f:f8:01:6c:87:d4:26:d7:a1:f0:14:7b:b8:26:fd:46:1a:b9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cc47a9ad59d2bbb0f25a6e214723410930060ff630f1198be763cc21195710b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:37:db:1d:af:05:e1:c8:99:7d:35:44:65:03:
0b:85:08:19:0d:5a:8a:a1:d8:4b:22:e6:a3:cf:42:
f6:22:9a:c2:e5:76:96:f3:5a:80:43:10:36:69:40:
99:f8:58:5e:a9:40:a6:9d:9c:36:ad:03:00:e9:13:
a0:fd:8b:de:64:24:9f:b4:8e:cc:53:22:54:2c:05:
4c:e1:90:e3:e8:dc:2e:db:cc:6f:05:24:d7:e6:a6:
07:6f:fb:43:a9:6a:71:77:4c:fd:05:e1:dc:81:ff:
fd:aa:30:96:82:09:b7:b4:73:f0:51:ef:61:a0:46:
98:a6:f4:1f:c4:0b:2c:c9:05:33:34:f6:05:7e:c0:
33:20:d9:60:8c:13:56:78:5b:19:96:72:d4:56:79:
2c:2e:cd:c1:bf:d2:7e:9c:ea:ea:b8:ce:4f:46:44:
cf:f2:d4:38:15:11:0b:02:00:5f:6f:d7:d6:c9:49:
d7:5c:42:1c:1c:5e:cd:cb:68:e2:5d:ac:4d:37:d9:
39:6f:ca:06:2c:cf:30:70:70:81:bc:7f:a4:53:41:
d4:b3:5e:93:99:0c:8b:da:44:9d:13:3e:70:28:2d:
21:b4:f3:12:fe:fa:28:4e:e2:22:59:64:63:8e:dd:
78:af:f3:4f:e3:f6:f7:88:27:10:5b:5d:b3:67:2a:
da:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:57:90:FA:C4:84:E7:2C:BF:B4:AA:28:66:12:18:64:05:C7:D1:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
32:71:c6:3d:7c:7f:fc:54:f8:d0:e2:4c:10:4c:01:08:86:67:
9d:97:47:f6:ae:95:de:a0:a5:7b:6e:de:18:c0:dc:2a:a4:81:
96:67:29:9b:00:97:d6:a3:63:70:88:d4:e8:a1:80:10:60:de:
7e:e6:7b:be:1b:b9:8f:46:b8:f7:50:2f:1d:32:5e:69:54:c1:
7f:89:67:38:13:e8:c9:9b:78:da:89:cf:09:69:d7:d7:3d:62:
c0:16:73:28:18:d3:63:d9:c7:60:cd:d6:25:66:93:cf:04:65:
06:46:8a:22:10:82:ba:25:9c:92:53:ce:e8:c4:8b:70:0e:2e:
bd:f0:ee:ba:97:83:15:f0:96:bb:0e:24:3e:a8:9e:40:97:b5:
ad:41:28:b6:ce:58:68:ae:78:ee:54:f5:5d:db:57:00:5c:4b:
ad:3a:89:b0:3a:d1:5a:5a:c9:2e:97:36:1e:ee:68:a5:ea:9c:
49:b5:5f:70:83:70:39:af:1b:f9:27:9a:b5:23:84:81:a6:1f:
73:6f:17:93:86:55:ce:c4:dc:68:71:1b:cb:65:d9:22:b1:38:
35:60:f9:f1:55:19:f2:99:92:00:3d:bf:45:67:dc:22:8b:a9:
dd:0b:96:48:36:00:38:5e:da:02:91:71:95:cd:d0:f8:d1:99:
db:64:cf:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIS/4AWyH1CbXofAUe7gm/UYauR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjNDdhOWFkNTlkMmJiYjBmMjVhNmUyMTQ3MjM0MTA5MzAwNjBmZjYzMGYx
MTk4YmU3NjNjYzIxMTk1NzEwYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALg32x2vBeHImX01RGUDC4UIGQ1aiqHYSyLmo89C9iKawuV2lvNagEMQNmlA
mfhYXqlApp2cNq0DAOkToP2L3mQkn7SOzFMiVCwFTOGQ4+jcLtvMbwUk1+amB2/7
Q6lqcXdM/QXh3IH//aowloIJt7Rz8FHvYaBGmKb0H8QLLMkFMzT2BX7AMyDZYIwT
VnhbGZZy1FZ5LC7Nwb/Sfpzq6rjOT0ZEz/LUOBURCwIAX2/X1slJ11xCHBxezcto
4l2sTTfZOW/KBizPMHBwgbx/pFNB1LNek5kMi9pEnRM+cCgtIbTzEv76KE7iIllk
Y47deK/zT+P294gnEFtds2cq2rcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQIV5D6
xITnLL+0qihmEhhkBcfRCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQAyccY9fH/8VPjQ4kwQTAEIhmedl0f2rpXeoKV7
bt4YwNwqpIGWZymbAJfWo2NwiNTooYAQYN5+5nu+G7mPRrj3UC8dMl5pVMF/iWc4
E+jJm3jaic8JadfXPWLAFnMoGNNj2cdgzdYlZpPPBGUGRooiEIK6JZySU87oxItw
Di698O66l4MV8Ja7DiQ+qJ5Al7WtQSi2zlhornjuVPVd21cAXEutOomwOtFaWsku
lzYe7mil6pxJtV9wg3A5rxv5J5q1I4SBph9zbxeThlXOxNxocRvLZdkisTg1YPnx
VRnymZIAPb9FZ9wii6ndC5ZINgA4XtoCkXGVzdD40ZnbZM8L
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:48 2025 by rpki-client