Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54aaecbd-f237-4e42-9d78-c366846bfd11.roa
File: 54aaecbd-f237-4e42-9d78-c366846bfd11.roa (raw, json)
Hash identifier: fg4W2wzRqriE1Ocx8+3FHrOfFv/2kS2PeoU72X31kj8=
Subject key identifier: 0A:D7:00:EE:D8:FE:1C:FD:9B:FE:64:B8:18:54:E5:8B:0A:E9:9B:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07FD8EE7258D95348D726939B21BDCF480DD8FA0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54aaecbd-f237-4e42-9d78-c366846bfd11.roa
Signing time: Tue 20 May 2025 19:41:12 +0000
ROA not before: Tue 20 May 2025 19:41:12 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:fd:8e:e7:25:8d:95:34:8d:72:69:39:b2:1b:dc:f4:80:dd:8f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:41:12 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=6e67a533854ce260cf1df9b26a0d3f34abb02476ec2080d68e364690d3a52717, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:96:70:a6:cb:c6:9e:93:24:eb:77:3e:4b:b0:
84:ea:3b:a1:76:88:aa:28:f7:5e:2f:15:77:05:b8:
e2:92:5a:1a:b7:5f:d9:fc:1b:5d:12:b2:18:3a:15:
8c:f4:2a:0d:2e:d6:b8:d5:57:7f:32:24:a6:d8:15:
52:fd:fd:1f:d1:d2:2f:92:a0:17:fd:0b:21:9f:62:
7e:ab:a3:73:c1:45:c5:a1:be:ab:bc:46:c2:31:f3:
26:9a:de:3a:67:dd:5b:41:ee:3e:6e:b7:04:fb:07:
c4:79:e0:5b:1c:58:4b:b3:37:7b:f8:3e:f9:4c:44:
fa:76:be:d8:b4:b4:79:ab:9b:dd:b3:c9:94:73:a2:
68:54:fe:ca:63:84:41:a8:89:d7:9a:25:8e:aa:b5:
0e:82:b0:f4:1b:0f:3d:aa:60:5d:94:6e:d1:dc:00:
2d:cb:06:7a:38:cb:eb:2c:64:d2:7f:b0:cf:8c:3f:
d4:18:ed:b8:95:38:94:33:9c:db:84:50:bf:27:ba:
83:46:d8:46:56:a5:43:c6:7f:f4:a5:81:e5:ff:62:
67:08:a5:5c:1d:7d:b3:2b:3f:58:6e:2d:69:27:1c:
12:6b:64:ab:59:22:9a:b9:e7:f3:0a:54:ef:51:8b:
a5:df:75:0d:9a:7e:31:d9:50:de:1e:69:25:ee:b1:
86:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D7:00:EE:D8:FE:1C:FD:9B:FE:64:B8:18:54:E5:8B:0A:E9:9B:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54aaecbd-f237-4e42-9d78-c366846bfd11.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:a000::/40
Signature Algorithm: sha256WithRSAEncryption
3f:45:36:8f:87:24:8e:83:f0:62:dc:54:76:8c:f5:dc:26:9a:
a6:14:1c:a1:72:6c:f9:dd:38:93:7a:22:56:03:a0:c3:9c:6d:
da:c2:c5:96:4d:7b:08:08:5a:8e:e4:86:d1:84:cd:f8:92:2b:
ad:ac:6a:a8:7f:92:62:d7:ad:11:1b:de:a9:dc:08:95:ee:2b:
d1:b8:f2:9e:3b:59:d1:09:4a:f9:2f:ad:00:52:33:45:7f:e9:
d5:f0:33:d6:c6:8b:f2:de:c7:d9:21:c0:57:7b:9a:37:96:6b:
41:76:d8:c5:57:e1:5d:32:c4:f8:e8:70:90:51:5e:a3:15:20:
02:ab:68:91:5a:e1:f1:5c:62:5c:d8:a2:85:b1:3f:2b:6b:bf:
62:3f:d7:40:2c:d0:c3:43:4e:40:8c:53:bf:0a:4a:d0:aa:db:
26:86:69:9d:43:eb:7d:ea:03:fd:f9:e5:63:87:e2:e1:68:09:
68:28:d0:31:bd:3b:ed:7c:ef:9d:9d:f0:13:3e:93:49:be:8a:
4d:c2:51:f9:3b:52:70:e5:9c:07:fb:92:ad:12:2b:92:ba:48:
a7:0d:fd:41:98:54:0f:e7:5d:20:54:65:3c:51:d6:91:29:ec:
13:db:a1:73:ac:5f:5e:54:67:00:99:d9:fa:ec:1b:90:14:dc:
3e:21:d2:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB/2O5yWNlTSNcmk5shvc9IDdj6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQxMTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlNjdhNTMzODU0Y2UyNjBjZjFkZjliMjZhMGQzZjM0YWJiMDI0NzZlYzIw
ODBkNjhlMzY0NjkwZDNhNTI3MTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSWcKbLxp6TJOt3PkuwhOo7oXaIqij3Xi8VdwW44pJaGrdf2fwbXRKyGDoV
jPQqDS7WuNVXfzIkptgVUv39H9HSL5KgF/0LIZ9ifqujc8FFxaG+q7xGwjHzJpre
OmfdW0HuPm63BPsHxHngWxxYS7M3e/g++UxE+na+2LS0eaub3bPJlHOiaFT+ymOE
QaiJ15oljqq1DoKw9BsPPapgXZRu0dwALcsGejjL6yxk0n+wz4w/1BjtuJU4lDOc
24RQvye6g0bYRlalQ8Z/9KWB5f9iZwilXB19sys/WG4taSccEmtkq1kimrnn8wpU
71GLpd91DZp+MdlQ3h5pJe6xhj0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQK1wDu
2P4c/Zv+ZLgYVOWLCumbpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTRhYWVjYmQtZjIzNy00ZTQyLTlkNzgtYzM2Njg0NmJmZDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Heg
MA0GCSqGSIb3DQEBCwUAA4IBAQA/RTaPhySOg/Bi3FR2jPXcJpqmFByhcmz53TiT
eiJWA6DDnG3awsWWTXsICFqO5IbRhM34kiutrGqof5Ji160RG96p3AiV7ivRuPKe
O1nRCUr5L60AUjNFf+nV8DPWxovy3sfZIcBXe5o3lmtBdtjFV+FdMsT46HCQUV6j
FSACq2iRWuHxXGJc2KKFsT8ra79iP9dALNDDQ05AjFO/CkrQqtsmhmmdQ+t96gP9
+eVjh+LhaAloKNAxvTvtfO+dnfATPpNJvopNwlH5O1Jw5ZwH+5KtEiuSukinDf1B
mFQP510gVGU8UdaRKewT26FzrF9eVGcAmdn67BuQFNw+IdLx
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:10 2025 by rpki-client