Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
File: 72da9f02-356c-4664-864e-e60b7c9e874d.roa (raw, json)
Hash identifier: KQlov+x7BtoHgg2uxoicdywhG1culv4t4b51SWNwxUQ=
Subject key identifier: 7C:46:7F:36:D0:61:36:DA:73:DE:66:DF:E0:78:56:DB:88:1D:6A:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EE73C2751DA4DF8A82A0ED1F751F987834EA6BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
Signing time: Tue 20 May 2025 19:41:17 +0000
ROA not before: Tue 20 May 2025 19:41:17 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:e7:3c:27:51:da:4d:f8:a8:2a:0e:d1:f7:51:f9:87:83:4e:a6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:41:17 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b7a18282ad47b0584624ef70ef4c49723d923cc472d320099326e979ed9d54ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5d:45:d2:78:02:fc:fa:87:e5:df:fd:8f:cc:
c4:01:74:20:34:b2:3f:d6:42:96:54:22:d3:01:fc:
6a:2a:93:de:e1:84:74:2d:25:9c:86:3c:4c:27:03:
1d:d0:2d:c3:cd:9c:89:49:38:36:27:b9:41:cc:ec:
c3:45:2b:4d:dc:cd:bd:d1:d3:60:99:9f:59:54:3d:
14:42:b2:c2:e7:aa:07:d1:6d:bb:05:58:5b:6a:a8:
0a:6e:55:aa:82:32:a9:de:cc:8a:ba:69:17:9b:2e:
b6:fe:9b:8b:5b:94:47:8c:c8:7a:04:4a:fa:4e:63:
cb:6d:f5:f0:76:72:c6:b3:cb:4a:20:04:79:58:85:
7d:2f:75:5e:ff:3a:78:d3:98:52:ee:4a:f2:2c:49:
5f:a4:bf:77:82:e8:0e:f8:33:e3:b2:b6:aa:0c:75:
cb:b5:0f:00:15:ce:d4:63:a9:4f:1e:9f:d1:a9:06:
e8:e7:7c:b4:bb:a0:21:ca:86:39:f7:df:6a:a2:79:
ed:20:c7:be:11:ee:87:40:f7:81:d6:1d:6e:50:d8:
8c:24:46:30:54:02:19:97:42:47:82:a9:b2:2c:04:
05:79:fb:d5:84:9e:fe:f2:71:de:74:33:3a:03:37:
a8:6e:5e:3c:83:06:b2:e7:d6:2f:ea:84:c5:a0:88:
cf:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:46:7F:36:D0:61:36:DA:73:DE:66:DF:E0:78:56:DB:88:1D:6A:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c040::/46
Signature Algorithm: sha256WithRSAEncryption
26:bb:b4:c3:58:23:34:c9:fb:0b:54:20:2f:b8:1c:54:49:28:
fe:b9:f1:29:e2:30:a8:54:fc:21:a6:c9:36:2b:75:e3:7c:dd:
d1:5d:b2:04:0a:d0:65:03:98:05:e7:5e:a9:bc:95:a0:f0:07:
13:86:d6:37:48:0f:90:a1:5f:99:5d:9c:5e:63:a7:4c:bc:81:
2a:71:37:8f:4c:45:4f:00:1e:f8:53:7a:17:65:f6:f5:19:54:
c3:fc:b6:4a:f1:e2:0d:31:6a:61:9d:ad:ea:a9:1b:05:56:78:
65:21:8e:f5:c4:e5:0b:6e:6c:be:c0:03:5d:79:ca:0a:92:57:
24:b3:fc:8f:36:47:88:5c:cc:19:cd:b8:0c:1d:9d:9e:28:bc:
4c:ab:77:47:3e:6b:02:58:15:4c:88:35:55:81:e1:32:fa:d6:
08:bd:dd:b9:bb:50:99:9a:df:26:2d:66:88:bd:c8:7d:3e:ef:
1e:14:dd:e1:44:af:e1:cd:29:3a:b6:8a:6e:03:e2:99:4d:41:
c3:37:8c:ed:92:7e:8b:7c:ef:d9:5c:fb:29:21:48:5a:55:87:
7c:a3:53:e7:97:59:4b:4e:2b:5e:3d:90:7f:4f:3c:1f:50:b6:
f0:54:57:07:09:79:e8:02:12:e4:07:cc:7f:e7:b4:10:be:2e:
0c:81:31:fb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXuc8J1HaTfioKg7R91H5h4NOprwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQxMTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3YTE4MjgyYWQ0N2IwNTg0NjI0ZWY3MGVmNGM0OTcyM2Q5MjNjYzQ3MmQz
MjAwOTkzMjZlOTc5ZWQ5ZDU0ZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZdRdJ4Avz6h+Xf/Y/MxAF0IDSyP9ZCllQi0wH8aiqT3uGEdC0lnIY8TCcD
HdAtw82ciUk4Nie5Qczsw0UrTdzNvdHTYJmfWVQ9FEKywueqB9FtuwVYW2qoCm5V
qoIyqd7MirppF5sutv6bi1uUR4zIegRK+k5jy2318HZyxrPLSiAEeViFfS91Xv86
eNOYUu5K8ixJX6S/d4LoDvgz47K2qgx1y7UPABXO1GOpTx6f0akG6Od8tLugIcqG
OfffaqJ57SDHvhHuh0D3gdYdblDYjCRGMFQCGZdCR4KpsiwEBXn71YSe/vJx3nQz
OgM3qG5ePIMGsufWL+qExaCIz3UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR8Rn82
0GE22nPeZt/geFbbiB1qYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJkYTlmMDItMzU2Yy00NjY0LTg2NGUtZTYwYjdjOWU4NzRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HfA
QDANBgkqhkiG9w0BAQsFAAOCAQEAJru0w1gjNMn7C1QgL7gcVEko/rnxKeIwqFT8
IabJNit143zd0V2yBArQZQOYBedeqbyVoPAHE4bWN0gPkKFfmV2cXmOnTLyBKnE3
j0xFTwAe+FN6F2X29RlUw/y2SvHiDTFqYZ2t6qkbBVZ4ZSGO9cTlC25svsADXXnK
CpJXJLP8jzZHiFzMGc24DB2dnii8TKt3Rz5rAlgVTIg1VYHhMvrWCL3dubtQmZrf
Ji1miL3IfT7vHhTd4USv4c0pOraKbgPimU1BwzeM7ZJ+i3zv2Vz7KSFIWlWHfKNT
55dZS04rXj2Qf088H1C28FRXBwl56AIS5AfMf+e0EL4uDIEx+w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:53 2025 by rpki-client