Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
File: 7802179a-c80f-42f1-a50b-a0af1df078c2.roa (raw, json)
Hash identifier: smFtt/XmooFm5a12P888AosiKh9VXi8o/dLJD4JRXRY=
Subject key identifier: 94:C1:28:F2:43:D3:6A:E4:D1:A8:14:8C:95:0C:AE:28:2B:09:1F:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 187A9C485AC2A34AEB31090E4B48DC22F2662F06
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
Signing time: Fri 23 May 2025 00:40:45 +0000
ROA not before: Fri 23 May 2025 00:40:45 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:7a:9c:48:5a:c2:a3:4a:eb:31:09:0e:4b:48:dc:22:f2:66:2f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:45 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=7ba45aa0f499a1fddfd666d474ef919014244fa6857fab14bdbe67742401baee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0c:56:34:19:1f:bb:38:76:2c:6e:1e:20:12:
3d:8e:98:49:70:06:52:fe:82:bc:2c:0f:7c:bf:a3:
b7:0a:ca:36:06:55:06:66:3a:ce:9f:62:15:d5:45:
41:d4:c6:17:dc:ea:46:a3:38:79:8a:c1:a7:22:1b:
84:54:f8:a8:17:eb:c0:26:51:06:b1:70:f9:8b:f8:
67:77:96:9a:f0:03:a9:9c:03:52:b2:92:87:59:79:
fa:85:e6:e4:84:77:2c:75:6a:4e:d8:cd:c9:b8:8d:
c8:1c:f4:aa:db:49:fc:a6:d6:ae:83:ab:41:b3:58:
ef:99:31:45:7b:c6:80:ac:c4:92:70:de:b8:37:37:
eb:d5:e1:f5:4c:86:ed:fb:8f:37:09:6e:34:c8:ad:
a4:95:0a:8a:40:e7:af:79:13:4d:66:ed:b3:01:7a:
52:24:73:70:b0:5e:c9:e6:a5:b2:0d:58:ee:78:8a:
d9:f5:47:76:25:24:9d:34:2f:fe:8c:50:46:ab:1c:
0b:b5:14:1d:85:84:93:fe:1a:19:18:32:db:cf:29:
0c:a3:29:e3:4f:93:b0:9f:aa:90:50:cf:7a:72:85:
39:a7:80:d4:58:9c:b3:27:37:21:35:ac:cf:e4:55:
ff:d1:12:8d:e2:e1:1f:6f:02:a8:40:1c:2a:73:46:
14:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C1:28:F2:43:D3:6A:E4:D1:A8:14:8C:95:0C:AE:28:2B:09:1F:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:f0:e8:ba:c5:36:c2:95:84:d7:45:c3:92:4c:16:d8:34:cc:
b0:c9:32:9f:91:28:03:18:b8:af:51:72:84:48:c6:be:be:9a:
dc:f0:1d:b5:c2:9c:55:51:2c:03:2e:87:bd:68:7c:09:8e:b7:
25:66:e1:9b:9c:86:9e:4e:6b:60:58:48:97:53:37:6f:2a:b1:
9b:eb:82:86:d8:a6:42:79:62:a8:a0:2a:85:fc:f0:65:ec:f9:
5c:d6:f6:9f:0d:a7:d7:cc:42:6a:7a:32:64:d5:06:f4:33:b5:
46:7c:b8:58:70:6e:ec:c7:cf:79:41:e6:66:10:8c:70:fb:f7:
fc:b3:f7:5c:dc:c6:9e:84:2b:1f:ed:6e:c1:7e:c4:23:8f:e0:
23:f5:bd:29:e2:e4:06:79:06:cf:24:4c:f2:d6:98:ff:be:bf:
a8:f6:db:ea:01:c2:71:f4:1d:0e:61:fd:92:20:f1:63:cd:10:
41:82:94:6d:3f:2c:4e:71:77:cd:bf:3b:39:e8:c1:4a:10:33:
76:56:10:76:50:06:13:5b:03:ad:5b:5d:fa:84:3e:de:31:8a:
bc:53:84:d1:42:ba:dd:60:4a:8f:7c:b9:d5:df:2c:c7:6a:a2:
c5:64:4f:6b:2c:ad:d3:fa:6f:ce:a7:c0:79:03:4a:63:12:68:
d6:a9:2a:73
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGHqcSFrCo0rrMQkOS0jcIvJmLwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwNDVaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiYTQ1YWEwZjQ5OWExZmRkZmQ2NjZkNDc0ZWY5MTkwMTQyNDRmYTY4NTdm
YWIxNGJkYmU2Nzc0MjQwMWJhZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEMVjQZH7s4dixuHiASPY6YSXAGUv6CvCwPfL+jtwrKNgZVBmY6zp9iFdVF
QdTGF9zqRqM4eYrBpyIbhFT4qBfrwCZRBrFw+Yv4Z3eWmvADqZwDUrKSh1l5+oXm
5IR3LHVqTtjNybiNyBz0qttJ/KbWroOrQbNY75kxRXvGgKzEknDeuDc369Xh9UyG
7fuPNwluNMitpJUKikDnr3kTTWbtswF6UiRzcLBeyealsg1Y7niK2fVHdiUknTQv
/oxQRqscC7UUHYWEk/4aGRgy288pDKMp40+TsJ+qkFDPenKFOaeA1Ficsyc3ITWs
z+RV/9ESjeLhH28CqEAcKnNGFKcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUwSjy
Q9Nq5NGoFIyVDK4oKwkfTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwMjE3OWEtYzgwZi00MmYxLWE1MGItYTBhZjFkZjA3OGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQA+8Oi6xTbClYTXRcOSTBbYNMywyTKfkSgDGLiv
UXKESMa+vprc8B21wpxVUSwDLoe9aHwJjrclZuGbnIaeTmtgWEiXUzdvKrGb64KG
2KZCeWKooCqF/PBl7Plc1vafDafXzEJqejJk1Qb0M7VGfLhYcG7sx895QeZmEIxw
+/f8s/dc3MaehCsf7W7BfsQjj+Aj9b0p4uQGeQbPJEzy1pj/vr+o9tvqAcJx9B0O
Yf2SIPFjzRBBgpRtPyxOcXfNvzs56MFKEDN2VhB2UAYTWwOtW136hD7eMYq8U4TR
QrrdYEqPfLnV3yzHaqLFZE9rLK3T+m/Op8B5A0pjEmjWqSpz
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:32 2025 by rpki-client