Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa
File: 68f2af14-43e2-4447-a8a7-f8fe713e249e.roa (raw, json)
Hash identifier: m0OeHXAlJ/hVAOH8p+1WE1SYcY7BilhPYYQsLwqJdv8=
Subject key identifier: EA:76:97:F3:A9:4E:20:A5:CF:DD:A0:93:BB:16:01:E5:CE:68:1E:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05763ED7CF3C95774896B9137C7DC4DF14C70A11
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa
Signing time: Mon 26 May 2025 15:10:38 +0000
ROA not before: Mon 26 May 2025 15:10:38 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:76:3e:d7:cf:3c:95:77:48:96:b9:13:7c:7d:c4:df:14:c7:0a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 26 15:10:38 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=d24d36e6611df379d38389998c41845e9f32f2903f82ab8b84bc3ef0038a927e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:79:59:cb:6d:16:1d:93:28:5c:d2:50:f3:d1:
be:63:94:d2:c2:d6:0c:71:2f:74:a4:1a:39:c8:b6:
af:07:3a:c4:c3:1f:43:bc:5d:de:32:53:8f:68:f5:
4b:07:fd:67:40:fb:2d:40:6b:d2:9e:8b:ef:7c:26:
a4:42:de:40:1a:42:ed:e4:66:ad:8a:6e:7a:a2:0a:
a6:71:ee:98:60:5b:6c:88:38:df:71:72:d0:40:03:
fc:61:f8:f5:d2:2a:d0:f9:53:c7:7c:7a:01:4e:6f:
ca:b1:60:59:b7:c3:e9:cd:b6:fc:94:03:72:23:79:
d5:22:c2:72:b1:9b:69:0e:99:d4:49:b2:3c:1d:ff:
b9:44:5e:53:ac:5a:c7:0a:6f:f2:ec:b3:4a:05:df:
ea:34:81:0d:4e:77:d2:c5:6e:50:44:9e:f1:62:6b:
ea:50:36:bd:1a:f7:1f:79:d9:d4:63:fc:cd:0b:7b:
37:a2:d7:07:cc:e6:fd:4f:c5:a9:7a:d5:81:10:dc:
b0:7f:88:34:c8:a5:fc:dd:56:04:9a:a9:36:76:de:
ba:cc:3b:e6:0f:87:d8:71:ea:e7:68:ea:e0:b9:dd:
1d:48:c8:82:cb:d6:4d:17:f6:e5:b1:37:8a:47:09:
86:64:f9:97:fe:f2:0a:89:d3:e8:cf:e2:e9:23:c4:
59:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:76:97:F3:A9:4E:20:A5:CF:DD:A0:93:BB:16:01:E5:CE:68:1E:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f:800::/37
Signature Algorithm: sha256WithRSAEncryption
9c:29:c9:4e:6f:8f:e8:93:36:43:1a:33:4b:93:e3:de:92:4f:
8c:9f:f3:29:3e:e4:04:93:19:e9:3f:60:06:7b:85:cd:ec:94:
40:44:b4:18:12:1b:22:85:99:ca:b7:dc:30:8a:2e:a2:c6:f0:
b7:cb:66:ec:84:d2:cc:37:9e:3e:85:3a:68:5d:7c:ae:7e:be:
70:6e:c7:e5:c7:b6:f6:70:d9:06:36:2d:34:27:ed:82:c3:3e:
b7:15:90:67:af:1e:43:4b:d0:bf:cf:46:7b:87:70:b0:4a:23:
18:d1:7d:43:a8:39:b7:43:f0:01:54:99:99:01:0f:05:65:f8:
e1:b2:3e:2f:48:ba:4b:78:76:0d:e1:78:8f:f9:d9:02:64:b1:
35:74:2c:43:dc:d4:b1:9a:08:e4:8b:c9:87:f0:44:68:60:60:
a1:ee:57:e3:3c:8f:56:86:1e:5c:02:60:84:89:41:d8:f7:56:
b4:87:a0:4b:eb:22:bc:ee:63:aa:1d:c2:ba:cf:17:ae:95:e1:
68:eb:45:28:af:43:11:cb:8b:f3:97:60:7c:c5:42:2b:15:02:
86:08:17:8e:3e:d1:7e:72:9a:39:c9:db:13:55:60:f7:bf:a6:
92:4b:cf:83:55:a9:f6:ba:7c:56:fc:42:2a:28:0d:15:6f:b4:
13:70:4b:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBXY+1888lXdIlrkTfH3E3xTHChEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjYxNTEwMzhaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyNGQzNmU2NjExZGYzNzlkMzgzODk5OThjNDE4NDVlOWYzMmYyOTAzZjgy
YWI4Yjg0YmMzZWYwMDM4YTkyN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALN5WcttFh2TKFzSUPPRvmOU0sLWDHEvdKQaOci2rwc6xMMfQ7xd3jJTj2j1
Swf9Z0D7LUBr0p6L73wmpELeQBpC7eRmrYpueqIKpnHumGBbbIg433Fy0EAD/GH4
9dIq0PlTx3x6AU5vyrFgWbfD6c22/JQDciN51SLCcrGbaQ6Z1EmyPB3/uUReU6xa
xwpv8uyzSgXf6jSBDU530sVuUESe8WJr6lA2vRr3H3nZ1GP8zQt7N6LXB8zm/U/F
qXrVgRDcsH+INMil/N1WBJqpNnbeusw75g+H2HHq52jq4LndHUjIgsvWTRf25bE3
ikcJhmT5l/7yConT6M/i6SPEWXMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqdpfz
qU4gpc/doJO7FgHlzmgeyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhmMmFmMTQtNDNlMi00NDQ3LWE4YTctZjhmZTcxM2UyNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8I
MA0GCSqGSIb3DQEBCwUAA4IBAQCcKclOb4/okzZDGjNLk+Pekk+Mn/MpPuQEkxnp
P2AGe4XN7JRARLQYEhsihZnKt9wwii6ixvC3y2bshNLMN54+hTpoXXyufr5wbsfl
x7b2cNkGNi00J+2Cwz63FZBnrx5DS9C/z0Z7h3CwSiMY0X1DqDm3Q/ABVJmZAQ8F
Zfjhsj4vSLpLeHYN4XiP+dkCZLE1dCxD3NSxmgjki8mH8ERoYGCh7lfjPI9Whh5c
AmCEiUHY91a0h6BL6yK87mOqHcK6zxeuleFo60Uor0MRy4vzl2B8xUIrFQKGCBeO
PtF+cpo5ydsTVWD3v6aSS8+DVan2unxW/EIqKA0Vb7QTcEu5
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:42 2025 by rpki-client