Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
File: 543bc67d-08f9-4a99-bf5e-68100e034395.roa (raw, json)
Hash identifier: rji9U5R8mguBD9bdy1bGAY0WKkFSPgyrfvGhAWt/QKU=
Subject key identifier: 1F:48:0F:29:C9:55:51:D0:5F:E5:65:C8:1D:28:D6:DF:29:62:41:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E351AA65FD353456F85F0B34FDAE09A500A976A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
Signing time: Tue 20 May 2025 19:01:27 +0000
ROA not before: Tue 20 May 2025 19:01:27 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:35:1a:a6:5f:d3:53:45:6f:85:f0:b3:4f:da:e0:9a:50:0a:97:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:27 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=01480ae398fe158e2611cd0f55c019253a356cfd984a5c4a51e867d75c0b5fe3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9a:eb:8d:83:4f:c7:47:c9:13:3f:71:54:cf:
5b:65:6b:c2:88:4e:dc:32:8a:a1:13:12:a8:75:fb:
e5:d1:23:b0:43:cc:e7:71:f3:e3:c4:a3:30:86:f9:
0e:68:0b:f9:c6:5f:ac:89:83:a0:1e:50:ee:ce:ec:
c5:cc:96:0f:39:b3:09:57:73:23:d3:9d:3e:db:cf:
0e:c5:ac:0f:7e:ba:ca:ae:db:b2:6f:c6:64:12:cd:
86:42:10:fb:62:03:02:2f:5c:25:7b:07:3f:bb:c6:
66:cd:c6:bb:fb:43:a4:01:a7:d5:19:f3:f0:9a:a9:
f8:3c:ec:35:ee:61:3a:6a:92:cb:9b:98:85:f4:1d:
e4:7f:02:d9:dd:66:f9:53:0c:b3:d9:38:42:1d:21:
7a:e8:d2:c6:90:4b:9b:e6:a7:bb:1e:4c:f7:d1:16:
5c:e0:67:b4:a6:ad:75:ed:b5:3d:2b:38:ff:54:c5:
b8:9f:ad:c1:36:61:6f:78:c3:28:5e:ba:7f:4a:d6:
6a:25:0a:db:41:a5:43:11:51:78:e6:4d:d8:cf:2d:
5b:2b:30:94:e5:23:34:b7:6a:08:6d:93:92:21:6f:
e8:91:ad:bb:af:19:dc:65:0a:c5:52:67:ba:f3:96:
33:de:2b:20:7d:a7:15:f2:fc:b9:82:f0:37:7b:e4:
52:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:48:0F:29:C9:55:51:D0:5F:E5:65:C8:1D:28:D6:DF:29:62:41:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4080::/48
Signature Algorithm: sha256WithRSAEncryption
36:25:4a:9c:e0:d3:9f:64:a8:f0:d6:fa:d2:16:92:b1:c0:51:
71:e6:75:a2:a0:3d:36:ae:b0:8e:46:dc:5e:d5:f2:78:0d:35:
ed:42:71:c4:47:9c:93:c3:4c:ef:e7:62:48:67:78:8b:85:07:
6b:47:91:1c:67:81:e7:f0:98:52:07:d5:8a:08:4b:0a:55:a6:
39:4b:b7:0b:41:8f:d4:45:ec:bb:c1:55:1e:7b:a6:7a:93:be:
3d:86:ee:21:14:9b:c5:c3:d5:a1:6b:3d:02:36:db:1f:68:f4:
02:98:bf:1e:ed:8a:5f:f1:d1:b3:e0:07:76:4f:c7:14:68:96:
c2:68:55:58:a1:56:9c:4b:20:15:5e:40:9e:5a:38:81:f4:b4:
ef:57:b7:da:35:e7:64:ff:b0:92:47:13:95:47:75:01:40:c4:
4c:b5:3d:15:1e:1e:a3:28:6b:81:49:ff:63:52:91:ff:d9:ac:
d9:a7:6b:86:a0:cd:d5:27:f6:32:4e:3f:88:22:83:da:0c:3c:
48:fe:6d:51:01:1d:69:82:87:88:38:36:17:3f:d3:38:06:9b:
1b:11:5e:5b:d7:59:d9:84:ba:2c:ab:a8:dd:1f:60:0c:c3:b7:
8d:b9:96:46:77:da:7f:86:78:50:f8:1d:94:b7:33:89:5d:30:
d2:3c:d2:e6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXjUapl/TU0VvhfCzT9rgmlAKl2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMjdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxNDgwYWUzOThmZTE1OGUyNjExY2QwZjU1YzAxOTI1M2EzNTZjZmQ5ODRh
NWM0YTUxZTg2N2Q3NWMwYjVmZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALia642DT8dHyRM/cVTPW2VrwohO3DKKoRMSqHX75dEjsEPM53Hz48SjMIb5
DmgL+cZfrImDoB5Q7s7sxcyWDzmzCVdzI9OdPtvPDsWsD366yq7bsm/GZBLNhkIQ
+2IDAi9cJXsHP7vGZs3Gu/tDpAGn1Rnz8Jqp+DzsNe5hOmqSy5uYhfQd5H8C2d1m
+VMMs9k4Qh0heujSxpBLm+anux5M99EWXOBntKatde21PSs4/1TFuJ+twTZhb3jD
KF66f0rWaiUK20GlQxFReOZN2M8tWyswlOUjNLdqCG2TkiFv6JGtu68Z3GUKxVJn
uvOWM94rIH2nFfL8uYLwN3vkUh8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfSA8p
yVVR0F/lZcgdKNbfKWJBSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQzYmM2N2QtMDhmOS00YTk5LWJmNWUtNjgxMDBlMDM0Mzk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
gDANBgkqhkiG9w0BAQsFAAOCAQEANiVKnODTn2So8Nb60haSscBRceZ1oqA9Nq6w
jkbcXtXyeA017UJxxEeck8NM7+diSGd4i4UHa0eRHGeB5/CYUgfVighLClWmOUu3
C0GP1EXsu8FVHnumepO+PYbuIRSbxcPVoWs9AjbbH2j0Api/Hu2KX/HRs+AHdk/H
FGiWwmhVWKFWnEsgFV5Anlo4gfS071e32jXnZP+wkkcTlUd1AUDETLU9FR4eoyhr
gUn/Y1KR/9ms2adrhqDN1Sf2Mk4/iCKD2gw8SP5tUQEdaYKHiDg2Fz/TOAabGxFe
W9dZ2YS6LKuo3R9gDMO3jbmWRnfaf4Z4UPgdlLcziV0w0jzS5g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:53 2025 by rpki-client