Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
File: 77bc679b-5199-43c2-8199-be5c04a6c0d9.roa (raw, json)
Hash identifier: lAhldGv9cY5AkHz//oKrkgXuDKMaBPPPkLH7vxIkfNo=
Subject key identifier: E0:5D:26:35:7D:2E:F2:FE:52:A7:38:7F:45:9E:09:C0:4E:BD:9D:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A1E9852D47616C34D679330CFD0EC33000215FF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
Signing time: Tue 20 May 2025 19:10:21 +0000
ROA not before: Tue 20 May 2025 19:10:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:1e:98:52:d4:76:16:c3:4d:67:93:30:cf:d0:ec:33:00:02:15:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a8916ce995423d34c141a7f9507a889a2ff57bb41a075f05e4847bbe9357730b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7e:f0:e5:0e:a5:cf:2d:9c:18:25:59:11:44:
60:de:a5:00:75:81:a1:8a:0d:c3:c6:98:67:9f:04:
ea:31:6a:be:d0:c3:62:59:68:9e:58:04:fe:bd:bf:
fa:c1:6b:98:a0:90:8b:cd:2d:e8:5f:05:4d:d3:44:
b1:c6:f5:1e:be:f3:47:68:15:b6:6d:b9:e8:40:f2:
1d:7b:d7:89:d6:93:80:55:ee:ec:5d:96:1e:32:74:
66:91:64:1a:6e:4b:35:9f:41:b6:5a:75:11:74:d8:
a7:73:bd:11:3c:f4:12:44:34:e7:8a:46:ee:6c:e1:
d6:1b:b5:3c:c6:9b:7c:c9:2b:f6:5a:5c:5c:b8:ff:
2d:a7:4f:83:8b:2f:c6:e1:ad:f0:dd:29:d6:15:a8:
0a:32:c3:f6:e2:df:83:e5:02:c3:62:4d:60:63:6b:
7f:c8:8b:ba:a8:44:ba:41:dd:dc:2b:c9:62:bc:b3:
09:9f:eb:81:26:d3:6c:f1:45:29:94:f6:b5:ee:42:
f5:37:e0:2d:d2:d9:30:61:93:e9:0b:f1:50:aa:a1:
c7:e8:c5:d9:59:b6:a9:9d:47:b2:10:b9:ea:06:1a:
8a:46:89:01:c6:2a:b1:e0:35:19:22:4b:44:88:64:
45:9c:67:ff:e9:78:ce:93:2a:d7:b3:84:a5:74:f5:
47:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:5D:26:35:7D:2E:F2:FE:52:A7:38:7F:45:9E:09:C0:4E:BD:9D:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c040::/48
Signature Algorithm: sha256WithRSAEncryption
86:a8:c8:80:9a:49:43:00:b7:93:94:65:0c:2c:39:a9:6c:43:
9e:aa:df:38:40:72:e0:97:70:1c:92:dc:ca:94:55:5f:90:48:
b4:99:0c:a8:9e:17:7f:e0:2e:bd:a0:84:c4:af:31:2f:69:16:
b7:e3:59:c2:1b:d8:82:d2:95:3b:7b:b5:94:a5:98:af:d7:9d:
92:2b:85:8c:f7:5a:8d:67:77:b3:c5:12:a6:8e:83:93:74:d5:
db:45:80:84:ac:61:c0:e5:7b:ca:ca:c3:8b:cc:e4:4b:88:90:
b5:3c:ce:b0:d6:7b:b3:68:47:f1:68:c9:9e:f6:ff:78:f5:74:
27:3c:7d:06:72:ac:d7:94:22:c3:76:c4:d7:a7:3b:54:87:dc:
5f:99:ac:12:6d:47:57:af:8d:6c:64:f4:b7:bc:5d:59:4f:ce:
ff:86:ab:ed:32:8c:8b:0b:7e:9a:9a:d8:6c:2f:08:e3:5f:e2:
a6:3c:2d:e8:4e:85:8a:bd:ef:ab:f1:64:46:3e:fc:41:87:6c:
ae:bb:78:4c:1e:d4:35:de:52:62:b4:c6:7d:45:93:40:32:c6:
8c:e1:bb:01:6d:bf:41:3f:b5:43:29:76:14:37:a0:87:27:78:
6f:d1:74:fd:91:99:cf:57:7b:89:20:e9:a7:20:96:15:08:c9:
ad:df:80:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGh6YUtR2FsNNZ5Mwz9DsMwACFf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4OTE2Y2U5OTU0MjNkMzRjMTQxYTdmOTUwN2E4ODlhMmZmNTdiYjQxYTA3
NWYwNWU0ODQ3YmJlOTM1NzczMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1+8OUOpc8tnBglWRFEYN6lAHWBoYoNw8aYZ58E6jFqvtDDYllonlgE/r2/
+sFrmKCQi80t6F8FTdNEscb1Hr7zR2gVtm256EDyHXvXidaTgFXu7F2WHjJ0ZpFk
Gm5LNZ9Btlp1EXTYp3O9ETz0EkQ054pG7mzh1hu1PMabfMkr9lpcXLj/LadPg4sv
xuGt8N0p1hWoCjLD9uLfg+UCw2JNYGNrf8iLuqhEukHd3CvJYryzCZ/rgSbTbPFF
KZT2te5C9TfgLdLZMGGT6QvxUKqhx+jF2Vm2qZ1HshC56gYaikaJAcYqseA1GSJL
RIhkRZxn/+l4zpMq17OEpXT1R+ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTgXSY1
fS7y/lKnOH9FngnATr2dizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzdiYzY3OWItNTE5OS00M2MyLTgxOTktYmU1YzA0YTZjMGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
QDANBgkqhkiG9w0BAQsFAAOCAQEAhqjIgJpJQwC3k5RlDCw5qWxDnqrfOEBy4Jdw
HJLcypRVX5BItJkMqJ4Xf+AuvaCExK8xL2kWt+NZwhvYgtKVO3u1lKWYr9edkiuF
jPdajWd3s8USpo6Dk3TV20WAhKxhwOV7ysrDi8zkS4iQtTzOsNZ7s2hH8WjJnvb/
ePV0Jzx9BnKs15Qiw3bE16c7VIfcX5msEm1HV6+NbGT0t7xdWU/O/4ar7TKMiwt+
mprYbC8I41/ipjwt6E6Fir3vq/FkRj78QYdsrrt4TB7UNd5SYrTGfUWTQDLGjOG7
AW2/QT+1Qyl2FDeghyd4b9F0/ZGZz1d7iSDppyCWFQjJrd+AuQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:04 2025 by rpki-client