Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa
File: 57c971db-5779-4af6-9c2f-2c7cd904e742.roa (raw, json)
Hash identifier: JiXzkdNHQU6fdpTILxl99W0eadIlj+nx+m6vHlxkfLY=
Subject key identifier: 40:62:2A:8F:B2:20:C3:85:4A:2E:75:7C:38:A4:FD:23:D3:63:00:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44E604EBE9D48D582ECE2E5928F6780D21994DF7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa
Signing time: Tue 20 May 2025 18:50:48 +0000
ROA not before: Tue 20 May 2025 18:50:48 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:e6:04:eb:e9:d4:8d:58:2e:ce:2e:59:28:f6:78:0d:21:99:4d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:48 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=05ed23fee27ed3dbec1973333fdf78e68aa1180a788a6a7dd813b530043c5828, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:92:6e:8f:2e:1f:1a:00:05:a4:3d:1b:a8:
07:c9:f5:71:45:84:e7:4c:f4:85:d7:cb:98:18:69:
76:e7:4e:07:8f:24:ac:31:2b:24:d7:53:d7:d6:d5:
3c:9e:5c:1f:47:aa:66:1d:5b:45:3a:41:9a:e5:01:
02:49:02:39:24:a5:06:23:9f:cb:66:b9:4a:13:10:
39:3b:b1:15:9a:fd:67:e3:10:9c:3a:dc:34:50:e2:
64:08:f4:88:2c:a8:81:96:1e:3d:a9:9a:46:b2:18:
c2:a5:01:4e:4c:ea:f4:53:fb:2d:44:0e:2f:d7:6e:
3a:00:32:08:a5:2c:5e:9e:1b:10:09:90:66:ce:f6:
bc:a8:c6:dd:64:7b:96:68:2a:41:df:fb:33:f5:27:
2d:08:77:aa:d8:a3:75:7b:f6:9f:56:5a:1d:da:c0:
ba:67:05:b4:f6:80:3c:17:21:a4:c8:82:40:18:59:
97:21:29:32:00:96:1e:7b:b4:b6:9c:02:28:42:4e:
1d:c9:6e:55:28:ed:af:97:8b:90:92:f4:1b:05:19:
be:37:23:0a:2c:54:a7:cd:92:5f:03:6a:bc:e8:4a:
66:25:df:89:89:9b:f2:28:f0:a6:18:97:57:e0:f2:
06:92:8c:11:fd:94:6b:77:ee:b6:fc:e5:0c:1f:b2:
f5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:62:2A:8F:B2:20:C3:85:4A:2E:75:7C:38:A4:FD:23:D3:63:00:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/48
Signature Algorithm: sha256WithRSAEncryption
5c:67:fa:c0:0b:46:dd:3c:a0:38:fc:77:87:10:54:bc:fd:94:
c4:5f:86:0d:d7:53:2d:3a:77:e1:68:af:b9:24:c0:7a:06:9c:
76:3a:05:df:b4:f4:a3:73:df:c3:4f:72:69:c2:f5:55:b1:97:
21:c9:66:59:e6:81:be:e4:56:ed:38:30:97:1d:75:7c:f4:2f:
c8:42:8c:69:df:5c:eb:8c:e8:42:63:bc:22:34:da:57:56:51:
c8:8d:39:55:fb:49:19:a7:42:14:ec:a8:25:2d:d6:41:1c:50:
2f:d9:6a:7b:d2:67:3f:10:63:d1:4b:09:a9:a5:b5:6b:24:74:
cc:5f:32:56:64:e6:97:ce:94:1c:28:6f:3c:9f:0d:3d:98:51:
95:98:5f:17:de:5c:d2:01:e3:67:68:44:14:08:0e:5b:80:ba:
e2:c1:ef:67:e3:9b:4e:de:d4:f9:77:e2:ff:77:2d:80:5b:92:
85:3e:a5:0a:ad:ea:88:68:ea:04:43:87:73:35:fb:d5:78:6a:
82:ae:f6:82:10:f6:88:2c:05:cb:a9:d8:2e:98:f8:2c:49:bb:
6f:ed:60:bd:e3:29:b2:ec:af:bb:20:be:a7:8c:5a:58:e7:86:
84:03:bb:fe:18:08:63:9b:24:f4:a0:13:d6:54:83:04:ba:83:
30:1d:93:4c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUROYE6+nUjVguzi5ZKPZ4DSGZTfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwNDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1ZWQyM2ZlZTI3ZWQzZGJlYzE5NzMzMzNmZGY3OGU2OGFhMTE4MGE3ODhh
NmE3ZGQ4MTNiNTMwMDQzYzU4MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKkkm6PLh8aAAWkPRuoB8n1cUWE50z0hdfLmBhpdudOB48krDErJNdT19bV
PJ5cH0eqZh1bRTpBmuUBAkkCOSSlBiOfy2a5ShMQOTuxFZr9Z+MQnDrcNFDiZAj0
iCyogZYePamaRrIYwqUBTkzq9FP7LUQOL9duOgAyCKUsXp4bEAmQZs72vKjG3WR7
lmgqQd/7M/UnLQh3qtijdXv2n1ZaHdrAumcFtPaAPBchpMiCQBhZlyEpMgCWHnu0
tpwCKEJOHcluVSjtr5eLkJL0GwUZvjcjCixUp82SXwNqvOhKZiXfiYmb8ijwphiX
V+DyBpKMEf2Ua3futvzlDB+y9fsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRAYiqP
siDDhUoudXw4pP0j02MAJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdjOTcxZGItNTc3OS00YWY2LTljMmYtMmM3Y2Q5MDRlNzQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HbA
ADANBgkqhkiG9w0BAQsFAAOCAQEAXGf6wAtG3TygOPx3hxBUvP2UxF+GDddTLTp3
4WivuSTAegacdjoF37T0o3Pfw09yacL1VbGXIclmWeaBvuRW7Tgwlx11fPQvyEKM
ad9c64zoQmO8IjTaV1ZRyI05VftJGadCFOyoJS3WQRxQL9lqe9JnPxBj0UsJqaW1
ayR0zF8yVmTml86UHChvPJ8NPZhRlZhfF95c0gHjZ2hEFAgOW4C64sHvZ+ObTt7U
+Xfi/3ctgFuShT6lCq3qiGjqBEOHczX71Xhqgq72ghD2iCwFy6nYLpj4LEm7b+1g
veMpsuyvuyC+p4xaWOeGhAO7/hgIY5sk9KAT1lSDBLqDMB2TTA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:34 2025 by rpki-client