Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json)
Hash identifier: pHq2aIndZtfaxDTeZZoceG4+Sg1Yzf3D/pUVoyzkA48=
Subject key identifier: B3:67:64:2A:FE:2B:DA:03:18:74:EC:1E:CB:94:77:99:9F:99:79:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 270061A1D1A840057800CC3EC70E5FA1113B80BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
Signing time: Tue 20 May 2025 20:40:09 +0000
ROA not before: Tue 20 May 2025 20:40:09 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:00:61:a1:d1:a8:40:05:78:00:cc:3e:c7:0e:5f:a1:11:3b:80:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:40:09 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=248d035d3bf18689291a32e05996abdb3f1ef86c213115043de8f50d80f5620e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9e:17:a7:5c:c4:22:4b:7a:18:b2:66:46:6b:
27:a9:5e:5f:15:49:74:81:d2:ba:e3:17:4b:8c:79:
af:7e:46:dd:e7:f4:56:ae:7d:01:99:95:ff:17:6a:
50:93:d9:72:3b:c5:ef:f6:6a:f7:d7:1a:15:45:4d:
90:c8:98:38:6e:8d:96:74:6f:b3:17:eb:16:c2:29:
8e:e8:f8:0a:30:19:d6:97:9c:ec:00:05:58:24:82:
ca:22:c2:29:a1:e8:fe:4e:af:2b:69:a0:39:2c:0e:
f8:c3:7b:bd:cb:d9:fd:25:60:25:e0:a9:e4:fa:5b:
4d:69:5f:cc:3f:93:7b:8b:04:ec:fb:0c:b8:e8:77:
5a:ec:4e:5b:e0:21:22:7a:4c:af:5d:23:26:56:ab:
97:da:7e:d1:8e:de:61:5f:2a:67:3a:61:fe:16:f6:
07:4c:d3:bf:25:7c:fe:c9:da:50:b4:8f:a8:86:d2:
c0:c0:7d:45:91:55:a8:2c:46:41:f1:60:c8:d6:13:
97:a4:6d:0f:3b:cc:40:31:2c:1f:61:cc:5a:cd:b3:
88:3a:b3:82:2a:d4:87:83:04:d1:bf:34:e3:53:fd:
68:41:14:d3:da:e3:ae:27:40:78:e8:03:bb:25:11:
a6:ee:86:2d:e8:90:c9:00:09:ef:df:52:55:18:a4:
96:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:67:64:2A:FE:2B:DA:03:18:74:EC:1E:CB:94:77:99:9F:99:79:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025:1000::/36
Signature Algorithm: sha256WithRSAEncryption
c1:fa:84:c4:ea:00:9d:61:4f:e5:97:14:e6:aa:43:fc:e7:66:
df:8e:28:86:a3:82:01:71:a2:0c:4c:f2:ab:bf:c2:79:ec:14:
4e:a4:1c:b3:e6:32:b9:e9:40:23:51:f0:39:f7:2e:52:c0:08:
7a:bc:c5:b5:82:54:1b:b0:9d:4c:ed:31:0d:ce:a5:5c:63:da:
c9:c1:20:dd:6d:f3:5a:3f:1a:3d:74:84:49:9d:74:73:2c:bd:
e3:0a:a8:12:3b:13:ed:bb:dd:a9:73:4f:07:f1:fa:6e:12:cd:
e7:5d:d5:ee:19:08:b3:ba:eb:0b:d9:f1:88:c3:9f:29:1b:b7:
8b:3c:5a:bd:2f:6f:f6:03:49:0b:ab:12:df:76:c3:87:6e:17:
f3:fd:f9:c4:16:9b:76:b7:24:31:c0:0a:24:68:95:f4:aa:72:
ad:04:04:5c:72:ee:5c:9b:1f:9d:10:0f:ce:a8:7c:f8:e4:cc:
b2:25:1a:60:9a:c7:ea:3d:c4:9b:95:5b:6f:a3:87:9e:7a:44:
ed:25:26:95:39:b9:69:84:05:c7:eb:42:f9:2f:d7:63:bb:38:
62:46:83:aa:71:91:57:2a:a2:7f:ea:5f:e0:68:15:1a:55:e0:
03:88:aa:ec:6b:07:3d:ce:c2:e0:7a:05:36:93:aa:10:7a:15:
33:b5:2b:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJwBhodGoQAV4AMw+xw5foRE7gL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDQwMDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0OGQwMzVkM2JmMTg2ODkyOTFhMzJlMDU5OTZhYmRiM2YxZWY4NmMyMTMx
MTUwNDNkZThmNTBkODBmNTYyMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmeF6dcxCJLehiyZkZrJ6leXxVJdIHSuuMXS4x5r35G3ef0Vq59AZmV/xdq
UJPZcjvF7/Zq99caFUVNkMiYOG6NlnRvsxfrFsIpjuj4CjAZ1pec7AAFWCSCyiLC
KaHo/k6vK2mgOSwO+MN7vcvZ/SVgJeCp5PpbTWlfzD+Te4sE7PsMuOh3WuxOW+Ah
InpMr10jJlarl9p+0Y7eYV8qZzph/hb2B0zTvyV8/snaULSPqIbSwMB9RZFVqCxG
QfFgyNYTl6RtDzvMQDEsH2HMWs2ziDqzgirUh4ME0b8041P9aEEU09rjridAeOgD
uyURpu6GLeiQyQAJ799SVRikljMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzZ2Qq
/ivaAxh07B7LlHeZn5l5VTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDB+oTE6gCdYU/llxTmqkP852bfjiiGo4IBcaIM
TPKrv8J57BROpByz5jK56UAjUfA59y5SwAh6vMW1glQbsJ1M7TENzqVcY9rJwSDd
bfNaPxo9dIRJnXRzLL3jCqgSOxPtu92pc08H8fpuEs3nXdXuGQizuusL2fGIw58p
G7eLPFq9L2/2A0kLqxLfdsOHbhfz/fnEFpt2tyQxwAokaJX0qnKtBARccu5cmx+d
EA/OqHz45MyyJRpgmsfqPcSblVtvo4eeekTtJSaVOblphAXH60L5L9djuzhiRoOq
cZFXKqJ/6l/gaBUaVeADiKrsawc9zsLgegU2k6oQehUztStp
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:24 2025 by rpki-client