Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2d4941-4e42-4d31-b1a5-7a3644a1b6bb.roa
File: 7a2d4941-4e42-4d31-b1a5-7a3644a1b6bb.roa (raw, json)
Hash identifier: Z1FxATkSHXS7LFM9FIqqcfSBB/Tx+WZ27803+TeWr+k=
Subject key identifier: B5:52:A4:45:C8:9B:BD:F6:2C:FB:4F:DA:23:56:D9:4F:FE:A2:10:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F49B36EBD767E770B396F0690EFAD14E5086521
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2d4941-4e42-4d31-b1a5-7a3644a1b6bb.roa
Signing time: Tue 20 May 2025 19:51:18 +0000
ROA not before: Tue 20 May 2025 19:51:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:49:b3:6e:bd:76:7e:77:0b:39:6f:06:90:ef:ad:14:e5:08:65:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a3c417b9a7154bad4a5b5d3643d8073387abfa904967310c018b938af12289ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f7:49:20:3b:ad:b4:18:5e:93:c6:9a:24:1d:
49:7c:84:84:34:92:8a:41:77:bd:c2:05:b5:bb:22:
e9:c1:1d:4f:8c:0a:f8:6c:8f:43:37:62:5a:d3:19:
8e:e0:f2:9a:81:a8:93:0b:ab:d3:27:86:d1:e1:40:
1a:8b:c2:7c:ae:f6:34:e5:7e:94:da:9d:ff:fd:c8:
2a:2e:55:0f:ad:7a:60:0a:52:44:15:00:bb:ba:21:
73:f2:46:f7:e5:ad:47:a4:70:dd:4f:cc:7e:83:7e:
fd:81:d3:e1:a2:ec:a8:b8:36:df:7a:bd:b3:d6:54:
38:dc:a6:7c:30:42:29:27:aa:12:2b:f8:ff:a3:d0:
85:04:a7:da:00:ad:6a:fe:57:32:e7:54:b9:9a:ca:
68:04:87:af:cb:b4:9a:52:1c:f8:17:fd:5c:4d:20:
9a:32:74:cc:39:af:08:90:3e:4b:fe:7c:b2:11:5c:
9e:11:b7:6a:9d:86:f5:e5:8f:a5:36:f2:ad:a6:12:
36:a2:42:53:46:5c:bf:0f:67:a1:ee:fd:b1:7c:51:
3e:12:4f:44:0a:95:ea:80:2a:ba:84:89:fe:27:b0:
c5:34:fc:ec:48:8c:22:9b:45:5d:15:cd:c6:d4:68:
06:27:1b:de:f2:73:35:1b:40:1a:d9:24:a4:b7:be:
55:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:52:A4:45:C8:9B:BD:F6:2C:FB:4F:DA:23:56:D9:4F:FE:A2:10:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2d4941-4e42-4d31-b1a5-7a3644a1b6bb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c000::/40
Signature Algorithm: sha256WithRSAEncryption
85:57:ff:c5:5d:78:7b:d5:80:b5:b9:63:2f:51:30:76:04:44:
67:b0:60:ba:c0:15:f4:aa:6e:e0:ed:8c:7f:f9:cd:47:a9:84:
20:fe:8f:17:dc:06:cd:64:8f:c5:6d:d7:f9:14:51:82:99:8b:
3c:e2:3f:01:95:26:9c:14:91:7d:02:47:f5:bd:91:92:59:ab:
c5:bb:ef:3d:38:8d:48:43:91:80:9e:f6:76:e3:65:a4:f6:86:
dd:5a:d4:3a:9d:a8:06:7f:38:02:5c:f4:13:0e:48:f5:41:c2:
58:42:25:ae:53:6c:a2:f2:4e:f1:db:32:74:89:8c:e2:02:39:
89:9d:19:11:a5:ba:8b:ec:09:70:fd:9d:4c:6d:45:df:b8:8a:
dc:cf:f5:a0:30:cd:bf:c8:39:b9:71:2e:05:1d:33:8b:35:04:
20:ff:d2:96:eb:03:e9:26:88:62:9e:22:21:6c:17:01:e3:de:
c3:64:d7:98:c1:24:88:ee:8b:74:57:d0:b4:2c:14:57:54:af:
a6:73:be:9d:07:51:27:e9:03:cd:de:f2:c6:e1:aa:0a:9e:12:
1d:3b:37:30:14:c2:e0:19:a4:a6:fe:61:d8:6b:54:c8:25:63:
ba:22:bd:45:dd:a1:01:24:7c:5f:8c:66:4b:ba:3c:c2:38:87:
90:2a:b0:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP0mzbr12fncLOW8GkO+tFOUIZSEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzYzQxN2I5YTcxNTRiYWQ0YTViNWQzNjQzZDgwNzMzODdhYmZhOTA0OTY3
MzEwYzAxOGI5MzhhZjEyMjg5ZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKv3SSA7rbQYXpPGmiQdSXyEhDSSikF3vcIFtbsi6cEdT4wK+GyPQzdiWtMZ
juDymoGokwur0yeG0eFAGovCfK72NOV+lNqd//3IKi5VD616YApSRBUAu7ohc/JG
9+WtR6Rw3U/MfoN+/YHT4aLsqLg233q9s9ZUONymfDBCKSeqEiv4/6PQhQSn2gCt
av5XMudUuZrKaASHr8u0mlIc+Bf9XE0gmjJ0zDmvCJA+S/58shFcnhG3ap2G9eWP
pTbyraYSNqJCU0Zcvw9noe79sXxRPhJPRAqV6oAquoSJ/iewxTT87EiMIptFXRXN
xtRoBicb3vJzNRtAGtkkpLe+VVMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1UqRF
yJu99iz7T9ojVtlP/qIQIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyZDQ5NDEtNGU0Mi00ZDMxLWIxYTUtN2EzNjQ0YTFiNmJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HvA
MA0GCSqGSIb3DQEBCwUAA4IBAQCFV//FXXh71YC1uWMvUTB2BERnsGC6wBX0qm7g
7Yx/+c1HqYQg/o8X3AbNZI/Fbdf5FFGCmYs84j8BlSacFJF9Akf1vZGSWavFu+89
OI1IQ5GAnvZ242Wk9obdWtQ6nagGfzgCXPQTDkj1QcJYQiWuU2yi8k7x2zJ0iYzi
AjmJnRkRpbqL7Alw/Z1MbUXfuIrcz/WgMM2/yDm5cS4FHTOLNQQg/9KW6wPpJohi
niIhbBcB497DZNeYwSSI7ot0V9C0LBRXVK+mc76dB1En6QPN3vLG4aoKnhIdOzcw
FMLgGaSm/mHYa1TIJWO6Ir1F3aEBJHxfjGZLujzCOIeQKrDQ
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:27 2025 by rpki-client