Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
File: 57b964c4-07ca-4501-bd01-5cb8936846cc.roa (raw, json)
Hash identifier: MKOH70fa7gV7WNdKMA3SrvRJedDB4B+MCzn79aRGx+M=
Subject key identifier: 9C:1C:30:D5:0F:CE:12:D1:12:F8:2E:EA:63:2B:03:47:2D:FA:C3:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E13DBFA09B072B47522DBE663A9AE05038ABF79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
Signing time: Fri 23 May 2025 00:40:49 +0000
ROA not before: Fri 23 May 2025 00:40:49 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:13:db:fa:09:b0:72:b4:75:22:db:e6:63:a9:ae:05:03:8a:bf:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:49 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=9956d8997342cd5d4f639d9c9ba7184ad20632ffa2ee329f1888614a4333df8f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:19:4f:ac:85:45:ee:18:f1:99:d9:b0:7d:24:
1f:98:84:2e:dd:a1:05:90:e8:4d:d7:7b:da:7a:d9:
94:e5:3d:49:ff:96:89:5f:87:f4:77:55:5e:56:80:
36:ff:ab:00:ff:72:17:e1:5e:a1:13:39:0d:37:5a:
1e:bd:c0:be:85:93:c5:06:58:0a:ca:c6:5c:6e:b7:
92:2a:f8:a4:74:2f:b6:80:2e:31:96:96:c8:ef:87:
46:d0:a0:91:2e:5b:dd:8c:50:20:91:16:44:61:ee:
d2:13:32:d4:2c:50:51:ee:8a:d7:28:16:c1:e5:c5:
e2:da:d1:2a:fc:a0:af:5a:4e:c1:13:7f:76:8d:09:
20:fc:b8:45:4c:d9:45:08:71:0f:e3:d4:95:15:ea:
aa:87:16:f3:43:e4:ca:4d:8a:99:d7:70:d2:8f:89:
8c:7d:02:03:39:d6:2b:46:dd:5b:75:65:82:f2:37:
ba:7a:db:20:5e:ae:1d:68:6f:50:20:14:da:fb:73:
aa:a6:01:05:32:9e:3f:99:11:d0:cf:bc:f8:70:43:
e1:b9:cc:f6:e0:74:b8:ab:cb:c1:75:0c:f2:f1:01:
4d:47:fc:31:b7:9d:b5:16:53:ea:a3:85:0e:cb:ac:
34:f1:9b:e9:bd:51:02:ca:e4:ae:52:99:66:96:4b:
42:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1C:30:D5:0F:CE:12:D1:12:F8:2E:EA:63:2B:03:47:2D:FA:C3:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
18:75:07:19:78:02:a0:68:9b:5c:1a:e0:de:97:ec:62:5d:10:
22:8f:00:39:a6:f6:4d:20:09:ca:93:6e:26:83:0d:e3:0b:c9:
ca:6e:36:31:27:d4:c5:1c:77:95:d8:1a:bc:4e:bf:f0:16:7d:
a9:87:6b:86:a4:54:9e:2e:bf:64:8b:01:b3:6a:1e:c1:61:ba:
45:b4:5f:18:87:34:7f:6b:a9:8f:6c:b2:99:93:19:ff:1e:dc:
6f:e1:fa:6e:f0:75:48:2c:7b:f5:60:4b:b0:3a:e6:b3:5f:06:
4d:5c:45:c9:f9:95:6f:42:d3:26:fd:e3:c0:ab:66:d9:e0:b1:
0c:6e:b3:e2:40:e4:02:3e:dd:20:7f:e3:67:09:24:2f:ce:96:
a4:c6:67:d5:45:84:82:61:f5:da:9b:b6:f9:fb:cc:ac:08:87:
7e:15:38:cf:61:4d:4f:f5:06:e9:6c:b3:82:b3:7a:80:f7:67:
89:a0:30:09:05:1e:80:7c:b8:c4:1f:7b:a2:ea:1e:91:7a:d1:
36:f0:ac:41:34:f5:e6:d1:dc:de:5f:a1:98:6c:73:1e:4a:63:
80:c6:e7:9a:91:9a:04:51:50:62:e9:3e:6f:27:b0:fe:c1:ac:
69:5e:b9:b7:fd:35:f1:01:8e:5c:34:0b:65:ff:17:f2:f4:5e:
6a:1e:97:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbhPb+gmwcrR1ItvmY6muBQOKv3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwNDlaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NTZkODk5NzM0MmNkNWQ0ZjYzOWQ5YzliYTcxODRhZDIwNjMyZmZhMmVl
MzI5ZjE4ODg2MTRhNDMzM2RmOGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8ZT6yFRe4Y8ZnZsH0kH5iELt2hBZDoTdd72nrZlOU9Sf+WiV+H9HdVXlaA
Nv+rAP9yF+FeoRM5DTdaHr3AvoWTxQZYCsrGXG63kir4pHQvtoAuMZaWyO+HRtCg
kS5b3YxQIJEWRGHu0hMy1CxQUe6K1ygWweXF4trRKvygr1pOwRN/do0JIPy4RUzZ
RQhxD+PUlRXqqocW80Pkyk2Kmddw0o+JjH0CAznWK0bdW3VlgvI3unrbIF6uHWhv
UCAU2vtzqqYBBTKeP5kR0M+8+HBD4bnM9uB0uKvLwXUM8vEBTUf8MbedtRZT6qOF
DsusNPGb6b1RAsrkrlKZZpZLQkUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScHDDV
D84S0RL4LupjKwNHLfrDBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdiOTY0YzQtMDdjYS00NTAxLWJkMDEtNWNiODkzNjg0NmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQAYdQcZeAKgaJtcGuDel+xiXRAijwA5pvZNIAnK
k24mgw3jC8nKbjYxJ9TFHHeV2Bq8Tr/wFn2ph2uGpFSeLr9kiwGzah7BYbpFtF8Y
hzR/a6mPbLKZkxn/Htxv4fpu8HVILHv1YEuwOuazXwZNXEXJ+ZVvQtMm/ePAq2bZ
4LEMbrPiQOQCPt0gf+NnCSQvzpakxmfVRYSCYfXam7b5+8ysCId+FTjPYU1P9Qbp
bLOCs3qA92eJoDAJBR6AfLjEH3ui6h6RetE28KxBNPXm0dzeX6GYbHMeSmOAxuea
kZoEUVBi6T5vJ7D+waxpXrm3/TXxAY5cNAtl/xfy9F5qHpcp
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:02:53 2025 by rpki-client