Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
File: 58699fff-50fe-46a7-8e85-38dbafe34c1b.roa (raw, json)
Hash identifier: pSaM/wAGCU7+Rs26eG71ZlVSsqjrWCUb1Fi02xbCLVQ=
Subject key identifier: 97:8D:8D:2A:86:DD:F8:68:C1:F0:04:F6:A6:6A:50:25:6D:A9:7B:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 565B4984932D718E8BB25104A887AFBE97A48CFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
Signing time: Fri 23 May 2025 00:41:13 +0000
ROA not before: Fri 23 May 2025 00:41:13 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:5b:49:84:93:2d:71:8e:8b:b2:51:04:a8:87:af:be:97:a4:8c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:13 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=d85742693803b4dacaf42fe4dcb591b11d657ef026359be33d63898170e5ddbb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:18:b4:0f:bf:ab:2b:d6:96:c5:43:53:f7:e2:
e2:f3:88:71:9f:dc:08:ae:d2:4c:39:65:d1:20:85:
20:58:05:fa:6b:d5:a7:90:41:4e:f1:04:77:8e:c7:
76:74:85:18:5e:d5:05:a8:dc:6b:0a:7b:ab:99:de:
77:c3:03:82:e5:42:d1:63:85:1f:ef:54:38:bf:a5:
41:fa:44:25:ac:bc:e4:1c:c8:2a:a9:0d:9c:99:bd:
a9:a1:63:73:6e:26:f7:57:c9:19:cb:64:d3:20:60:
d6:08:58:e1:d0:76:51:fc:f7:e9:cd:ff:85:6e:03:
b4:b9:21:a5:87:86:d3:84:a8:b3:a3:0a:52:6d:ad:
c0:63:57:14:ef:2f:7c:49:e4:23:16:4b:24:b7:03:
e0:13:a5:35:91:0f:a5:fa:d1:48:0e:38:9b:ca:29:
b4:a4:dd:83:f9:9e:87:42:8d:21:a4:b3:e0:a9:b6:
19:f3:c9:2a:d0:63:67:d3:b7:22:fe:9a:92:cb:b1:
32:b0:78:f3:ad:41:a1:8a:67:ba:cb:93:18:c2:9b:
c8:bd:cd:cb:db:32:46:af:c9:80:20:93:aa:99:41:
5a:79:a6:ca:05:28:b3:1c:67:4d:02:67:53:f0:e7:
4a:ef:d1:f5:ad:da:02:cc:08:ce:11:43:db:0c:a4:
10:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:8D:8D:2A:86:DD:F8:68:C1:F0:04:F6:A6:6A:50:25:6D:A9:7B:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
64:0d:66:f1:93:e9:29:7c:3b:88:88:e3:cb:24:e7:ac:7f:68:
6f:ea:68:4b:30:dd:ce:a7:03:1f:39:58:8b:ae:b2:c1:b7:38:
3d:7e:21:ab:88:f8:dd:bb:d3:6b:2a:ec:7c:52:b8:e6:53:34:
fa:a8:8a:ec:69:54:a9:13:6e:94:4c:af:5c:ef:ff:f1:0e:3a:
1f:be:24:6e:d5:6d:53:87:c2:97:9a:ab:73:2c:c9:3e:f3:f3:
4e:f4:2a:0a:73:58:aa:76:e2:97:ed:31:b6:42:3f:72:92:a7:
12:78:77:c1:65:57:bc:af:02:e9:3e:75:b9:f9:8b:b8:d6:49:
f2:d4:67:5f:4a:34:07:19:9e:db:ce:e7:4f:d8:73:d0:34:3e:
b9:b3:f0:4d:36:62:9c:ca:bf:1d:36:7e:12:dd:d8:9b:27:3e:
4f:1a:d1:03:a0:4f:3b:5e:9d:07:1a:85:ce:11:b0:20:8f:72:
75:d2:cc:b5:85:88:85:b7:68:44:4f:13:62:1f:4b:c9:5f:cc:
0c:e3:dd:d7:62:e1:21:9d:6b:5c:61:d0:76:b2:f8:0b:d8:5f:
91:af:14:44:c7:a5:e6:5c:3a:aa:59:81:f6:e1:21:46:48:8a:
a9:3a:18:2e:2d:73:a9:14:ed:f9:1e:b9:cc:6b:e2:a6:75:3d:
c5:ab:74:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVltJhJMtcY6LslEEqIevvpekjPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMTNaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4NTc0MjY5MzgwM2I0ZGFjYWY0MmZlNGRjYjU5MWIxMWQ2NTdlZjAyNjM1
OWJlMzNkNjM4OTgxNzBlNWRkYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAYtA+/qyvWlsVDU/fi4vOIcZ/cCK7STDll0SCFIFgF+mvVp5BBTvEEd47H
dnSFGF7VBajcawp7q5ned8MDguVC0WOFH+9UOL+lQfpEJay85BzIKqkNnJm9qaFj
c24m91fJGctk0yBg1ghY4dB2Ufz36c3/hW4DtLkhpYeG04Sos6MKUm2twGNXFO8v
fEnkIxZLJLcD4BOlNZEPpfrRSA44m8optKTdg/meh0KNIaSz4Km2GfPJKtBjZ9O3
Iv6aksuxMrB4861BoYpnusuTGMKbyL3Ny9syRq/JgCCTqplBWnmmygUosxxnTQJn
U/DnSu/R9a3aAswIzhFD2wykELUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSXjY0q
ht34aMHwBPamalAlbal7rTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg2OTlmZmYtNTBmZS00NmE3LThlODUtMzhkYmFmZTM0YzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQBkDWbxk+kpfDuIiOPLJOesf2hv6mhLMN3OpwMf
OViLrrLBtzg9fiGriPjdu9NrKux8UrjmUzT6qIrsaVSpE26UTK9c7//xDjofviRu
1W1Th8KXmqtzLMk+8/NO9CoKc1iqduKX7TG2Qj9ykqcSeHfBZVe8rwLpPnW5+Yu4
1kny1GdfSjQHGZ7bzudP2HPQND65s/BNNmKcyr8dNn4S3dibJz5PGtEDoE87Xp0H
GoXOEbAgj3J10sy1hYiFt2hETxNiH0vJX8wM493XYuEhnWtcYdB2svgL2F+RrxRE
x6XmXDqqWYH24SFGSIqpOhguLXOpFO35HrnMa+KmdT3Fq3SE
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:03:06 2025 by rpki-client