Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa
File: 7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa (raw, json)
Hash identifier: DDrErtOgxP8W7NjgEDVtPTbQIOAcGZErjJugi9pbIN8=
Subject key identifier: 27:52:B2:22:D3:C2:52:10:74:C6:D5:EA:6B:BC:4A:AB:C7:4B:80:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D26CECE76A78981922637B500F932AAEE4D737D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa
Signing time: Fri 06 Jun 2025 15:10:50 +0000
ROA not before: Fri 06 Jun 2025 15:10:50 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:26:ce:ce:76:a7:89:81:92:26:37:b5:00:f9:32:aa:ee:4d:73:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:50 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=536de975aab05f3b2fd385840dd8d3eaade94a9319ea3ad9610f83e42bf212da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0d:8b:c0:47:7f:08:8d:ac:5b:00:6c:0b:28:
f0:9b:93:10:98:4d:91:56:b5:fc:9a:7f:d3:37:b0:
e5:5f:87:67:bd:bc:fa:d8:9b:5a:a3:4e:9a:34:37:
79:ab:af:8f:12:bd:cd:51:a1:68:b0:6a:66:ee:37:
7f:80:fc:3f:e9:44:7b:9a:72:cc:21:6e:8b:88:f7:
4b:d3:65:fc:f8:1e:f4:9a:7e:b0:5b:e0:08:43:06:
ee:c3:38:da:92:6b:ce:38:49:cb:a8:b7:26:3e:aa:
e4:52:c1:73:2e:01:ff:12:06:1c:65:f6:8c:98:3e:
41:11:a2:a8:af:00:4b:26:0c:9a:8d:15:46:5e:72:
e6:bb:70:00:1c:3b:b9:cf:7c:c8:7a:c8:f7:68:0e:
1c:15:f3:a4:cf:6b:b3:fb:5a:42:95:93:30:32:bf:
17:d4:91:4c:cf:a4:d0:2d:a5:91:9b:bf:77:18:2b:
60:c2:c6:38:3f:32:8e:1f:fc:0f:70:1f:89:f4:b2:
38:be:79:71:e0:43:8a:2b:25:9e:3c:27:20:0e:84:
c7:53:74:b8:14:18:08:06:65:d3:95:36:86:df:56:
cb:10:3c:43:23:89:1b:46:65:dc:e6:6f:dd:ea:20:
3d:08:ac:e0:69:81:20:d5:95:e0:93:64:ec:7a:3e:
35:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:52:B2:22:D3:C2:52:10:74:C6:D5:EA:6B:BC:4A:AB:C7:4B:80:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a1ea1f2-685a-4073-b22a-0a37f133b9dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:5000::/40
Signature Algorithm: sha256WithRSAEncryption
14:76:13:88:49:81:0a:c9:1f:9d:c8:54:65:2d:9a:0f:62:3d:
d0:f6:56:1c:19:8d:24:86:c3:81:65:21:9a:fc:19:de:be:4d:
2c:c9:39:33:dd:da:6d:8e:e4:64:d4:78:9a:03:bd:a7:ba:ac:
b6:e2:72:36:00:1e:3b:3e:43:d9:23:d8:b7:bc:cf:b6:bd:eb:
02:6f:61:f3:fb:f1:f3:2f:9b:9c:8b:51:47:b5:6f:fb:bb:67:
ba:65:58:ec:37:53:7c:4b:5c:4b:35:ab:40:fb:49:bb:d3:ef:
9f:a3:f2:bb:59:bb:c7:ee:bc:cb:a8:41:c4:1a:f6:f1:a1:dd:
2a:4b:e6:63:c8:e6:b3:47:42:a6:5b:be:db:00:e0:4e:a2:9c:
40:bc:7b:96:2f:9f:87:c5:ac:6b:72:bb:98:eb:f5:21:77:e3:
90:d3:10:f7:96:cc:30:3e:50:ae:94:c8:1c:3c:9a:60:95:ba:
b1:6a:b7:17:3b:3f:0e:86:f5:3c:df:67:c6:d1:92:ec:40:00:
a1:2d:89:94:6f:77:2a:e5:ee:44:ad:24:cc:64:09:32:fd:23:
44:a8:aa:b7:63:53:12:51:fc:9b:90:63:fe:68:c2:f1:5c:8f:
98:d1:a2:a5:fc:97:59:c9:6f:03:ea:18:ac:d7:8f:ad:fc:3f:
3f:df:c2:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXSbOznaniYGSJje1APkyqu5Nc30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNTBaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzNmRlOTc1YWFiMDVmM2IyZmQzODU4NDBkZDhkM2VhYWRlOTRhOTMxOWVh
M2FkOTYxMGY4M2U0MmJmMjEyZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0Ni8BHfwiNrFsAbAso8JuTEJhNkVa1/Jp/0zew5V+HZ728+tibWqNOmjQ3
eauvjxK9zVGhaLBqZu43f4D8P+lEe5pyzCFui4j3S9Nl/Pge9Jp+sFvgCEMG7sM4
2pJrzjhJy6i3Jj6q5FLBcy4B/xIGHGX2jJg+QRGiqK8ASyYMmo0VRl5y5rtwABw7
uc98yHrI92gOHBXzpM9rs/taQpWTMDK/F9SRTM+k0C2lkZu/dxgrYMLGOD8yjh/8
D3AfifSyOL55ceBDiislnjwnIA6Ex1N0uBQYCAZl05U2ht9WyxA8QyOJG0Zl3OZv
3eogPQis4GmBINWV4JNk7Ho+NTMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQnUrIi
08JSEHTG1eprvEqrx0uAlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ExZWExZjItNjg1YS00MDczLWIyMmEtMGEzN2YxMzNiOWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAUdhOISYEKyR+dyFRlLZoPYj3Q9lYcGY0khsOB
ZSGa/Bnevk0syTkz3dptjuRk1HiaA72nuqy24nI2AB47PkPZI9i3vM+2vesCb2Hz
+/HzL5uci1FHtW/7u2e6ZVjsN1N8S1xLNatA+0m70++fo/K7WbvH7rzLqEHEGvbx
od0qS+ZjyOazR0KmW77bAOBOopxAvHuWL5+HxaxrcruY6/Uhd+OQ0xD3lswwPlCu
lMgcPJpglbqxarcXOz8OhvU832fG0ZLsQAChLYmUb3cq5e5ErSTMZAky/SNEqKq3
Y1MSUfybkGP+aMLxXI+Y0aKl/JdZyW8D6his14+t/D8/38KZ
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:37:42 2025 by rpki-client