Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
File: 541034be-1844-4bf7-9c43-91bf5b83fa3d.roa (raw, json)
Hash identifier: +/vAMKuzT1uGrQHs/WotoBrL5xhOpmbx3Szlx/j6Q78=
Subject key identifier: 6E:E2:E6:CB:04:2F:28:16:DB:F6:E2:E6:98:9F:46:54:8C:C2:62:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A859C83955BEF2984ED6B23CBCAC5ABBB70B079
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
Signing time: Fri 06 Jun 2025 15:01:04 +0000
ROA not before: Fri 06 Jun 2025 15:01:04 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:85:9c:83:95:5b:ef:29:84:ed:6b:23:cb:ca:c5:ab:bb:70:b0:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:01:04 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=b6a2c799f302d477c25eac7839d80de1b41bd05439a33551e973fe7a07e64996, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2f:b7:d1:d9:fe:38:00:eb:76:e1:2a:c8:0b:
d3:1e:01:a8:28:fb:50:40:f0:95:22:41:1b:c1:3f:
2e:21:93:6a:45:e6:fb:90:92:24:fa:46:cb:1b:c4:
cc:46:ab:c0:46:db:ca:8f:c9:6d:12:8c:de:f0:39:
0b:a7:14:e2:26:db:78:dd:c1:3f:3d:34:5c:c6:72:
db:17:3d:9d:04:ad:ff:ac:14:64:a4:92:7f:89:b9:
e9:ce:52:46:d8:0c:b1:79:7e:2b:29:c8:2a:7a:18:
30:2e:58:e7:43:23:e7:0a:cb:5f:a5:1e:d3:78:2f:
d3:04:b1:d6:14:43:24:11:1e:09:3d:5d:f2:f2:18:
d4:be:29:87:58:83:49:92:12:77:01:60:02:22:75:
0f:00:6d:66:6f:fd:a9:94:4d:a9:07:e7:78:3a:ac:
c9:ee:ff:f5:95:05:20:21:27:86:df:84:08:ba:92:
4b:39:63:c5:13:be:90:1e:9a:e5:90:51:f2:e4:78:
d4:bb:bc:ac:bd:c4:a3:70:9d:75:a7:37:7c:15:42:
7d:be:59:9e:da:1c:e2:25:f2:bd:67:9c:a7:71:69:
84:90:cf:bd:33:ae:9d:16:8d:95:fd:15:45:e7:13:
0b:2b:c7:81:1c:12:75:90:39:ff:c9:37:a9:e5:c9:
8c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E2:E6:CB:04:2F:28:16:DB:F6:E2:E6:98:9F:46:54:8C:C2:62:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:19:73:b9:99:22:66:0b:92:89:f1:86:92:3b:f6:15:07:7c:
df:e8:83:59:bc:4c:21:cd:49:09:69:75:62:35:c7:72:85:d8:
d4:59:73:4d:49:85:d9:24:40:64:cc:51:73:4e:27:52:5a:bb:
de:cb:48:65:3f:10:57:65:27:6c:65:06:98:82:a8:9a:9b:1e:
08:69:61:9f:cb:15:02:a7:d3:8a:8f:f5:c6:4a:80:9d:20:26:
2a:46:39:62:4c:97:3a:86:33:a9:48:7e:f6:78:ee:89:38:40:
9c:3f:b6:3d:2a:2f:ce:98:c7:6b:dc:0c:e4:89:01:00:4c:c8:
d8:ea:57:f5:00:66:0a:16:74:70:70:c6:6e:11:8f:f4:11:29:
d6:d4:26:24:61:ef:78:f7:fc:25:77:90:53:ae:8a:80:4c:60:
24:59:be:59:55:a5:69:f7:1e:78:09:6e:4c:30:3d:92:cc:6a:
1c:ff:72:0c:a0:eb:40:67:d4:98:d3:2e:d3:45:37:00:fa:49:
90:20:ac:8c:54:3a:ae:de:fe:d2:a4:00:b8:b9:a5:6d:8d:5d:
77:d6:70:ac:95:4c:18:d2:50:71:b8:41:fa:2f:42:cd:a3:1a:
bc:b3:96:5a:4a:70:b8:81:6c:e9:16:6c:5c:ae:9a:93:f9:77:
2b:a1:6b:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGoWcg5Vb7ymE7Wsjy8rFq7twsHkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAxMDRaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2YTJjNzk5ZjMwMmQ0NzdjMjVlYWM3ODM5ZDgwZGUxYjQxYmQwNTQzOWEz
MzU1MWU5NzNmZTdhMDdlNjQ5OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMvt9HZ/jgA63bhKsgL0x4BqCj7UEDwlSJBG8E/LiGTakXm+5CSJPpGyxvE
zEarwEbbyo/JbRKM3vA5C6cU4ibbeN3BPz00XMZy2xc9nQSt/6wUZKSSf4m56c5S
RtgMsXl+KynIKnoYMC5Y50Mj5wrLX6Ue03gv0wSx1hRDJBEeCT1d8vIY1L4ph1iD
SZISdwFgAiJ1DwBtZm/9qZRNqQfneDqsye7/9ZUFICEnht+ECLqSSzljxRO+kB6a
5ZBR8uR41Lu8rL3Eo3Cddac3fBVCfb5Zntoc4iXyvWecp3FphJDPvTOunRaNlf0V
RecTCyvHgRwSdZA5/8k3qeXJjM0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRu4ubL
BC8oFtv24uaYn0ZUjMJipTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQxMDM0YmUtMTg0NC00YmY3LTljNDMtOTFiZjViODNmYTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaA
MA0GCSqGSIb3DQEBCwUAA4IBAQCfGXO5mSJmC5KJ8YaSO/YVB3zf6INZvEwhzUkJ
aXViNcdyhdjUWXNNSYXZJEBkzFFzTidSWrvey0hlPxBXZSdsZQaYgqiamx4IaWGf
yxUCp9OKj/XGSoCdICYqRjliTJc6hjOpSH72eO6JOECcP7Y9Ki/OmMdr3AzkiQEA
TMjY6lf1AGYKFnRwcMZuEY/0ESnW1CYkYe949/wld5BTroqATGAkWb5ZVaVp9x54
CW5MMD2SzGoc/3IMoOtAZ9SY0y7TRTcA+kmQIKyMVDqu3v7SpAC4uaVtjV131nCs
lUwY0lBxuEH6L0LNoxq8s5ZaSnC4gWzpFmxcrpqT+XcroWvt
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:49 2025 by rpki-client