Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/743b08e5-dfbe-44cb-a9af-87de652b3c1c.roa
File: 743b08e5-dfbe-44cb-a9af-87de652b3c1c.roa (raw, json)
Hash identifier: 6rEExFOrcGo71NWVZ/bizixpAHz3tBcsYkKu2Rgm5yI=
Subject key identifier: 86:BA:A3:C8:34:70:DF:CE:F7:61:85:B0:44:AE:D3:0C:98:21:12:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F921C4A42E70926083E4DDA77043B6FBE8DF362
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/743b08e5-dfbe-44cb-a9af-87de652b3c1c.roa
Signing time: Tue 20 May 2025 19:20:25 +0000
ROA not before: Tue 20 May 2025 19:20:25 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:92:1c:4a:42:e7:09:26:08:3e:4d:da:77:04:3b:6f:be:8d:f3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:20:25 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d830c09e378c6af7973c05756b0305e0a59f17df8162286bb00ac979dc36d253, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:62:26:9a:c1:15:90:89:65:eb:c3:60:f8:
43:5b:94:29:48:da:72:11:28:1f:dc:f2:5b:8c:78:
fe:d2:3b:89:c2:92:95:6b:ec:3f:fd:c2:f3:9a:89:
42:fc:21:27:ee:93:7e:7a:92:ff:8c:1a:32:8c:b6:
0e:c1:a2:b9:93:9c:54:18:f2:fd:bc:a5:16:e4:a3:
0a:94:b1:4c:30:3d:fa:88:47:e1:0d:b2:86:5f:69:
89:9b:93:72:22:d4:bb:d5:47:18:50:bf:7f:d0:f2:
b7:69:df:1c:ea:50:de:2e:0e:6e:82:04:cd:07:5a:
7a:d8:ba:0b:ac:cc:27:45:d8:a2:64:2d:7b:7c:e8:
b5:45:a3:7b:76:7d:03:b9:b4:61:45:16:ec:10:f2:
79:72:89:8b:aa:7b:2e:41:76:60:9a:3c:75:b5:ac:
f0:da:77:b1:58:13:0a:1f:d4:bd:73:6e:cf:65:11:
5f:7a:d4:64:7f:b2:62:19:57:c0:5f:dc:29:3c:0e:
d3:8e:35:f5:c6:b1:a4:c7:7f:23:41:28:31:21:4c:
ae:d8:ae:f6:65:1d:4c:2f:26:7c:fd:01:18:37:74:
db:7f:70:99:97:6b:00:1a:ba:79:c4:8d:ad:13:e4:
95:c1:fe:ff:ba:3c:df:6a:be:7b:c5:02:b7:ca:5d:
45:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BA:A3:C8:34:70:DF:CE:F7:61:85:B0:44:AE:D3:0C:98:21:12:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/743b08e5-dfbe-44cb-a9af-87de652b3c1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
28:6b:d0:9f:5f:e0:af:91:04:c0:92:3d:08:9a:86:8e:dc:ca:
b7:f1:a8:d1:66:d5:f9:5c:e9:ce:40:e1:70:2f:18:30:61:1f:
94:8d:af:16:72:aa:ab:e1:d5:b5:b2:f3:81:a5:8d:d3:96:5d:
71:2c:73:52:9d:20:8c:b7:67:75:64:9d:8d:6a:bf:da:52:4b:
a2:6b:e3:6a:80:4e:34:fd:90:eb:81:cf:1a:9e:8e:c9:ac:28:
70:26:02:6a:64:96:46:b6:c4:02:d7:4e:c5:2f:05:81:6f:24:
df:f4:fc:2a:ec:0f:d1:b4:a9:1d:55:f3:8f:80:06:7b:e4:4d:
49:64:84:65:c1:f4:ea:87:41:6f:1b:02:35:22:c8:74:7d:1d:
18:40:54:a0:23:30:a1:c0:65:64:ef:4f:24:9b:0d:d7:de:c7:
e8:98:19:e7:f2:e6:a4:4f:6c:70:6c:42:8e:28:8d:9e:0f:33:
ab:33:16:90:98:6a:c9:29:2d:bd:2e:bb:0e:72:f8:d8:3b:6f:
3a:1a:ed:46:e5:56:9b:0a:b9:7d:de:cd:2e:17:50:52:c5:7c:
e0:d7:d8:cc:67:ef:37:35:50:ed:fb:4d:bf:3d:af:43:cb:11:
04:23:3d:fa:fb:26:a2:1b:aa:65:5f:0c:8d:90:41:3a:ad:fc:
22:fe:0d:fc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT5IcSkLnCSYIPk3adwQ7b76N82IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIwMjVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4MzBjMDllMzc4YzZhZjc5NzNjMDU3NTZiMDMwNWUwYTU5ZjE3ZGY4MTYy
Mjg2YmIwMGFjOTc5ZGMzNmQyNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALE3YiaawRWQiWXrw2D4Q1uUKUjachEoH9zyW4x4/tI7icKSlWvsP/3C85qJ
QvwhJ+6TfnqS/4waMoy2DsGiuZOcVBjy/bylFuSjCpSxTDA9+ohH4Q2yhl9piZuT
ciLUu9VHGFC/f9Dyt2nfHOpQ3i4OboIEzQdaeti6C6zMJ0XYomQte3zotUWje3Z9
A7m0YUUW7BDyeXKJi6p7LkF2YJo8dbWs8Np3sVgTCh/UvXNuz2URX3rUZH+yYhlX
wF/cKTwO04419caxpMd/I0EoMSFMrtiu9mUdTC8mfP0BGDd0239wmZdrABq6ecSN
rRPklcH+/7o832q+e8UCt8pdRYcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSGuqPI
NHDfzvdhhbBErtMMmCESnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzQzYjA4ZTUtZGZiZS00NGNiLWE5YWYtODdkZTY1MmIzYzFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXg
wDANBgkqhkiG9w0BAQsFAAOCAQEAKGvQn1/gr5EEwJI9CJqGjtzKt/Go0WbV+Vzp
zkDhcC8YMGEflI2vFnKqq+HVtbLzgaWN05ZdcSxzUp0gjLdndWSdjWq/2lJLomvj
aoBONP2Q64HPGp6OyawocCYCamSWRrbEAtdOxS8FgW8k3/T8KuwP0bSpHVXzj4AG
e+RNSWSEZcH06odBbxsCNSLIdH0dGEBUoCMwocBlZO9PJJsN197H6JgZ5/LmpE9s
cGxCjiiNng8zqzMWkJhqySktvS67DnL42DtvOhrtRuVWmwq5fd7NLhdQUsV84NfY
zGfvNzVQ7ftNvz2vQ8sRBCM9+vsmohuqZV8MjZBBOq38Iv4N/A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:32 2025 by rpki-client