Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
File: 55ba2d71-c4db-41f1-a648-b39b354abfa6.roa (raw, json)
Hash identifier: 1znZOtGtZ/TxDOrye/yG3V4YTX/F0RITibPFXvweGAA=
Subject key identifier: 7F:41:A1:8B:60:28:DE:7C:4A:61:CD:50:4F:60:9F:D7:03:0F:96:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 211CA316BCDB85097F69C7D237D442C48EC2EA25
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
Signing time: Tue 20 May 2025 20:01:11 +0000
ROA not before: Tue 20 May 2025 20:01:11 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:1c:a3:16:bc:db:85:09:7f:69:c7:d2:37:d4:42:c4:8e:c2:ea:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:11 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cf6cb4e21f8c3902b417edeb9903d061c7ea94aecb49d6ae64aa5c7582bc9097, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7a:b8:2d:52:a9:bb:60:a2:61:09:38:0f:f4:
24:5c:b4:52:42:bd:a2:0c:85:1d:63:ae:b1:a7:6a:
09:ee:04:8b:ea:1f:2a:6b:76:e2:8d:5a:29:39:a4:
7e:22:0a:52:0a:8a:5e:0a:6b:b6:cf:28:d7:40:78:
e2:ac:60:58:52:21:3c:8c:1b:1b:2c:60:ee:ce:cd:
19:2c:1b:a5:e4:8a:b3:4a:ad:e8:74:76:bb:9a:53:
44:06:d3:95:f3:35:fd:f7:e8:32:03:7d:1c:35:64:
86:ad:98:6c:c2:c1:ae:c8:e2:8d:da:1b:9a:11:10:
84:9a:bc:f3:57:26:35:da:e8:b4:42:9c:bb:7b:f6:
85:56:ea:b1:d4:18:8a:bc:1e:1a:19:5d:53:41:16:
c1:9b:55:64:b1:f5:70:b2:a8:b0:27:90:2f:96:5a:
b1:42:82:53:d9:bc:f3:05:48:18:eb:63:f0:76:9d:
80:73:31:39:52:7a:a7:c9:8d:73:bf:92:07:00:27:
aa:42:eb:7e:12:42:b6:cc:e8:d9:c5:20:67:ec:39:
d8:44:20:e3:54:d6:46:c1:ca:9a:ba:a1:45:dc:91:
6f:d8:3f:e3:16:ba:fc:6e:9e:7f:f2:ad:84:53:33:
1c:a1:05:24:c4:18:aa:a0:30:7a:3e:b9:9d:b7:d0:
ad:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:41:A1:8B:60:28:DE:7C:4A:61:CD:50:4F:60:9F:D7:03:0F:96:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:8000::/40
Signature Algorithm: sha256WithRSAEncryption
49:53:fb:ad:68:7b:14:97:bc:66:c8:0d:97:ad:8e:b2:9c:eb:
d2:f1:39:ba:de:e2:74:94:f4:ef:d2:b0:8c:d2:ed:09:f0:ee:
57:6a:5c:b2:a0:e4:df:1f:05:6e:31:b3:e2:23:2e:fd:e3:e5:
20:63:6e:bb:bb:bf:7c:8c:ae:d4:1c:21:00:a2:8c:a3:c6:f3:
5a:62:9b:76:b2:69:2f:ee:dc:bf:16:d0:f1:d2:1a:0c:06:f6:
3a:d4:e5:ef:42:a7:06:7e:4a:59:65:85:fe:47:1e:7e:3f:71:
4f:79:b2:8d:3d:27:65:43:a6:91:7c:e9:85:08:26:06:2c:e8:
53:e3:25:00:71:5b:ec:fe:ca:1d:17:d0:ac:1c:50:45:6b:8d:
f8:dd:57:0d:fa:73:93:11:db:30:16:79:a2:74:26:49:e0:77:
34:b4:fb:1e:ce:0d:b2:1e:13:f2:ff:20:b7:43:c4:37:79:b4:
7a:c5:0b:7c:99:85:4c:95:9e:a0:51:b9:0d:e9:b5:4f:44:f3:
31:87:6a:16:cc:64:8f:99:1e:87:9a:19:08:fc:8c:09:9e:15:
d2:4e:de:bf:d9:38:46:4b:4d:d8:a9:d8:9b:79:70:b3:fb:c3:
ee:b7:a9:2a:55:64:62:47:28:d5:04:1d:f2:8a:66:0b:51:9d:
b7:8d:50:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIRyjFrzbhQl/acfSN9RCxI7C6iUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMTFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNmNiNGUyMWY4YzM5MDJiNDE3ZWRlYjk5MDNkMDYxYzdlYTk0YWVjYjQ5
ZDZhZTY0YWE1Yzc1ODJiYzkwOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKN6uC1SqbtgomEJOA/0JFy0UkK9ogyFHWOusadqCe4Ei+ofKmt24o1aKTmk
fiIKUgqKXgprts8o10B44qxgWFIhPIwbGyxg7s7NGSwbpeSKs0qt6HR2u5pTRAbT
lfM1/ffoMgN9HDVkhq2YbMLBrsjijdobmhEQhJq881cmNdrotEKcu3v2hVbqsdQY
irweGhldU0EWwZtVZLH1cLKosCeQL5ZasUKCU9m88wVIGOtj8HadgHMxOVJ6p8mN
c7+SBwAnqkLrfhJCtszo2cUgZ+w52EQg41TWRsHKmrqhRdyRb9g/4xa6/G6ef/Kt
hFMzHKEFJMQYqqAwej65nbfQrSECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR/QaGL
YCjefEphzVBPYJ/XAw+W7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTViYTJkNzEtYzRkYi00MWYxLWE2NDgtYjM5YjM1NGFiZmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiA
MA0GCSqGSIb3DQEBCwUAA4IBAQBJU/utaHsUl7xmyA2XrY6ynOvS8Tm63uJ0lPTv
0rCM0u0J8O5XalyyoOTfHwVuMbPiIy794+UgY267u798jK7UHCEAooyjxvNaYpt2
smkv7ty/FtDx0hoMBvY61OXvQqcGfkpZZYX+Rx5+P3FPebKNPSdlQ6aRfOmFCCYG
LOhT4yUAcVvs/sodF9CsHFBFa4343VcN+nOTEdswFnmidCZJ4Hc0tPsezg2yHhPy
/yC3Q8Q3ebR6xQt8mYVMlZ6gUbkN6bVPRPMxh2oWzGSPmR6HmhkI/IwJnhXSTt6/
2ThGS03YqdibeXCz+8Put6kqVWRiRyjVBB3yimYLUZ23jVCk
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:30 2025 by rpki-client