Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
File: 5767e356-231b-4b87-98ab-c496dcc2d53f.roa (raw, json)
Hash identifier: CmnyRXkyjkbO7mSanY9UkklPiNXqF4FZer0BiREUnUI=
Subject key identifier: 43:CE:15:A5:46:05:87:72:43:08:6A:36:EF:34:84:1B:C3:F9:7B:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EBC19CE51281E06F6495783F6FD2672DC378855
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
Signing time: Tue 20 May 2025 20:01:04 +0000
ROA not before: Tue 20 May 2025 20:01:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:bc:19:ce:51:28:1e:06:f6:49:57:83:f6:fd:26:72:dc:37:88:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=51d3e231e7aa01765f286abd9903fa895a243935895f337da8d9ce55ff35d9d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:17:7c:26:e0:12:62:5d:82:ca:31:f1:e1:93:
91:05:72:fe:a0:09:cb:1b:cd:70:18:31:2b:8c:6d:
65:66:40:67:44:b4:cb:37:07:c1:2a:d9:b7:a5:c9:
60:bf:c2:f4:2e:cc:b5:5e:18:6c:5a:d9:c1:07:63:
39:10:c8:cd:a2:88:a8:92:07:95:4e:df:6a:d1:31:
97:6f:6f:e3:62:b7:c5:0c:2b:bd:39:7e:cc:9b:0e:
3d:c5:89:b3:37:54:64:2f:0c:4d:6a:0b:cf:8e:7f:
a0:5f:cb:fa:8f:bd:aa:02:ac:5c:00:86:68:95:a6:
47:c4:59:b4:df:da:ec:70:84:04:a0:29:b0:c7:e4:
c2:d0:c2:d4:1b:15:7d:89:e5:7f:89:2e:c2:a8:ca:
fb:5d:74:63:06:e0:4a:f0:bf:2b:38:f8:8a:9d:f1:
7f:c3:61:1e:7d:0b:d8:af:5d:a7:78:c8:70:4d:ee:
7b:e7:27:57:5f:30:60:11:98:b6:40:1a:99:21:f0:
7a:18:50:71:74:77:b7:49:bf:12:71:e2:52:55:5c:
f6:49:c5:b1:03:53:30:7e:10:7f:95:74:a7:3d:73:
a4:f3:bb:22:e9:f1:b4:5f:1c:c7:d5:fa:c5:54:77:
67:e5:fc:47:6a:05:b7:f2:97:e7:82:aa:da:03:ac:
e6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CE:15:A5:46:05:87:72:43:08:6A:36:EF:34:84:1B:C3:F9:7B:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:c000::/40
Signature Algorithm: sha256WithRSAEncryption
92:18:57:27:2e:16:1a:6d:a2:e3:64:ac:87:c4:74:ee:8a:50:
6b:d3:a6:d2:c4:58:82:8c:99:a2:aa:be:7b:06:66:9b:7c:2f:
ba:46:c7:bf:92:9f:f0:db:99:77:af:b0:57:6e:94:49:bb:3e:
ed:57:cd:ac:4a:18:00:9e:9b:9b:2a:8c:ab:7c:22:6c:42:c2:
f4:ec:a5:2a:91:2b:71:9d:0b:b7:cc:a9:1f:49:41:b0:80:14:
db:81:92:7f:8a:59:4b:52:02:70:29:6a:6b:f3:89:85:9b:bc:
02:68:3e:f3:f6:ef:7d:2f:b0:58:43:9a:23:ec:0a:4a:37:5b:
a1:75:86:74:9e:15:88:75:7b:b7:f1:ca:52:ed:31:77:4c:67:
95:4d:83:42:8b:fe:98:31:89:bf:da:f8:b6:16:2d:f6:14:fb:
7e:6e:7e:78:d1:ca:7b:73:64:64:0b:60:ef:a6:f9:71:bb:4d:
27:b7:ce:f1:e7:66:46:53:5b:35:4e:72:64:19:b2:b6:94:6a:
34:1e:60:81:3e:87:1a:7a:b0:f3:82:3e:52:77:5e:d0:4d:e4:
f5:f0:07:58:ff:f9:30:71:e5:e0:8d:a2:d9:0e:c0:29:fb:5a:
ba:c0:6a:37:ac:36:ac:d8:ad:33:88:da:d8:ff:a2:13:83:dc:
4d:fb:9e:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDrwZzlEoHgb2SVeD9v0mctw3iFUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxZDNlMjMxZTdhYTAxNzY1ZjI4NmFiZDk5MDNmYTg5NWEyNDM5MzU4OTVm
MzM3ZGE4ZDljZTU1ZmYzNWQ5ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEXfCbgEmJdgsox8eGTkQVy/qAJyxvNcBgxK4xtZWZAZ0S0yzcHwSrZt6XJ
YL/C9C7MtV4YbFrZwQdjORDIzaKIqJIHlU7fatExl29v42K3xQwrvTl+zJsOPcWJ
szdUZC8MTWoLz45/oF/L+o+9qgKsXACGaJWmR8RZtN/a7HCEBKApsMfkwtDC1BsV
fYnlf4kuwqjK+110YwbgSvC/Kzj4ip3xf8NhHn0L2K9dp3jIcE3ue+cnV18wYBGY
tkAamSHwehhQcXR3t0m/EnHiUlVc9knFsQNTMH4Qf5V0pz1zpPO7IunxtF8cx9X6
xVR3Z+X8R2oFt/KX54Kq2gOs5rECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRDzhWl
RgWHckMIajbvNIQbw/l7xjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc2N2UzNTYtMjMxYi00Yjg3LTk4YWItYzQ5NmRjYzJkNTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSGFcnLhYabaLjZKyHxHTuilBr06bSxFiCjJmi
qr57BmabfC+6Rse/kp/w25l3r7BXbpRJuz7tV82sShgAnpubKoyrfCJsQsL07KUq
kStxnQu3zKkfSUGwgBTbgZJ/illLUgJwKWpr84mFm7wCaD7z9u99L7BYQ5oj7ApK
N1uhdYZ0nhWIdXu38cpS7TF3TGeVTYNCi/6YMYm/2vi2Fi32FPt+bn540cp7c2Rk
C2Dvpvlxu00nt87x52ZGU1s1TnJkGbK2lGo0HmCBPocaerDzgj5Sd17QTeT18AdY
//kwceXgjaLZDsAp+1q6wGo3rDas2K0ziNrY/6ITg9xN+54f
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:18 2025 by rpki-client