Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json)
Hash identifier: TlTPItMgfeDFDzAq1TliOi5neeUI6I+VeMkU52l5JYQ=
Subject key identifier: 0C:73:37:1F:B6:C8:DE:9A:87:A8:2F:9C:BC:72:D8:C7:1E:F2:E0:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0485556067505D62C579DB6B01FFB139B7E5F231
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
Signing time: Tue 20 May 2025 19:11:18 +0000
ROA not before: Tue 20 May 2025 19:11:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:85:55:60:67:50:5d:62:c5:79:db:6b:01:ff:b1:39:b7:e5:f2:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=6fcecae42d0490e0c8165d6a3db63913e0036044d915bf5df4569e7e0af2c363, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:39:74:43:94:f1:1e:f9:dd:79:48:39:1e:ba:
1b:31:a7:8f:02:61:93:a6:93:ea:87:a5:0a:b3:0f:
b6:9b:cd:a9:53:3b:e2:b3:ba:47:a3:3e:2c:29:f7:
b9:24:a4:05:cb:4b:4e:92:66:b2:97:8c:b3:05:b5:
28:a8:5b:0b:cb:2b:98:6a:ef:d8:2a:ba:50:74:2f:
e4:ca:ed:74:28:c3:83:29:01:ab:a3:02:b8:cf:13:
25:4e:bb:a7:04:7d:d8:f8:f0:73:df:32:19:b7:bd:
2b:d9:90:05:05:78:e6:5b:c1:21:ef:1d:1f:75:e9:
e6:44:8f:48:06:b7:34:f3:3a:4e:52:f2:7d:48:59:
8c:c5:92:a6:02:9b:af:ba:92:f9:f7:4b:f5:6b:2c:
1a:fa:02:1a:5b:30:dd:74:27:cd:0c:de:49:c3:e6:
b7:6c:27:38:cc:b8:f4:fd:88:b1:24:ac:02:a6:51:
d0:e7:22:f7:e6:23:9d:5c:02:19:59:6e:e7:95:81:
92:7a:27:5f:b6:d2:88:f3:f2:2b:c6:90:3c:36:02:
18:19:cd:b9:9a:a1:7a:dc:26:0c:34:73:6a:e9:eb:
25:14:f7:65:91:66:ed:19:32:c8:33:4c:97:76:5b:
ac:58:05:c9:8c:bc:c8:bd:d0:45:77:bd:00:86:b8:
4a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:73:37:1F:B6:C8:DE:9A:87:A8:2F:9C:BC:72:D8:C7:1E:F2:E0:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2040::/48
Signature Algorithm: sha256WithRSAEncryption
72:0d:41:87:ef:51:8f:59:be:c8:e3:7c:fe:63:e1:11:64:ea:
68:3f:91:3e:52:63:14:52:55:40:ed:92:6f:9d:06:46:17:4b:
6f:8c:76:f6:27:3c:a7:df:29:97:f0:ce:c9:bd:57:42:cc:39:
51:7f:1c:00:2c:54:41:04:70:c9:5d:e1:74:cd:16:a5:76:66:
29:33:1e:94:65:40:fa:87:82:c1:06:ba:66:74:06:19:23:78:
29:53:b4:17:13:76:c6:e8:34:9b:da:c2:24:22:4c:95:7e:14:
54:ce:bc:56:b0:7c:20:56:e5:e3:b9:75:e7:e7:62:4c:65:68:
81:a0:38:a8:78:ce:fb:2e:12:91:e3:58:39:33:a0:75:86:d0:
ae:e6:80:11:c9:87:04:17:64:01:4e:8f:fe:88:aa:d7:cb:5f:
0d:67:fd:8c:b7:b9:87:a1:4b:e4:10:27:41:14:35:5d:fa:05:
78:15:67:6a:e9:87:8d:22:7c:72:85:0e:0f:57:71:71:64:1e:
e0:72:10:75:f1:ad:22:4e:3d:11:d9:44:43:06:5a:35:92:43:
59:0d:bf:3a:88:98:a0:28:9a:36:42:52:7b:b9:74:b4:3a:08:
04:fc:6c:d7:2b:a9:00:16:b8:74:f6:91:a2:e8:3c:e7:77:db:
74:38:22:71
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBIVVYGdQXWLFedtrAf+xObfl8jEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmY2VjYWU0MmQwNDkwZTBjODE2NWQ2YTNkYjYzOTEzZTAwMzYwNDRkOTE1
YmY1ZGY0NTY5ZTdlMGFmMmMzNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALU5dEOU8R753XlIOR66GzGnjwJhk6aT6oelCrMPtpvNqVM74rO6R6M+LCn3
uSSkBctLTpJmspeMswW1KKhbC8srmGrv2Cq6UHQv5MrtdCjDgykBq6MCuM8TJU67
pwR92Pjwc98yGbe9K9mQBQV45lvBIe8dH3Xp5kSPSAa3NPM6TlLyfUhZjMWSpgKb
r7qS+fdL9WssGvoCGlsw3XQnzQzeScPmt2wnOMy49P2IsSSsAqZR0Oci9+YjnVwC
GVlu55WBknonX7bSiPPyK8aQPDYCGBnNuZqhetwmDDRzaunrJRT3ZZFm7RkyyDNM
l3ZbrFgFyYy8yL3QRXe9AIa4Sr8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQMczcf
tsjemoeoL5y8ctjHHvLgazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
QDANBgkqhkiG9w0BAQsFAAOCAQEAcg1Bh+9Rj1m+yON8/mPhEWTqaD+RPlJjFFJV
QO2Sb50GRhdLb4x29ic8p98pl/DOyb1XQsw5UX8cACxUQQRwyV3hdM0WpXZmKTMe
lGVA+oeCwQa6ZnQGGSN4KVO0FxN2xug0m9rCJCJMlX4UVM68VrB8IFbl47l15+di
TGVogaA4qHjO+y4SkeNYOTOgdYbQruaAEcmHBBdkAU6P/oiq18tfDWf9jLe5h6FL
5BAnQRQ1XfoFeBVnaumHjSJ8coUOD1dxcWQe4HIQdfGtIk49EdlEQwZaNZJDWQ2/
OoiYoCiaNkJSe7l0tDoIBPxs1yupABa4dPaRoug853fbdDgicQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:18 2025 by rpki-client