Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a3d7a75-b59d-4700-823c-8c52150b4c70.roa
File: 5a3d7a75-b59d-4700-823c-8c52150b4c70.roa (raw, json)
Hash identifier: pyZ4RRnCi9+0TkGhSPEItngJMm8qlQXTsKGdxA819K4=
Subject key identifier: 69:76:D5:1D:61:90:D8:14:7C:08:5F:47:6B:A1:85:10:E7:43:DF:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 796624FE1601AB2F43079C984E8C0D21D7259A7B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a3d7a75-b59d-4700-823c-8c52150b4c70.roa
Signing time: Tue 20 May 2025 19:51:08 +0000
ROA not before: Tue 20 May 2025 19:51:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:66:24:fe:16:01:ab:2f:43:07:9c:98:4e:8c:0d:21:d7:25:9a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ef98a3af586263c2874167a5db34706b1aa2d8fc98bf34af6b918fb1707d6459, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1b:fe:56:cb:5c:ec:8a:52:e7:39:56:38:be:
dc:7c:10:ca:f5:43:5d:66:05:c0:22:f5:ec:26:ba:
d6:b7:79:12:1a:0e:0b:84:15:09:37:e3:54:1e:19:
49:5f:58:6d:9a:e2:6f:77:66:32:6b:df:12:35:4b:
1d:cd:20:73:2b:49:63:30:62:e6:6f:90:07:04:1b:
ef:69:c7:40:5b:91:17:ec:bd:7c:f1:1b:f6:fe:6f:
3c:80:66:8e:ff:6f:09:a8:27:73:f0:c7:43:08:23:
35:48:e2:12:6d:6c:96:58:f5:d5:eb:9e:bf:0e:3f:
8a:90:60:aa:92:98:88:05:f0:52:26:9c:86:b4:a9:
f8:07:0c:e2:46:00:3d:ce:0a:c6:df:c3:37:57:3f:
19:f2:30:ac:7b:3d:b8:4a:27:4b:8b:78:6c:5c:03:
19:da:25:b9:1f:1d:7e:50:92:b5:53:94:ce:b4:3b:
b4:51:3d:58:17:b3:dc:23:b0:d8:25:69:65:0d:e9:
02:f8:71:b6:cf:d8:44:50:54:b2:f3:57:01:30:3c:
c2:09:63:48:69:06:1e:54:cf:f9:5b:d1:08:91:b6:
dd:df:b2:db:6a:f5:20:dd:b5:7e:79:1b:50:ee:a2:
ff:21:12:ed:59:b2:7c:38:cd:3a:b7:fc:b4:fa:c7:
d8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:76:D5:1D:61:90:D8:14:7C:08:5F:47:6B:A1:85:10:E7:43:DF:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a3d7a75-b59d-4700-823c-8c52150b4c70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:5000::/40
Signature Algorithm: sha256WithRSAEncryption
85:fe:ba:77:be:5d:65:c2:17:8c:82:c0:a6:fe:2a:78:c1:48:
fe:a7:fa:c7:4d:c5:68:c8:33:cb:0f:df:a3:2f:b6:37:57:01:
73:25:d4:73:b5:b7:1c:84:87:57:f6:16:98:1c:68:7d:80:8a:
26:37:ae:4f:4c:5f:f1:25:5d:e0:05:b2:ab:bd:8c:27:a0:70:
8a:34:3b:d6:a5:4e:92:7a:8c:26:75:f6:df:a6:16:a0:47:02:
ed:06:7d:85:7d:ba:6d:4a:09:2d:27:12:4a:e8:3e:a1:32:14:
8b:79:88:4c:59:8f:4a:47:db:b6:df:2c:97:c9:15:62:21:3f:
b6:bd:39:2f:70:52:b4:4b:cd:15:00:d2:96:c9:7d:40:35:52:
d4:60:d8:4f:a6:67:73:0e:38:5f:7d:80:61:98:f6:96:1b:43:
04:17:07:3f:b1:d5:61:9d:09:cd:0c:b1:54:19:c3:11:8d:fa:
fe:21:c8:d9:3f:04:15:f8:2e:59:d1:0d:2d:3f:a6:83:7f:cc:
a8:5b:63:02:f8:e9:60:60:f9:bd:6a:d7:dc:5e:8d:d2:5a:e6:
d2:3c:e5:e9:40:fc:f5:11:01:2f:4a:be:fe:69:e1:8c:dd:0b:
27:8a:3f:80:9b:b8:99:6b:0d:f1:d7:ef:87:f1:4e:11:d8:32:
b4:d0:60:88
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeWYk/hYBqy9DB5yYTowNIdclmnswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmOThhM2FmNTg2MjYzYzI4NzQxNjdhNWRiMzQ3MDZiMWFhMmQ4ZmM5OGJm
MzRhZjZiOTE4ZmIxNzA3ZDY0NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQb/lbLXOyKUuc5Vji+3HwQyvVDXWYFwCL17Ca61rd5EhoOC4QVCTfjVB4Z
SV9YbZrib3dmMmvfEjVLHc0gcytJYzBi5m+QBwQb72nHQFuRF+y9fPEb9v5vPIBm
jv9vCagnc/DHQwgjNUjiEm1sllj11euevw4/ipBgqpKYiAXwUiachrSp+AcM4kYA
Pc4Kxt/DN1c/GfIwrHs9uEonS4t4bFwDGdoluR8dflCStVOUzrQ7tFE9WBez3COw
2CVpZQ3pAvhxts/YRFBUsvNXATA8wgljSGkGHlTP+VvRCJG23d+y22r1IN21fnkb
UO6i/yES7VmyfDjNOrf8tPrH2HkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRpdtUd
YZDYFHwIX0droYUQ50PftDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWEzZDdhNzUtYjU5ZC00NzAwLTgyM2MtOGM1MjE1MGI0YzcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCF/rp3vl1lwheMgsCm/ip4wUj+p/rHTcVoyDPL
D9+jL7Y3VwFzJdRztbcchIdX9haYHGh9gIomN65PTF/xJV3gBbKrvYwnoHCKNDvW
pU6SeowmdfbfphagRwLtBn2FfbptSgktJxJK6D6hMhSLeYhMWY9KR9u23yyXyRVi
IT+2vTkvcFK0S80VANKWyX1ANVLUYNhPpmdzDjhffYBhmPaWG0MEFwc/sdVhnQnN
DLFUGcMRjfr+IcjZPwQV+C5Z0Q0tP6aDf8yoW2MC+OlgYPm9atfcXo3SWubSPOXp
QPz1EQEvSr7+aeGM3Qsnij+Am7iZaw3x1++H8U4R2DK00GCI
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:48 2025 by rpki-client