Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
File: 5c829516-8640-4a9a-a2b3-cfababf09faa.roa (raw, json)
Hash identifier: KvtL0oB7Ep0DvurGJbH43Jthej9C10q+wsM17QKgcQM=
Subject key identifier: E5:24:B7:4A:D2:32:A0:B5:69:36:D7:6C:84:3E:53:05:21:B7:D7:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5743346549B1F8AC6649D061BA41A1B7AAEDCB9E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
Signing time: Tue 20 May 2025 19:10:33 +0000
ROA not before: Tue 20 May 2025 19:10:33 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:43:34:65:49:b1:f8:ac:66:49:d0:61:ba:41:a1:b7:aa:ed:cb:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:33 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d16f5475961c1ae9760e6d3ce10dac22a0fc47c74c8cdfdbdebe3c1535a4fc2d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:23:5c:15:ff:bc:47:8e:15:13:a4:a1:ea:eb:
38:2a:17:cb:54:09:13:91:8e:3d:0e:56:64:80:a1:
bd:be:5d:da:ec:6d:95:a9:5e:b9:3a:c8:66:4b:86:
76:7d:3a:fc:fd:9f:a0:e7:52:ff:fa:96:b6:89:af:
e7:a6:33:89:59:14:05:f9:1a:fc:64:31:8a:f9:24:
71:93:19:b8:fb:a7:98:92:d0:86:fd:90:ed:f9:3e:
c7:3e:9f:cb:99:23:cb:68:b0:33:96:d9:0c:a1:48:
d5:54:a7:13:1b:c8:3e:f4:7d:8e:7a:f5:c8:bd:48:
2b:58:24:1f:80:1b:14:d2:b1:24:30:e4:91:c3:2b:
6d:ef:5d:52:8f:74:ed:20:ab:7b:9f:08:94:22:2f:
7f:1f:4a:3c:6f:08:1b:66:7d:da:7a:25:9e:28:f7:
34:5c:ab:20:23:e5:4a:a0:00:7f:b6:92:6e:df:c2:
84:93:96:7a:b0:10:7a:0c:ee:16:a5:00:6f:41:2a:
c2:c0:2a:2c:8a:f1:a8:e7:7c:07:be:e9:8d:af:28:
77:e8:03:2d:02:89:6a:5f:82:48:ef:75:e1:61:c1:
ee:e2:45:cb:47:f7:c5:b8:3a:d8:4f:5a:c8:7d:f4:
1f:13:bc:b5:d7:e4:dc:3e:6e:e6:46:61:1f:23:35:
a0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:24:B7:4A:D2:32:A0:B5:69:36:D7:6C:84:3E:53:05:21:B7:D7:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e080::/48
Signature Algorithm: sha256WithRSAEncryption
25:81:d6:5e:00:35:c6:9f:e9:97:20:23:96:35:3b:59:22:7e:
4c:e9:8f:48:33:40:f0:e3:05:3d:72:76:91:d8:e9:43:ad:3c:
fb:4f:68:17:12:09:58:7d:3b:72:3b:95:bf:28:99:4d:34:87:
9c:15:76:49:76:d3:ca:fb:35:28:27:7a:c9:45:6a:6c:a3:ec:
c2:ac:ac:23:97:76:66:74:68:06:7a:9a:fb:88:8f:63:7b:79:
02:13:d5:ae:b3:c6:29:06:85:6a:cf:1e:65:be:44:6c:c9:a4:
c2:43:1d:e7:41:04:25:a8:3c:6c:4a:c6:ae:49:8a:01:61:62:
0d:ce:ec:1a:05:6d:e9:04:f2:49:d7:c2:80:ba:16:0e:57:ed:
1d:e4:69:c7:12:c2:be:2c:ec:7e:b3:ee:5c:12:69:d6:49:c5:
ea:b8:69:d3:13:d4:0c:5e:b7:f7:ae:59:1c:e1:1f:25:11:2b:
f3:70:10:b2:6f:da:11:10:40:72:f7:47:2d:b8:8e:d4:6a:7d:
a9:ef:71:6b:d2:67:66:38:45:8a:45:35:e8:14:3d:c5:e0:c2:
f3:9a:4d:9a:91:c8:5a:75:d9:c2:ae:94:69:63:63:07:d2:9d:
49:75:70:c4:31:fa:5d:b8:59:53:bb:68:36:4d:86:fd:74:b6:
82:45:f7:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUV0M0ZUmx+KxmSdBhukGht6rty54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMzNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxNmY1NDc1OTYxYzFhZTk3NjBlNmQzY2UxMGRhYzIyYTBmYzQ3Yzc0Yzhj
ZGZkYmRlYmUzYzE1MzVhNGZjMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYjXBX/vEeOFROkoerrOCoXy1QJE5GOPQ5WZIChvb5d2uxtlaleuTrIZkuG
dn06/P2foOdS//qWtomv56YziVkUBfka/GQxivkkcZMZuPunmJLQhv2Q7fk+xz6f
y5kjy2iwM5bZDKFI1VSnExvIPvR9jnr1yL1IK1gkH4AbFNKxJDDkkcMrbe9dUo90
7SCre58IlCIvfx9KPG8IG2Z92nolnij3NFyrICPlSqAAf7aSbt/ChJOWerAQegzu
FqUAb0EqwsAqLIrxqOd8B77pja8od+gDLQKJal+CSO914WHB7uJFy0f3xbg62E9a
yH30HxO8tdfk3D5u5kZhHyM1oMkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTlJLdK
0jKgtWk212yEPlMFIbfXpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4Mjk1MTYtODY0MC00YTlhLWEyYjMtY2ZhYmFiZjA5ZmFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
gDANBgkqhkiG9w0BAQsFAAOCAQEAJYHWXgA1xp/plyAjljU7WSJ+TOmPSDNA8OMF
PXJ2kdjpQ608+09oFxIJWH07cjuVvyiZTTSHnBV2SXbTyvs1KCd6yUVqbKPswqys
I5d2ZnRoBnqa+4iPY3t5AhPVrrPGKQaFas8eZb5EbMmkwkMd50EEJag8bErGrkmK
AWFiDc7sGgVt6QTySdfCgLoWDlftHeRpxxLCvizsfrPuXBJp1knF6rhp0xPUDF63
965ZHOEfJREr83AQsm/aERBAcvdHLbiO1Gp9qe9xa9JnZjhFikU16BQ9xeDC85pN
mpHIWnXZwq6UaWNjB9KdSXVwxDH6XbhZU7toNk2G/XS2gkX3DQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:21 2025 by rpki-client