Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
File: 7a5c899e-1564-4329-8939-7004d7b754c8.roa (raw, json)
Hash identifier: jdSl3487lpFMKvMxzlKJiuzXjE2OomrBRWRmjfrGdcE=
Subject key identifier: 15:45:D9:0B:A3:0F:DA:44:EF:74:53:0E:C2:0F:EB:EA:64:B6:81:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25C2C6AE142CD895015AEA5EF79B36CC5A4ED334
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
Signing time: Tue 20 May 2025 20:10:18 +0000
ROA not before: Tue 20 May 2025 20:10:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:c2:c6:ae:14:2c:d8:95:01:5a:ea:5e:f7:9b:36:cc:5a:4e:d3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=3ec3a482d6df949fe502e1ae69efa0ee0d9108de3ebf87171bb5759d1ed937e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e9:25:3d:ac:7a:28:45:85:dc:5f:25:cd:86:
a7:1a:12:52:fa:a2:3b:1a:97:cc:82:51:e0:2c:67:
1c:ee:84:c3:4d:eb:2a:bc:64:9e:8f:99:98:7e:58:
e3:14:20:a5:0a:4a:1b:40:3b:57:f4:28:62:f2:b0:
30:49:42:86:96:35:f0:94:8f:56:c0:de:e0:c0:99:
34:73:ab:48:aa:74:b8:67:72:06:37:4f:6e:ea:90:
f2:42:61:ff:1e:e1:80:b6:71:59:28:1f:68:f4:80:
85:e3:50:01:94:13:86:cb:43:6c:92:f9:7f:b5:fb:
2c:9c:f5:d8:25:27:d5:9b:d9:c9:21:5c:12:ac:a7:
32:0d:48:2e:b6:7e:ae:a7:d7:98:3e:1b:2d:10:32:
ce:ed:7f:c8:fb:8b:29:bd:72:f8:3b:9e:72:53:a4:
6f:82:07:2a:a0:a2:b8:4a:b5:93:fa:2f:93:d5:a8:
24:ed:88:83:e5:2e:a1:b7:fc:76:ef:51:07:9a:31:
a3:c2:de:ef:ea:1c:1b:44:62:26:f0:f9:7e:9a:ae:
57:eb:9e:50:f0:33:ca:8a:61:2e:22:27:bc:d0:75:
1d:ec:d4:6c:0c:89:00:e3:15:80:8f:db:fd:8e:f7:
2a:e0:36:62:14:da:46:ee:13:60:11:2d:27:26:85:
ca:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:45:D9:0B:A3:0F:DA:44:EF:74:53:0E:C2:0F:EB:EA:64:B6:81:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:9000::/40
Signature Algorithm: sha256WithRSAEncryption
b5:ac:17:1e:e1:e9:c6:94:2b:90:72:b6:5d:51:32:83:d9:54:
8f:92:bb:ea:fd:f8:be:1d:37:6c:7c:7e:02:57:1a:f9:cd:8c:
d2:9d:f0:36:24:f4:1c:35:fe:45:49:7e:c4:b8:94:7c:1f:1a:
3b:32:07:9c:61:93:d5:e4:31:47:68:d0:64:5f:5a:88:48:e5:
b8:2c:1b:e8:aa:0b:f1:12:2e:cd:8e:e9:16:e5:77:21:26:4c:
ea:ff:f4:6a:32:d1:b0:bc:b8:dd:99:13:3e:13:56:ce:bd:d5:
95:0a:1e:42:db:de:c2:61:50:69:db:0c:31:a2:b5:6b:e5:90:
01:67:5a:07:0c:1e:29:43:76:66:3b:38:3d:e7:5d:39:c5:e7:
0c:e7:b4:f7:0a:b3:f3:15:fa:ef:e5:cc:9b:84:b4:44:84:08:
40:ad:4a:b0:b2:43:64:6f:84:6e:29:3d:9a:fe:a2:8d:67:34:
53:f3:12:ec:b1:8a:9a:0f:42:7f:cb:15:1b:c2:67:29:33:d6:
be:5d:39:c4:30:83:c1:19:5f:3f:3a:62:13:c5:67:2b:68:95:
10:7b:c1:85:44:2f:0a:5d:1c:2f:4c:a7:55:c5:c6:eb:b6:22:
89:df:14:a2:7a:9b:ce:6f:d4:7c:35:73:88:1a:87:99:8d:18:
f7:4d:ed:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJcLGrhQs2JUBWupe95s2zFpO0zQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlYzNhNDgyZDZkZjk0OWZlNTAyZTFhZTY5ZWZhMGVlMGQ5MTA4ZGUzZWJm
ODcxNzFiYjU3NTlkMWVkOTM3ZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzpJT2seihFhdxfJc2GpxoSUvqiOxqXzIJR4CxnHO6Ew03rKrxkno+ZmH5Y
4xQgpQpKG0A7V/QoYvKwMElChpY18JSPVsDe4MCZNHOrSKp0uGdyBjdPbuqQ8kJh
/x7hgLZxWSgfaPSAheNQAZQThstDbJL5f7X7LJz12CUn1ZvZySFcEqynMg1ILrZ+
rqfXmD4bLRAyzu1/yPuLKb1y+DueclOkb4IHKqCiuEq1k/ovk9WoJO2Ig+Uuobf8
du9RB5oxo8Le7+ocG0RiJvD5fpquV+ueUPAzyophLiInvNB1HezUbAyJAOMVgI/b
/Y73KuA2YhTaRu4TYBEtJyaFygcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQVRdkL
ow/aRO90Uw7CD+vqZLaBhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E1Yzg5OWUtMTU2NC00MzI5LTg5MzktNzAwNGQ3Yjc1NGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC1rBce4enGlCuQcrZdUTKD2VSPkrvq/fi+HTds
fH4CVxr5zYzSnfA2JPQcNf5FSX7EuJR8Hxo7MgecYZPV5DFHaNBkX1qISOW4LBvo
qgvxEi7NjukW5XchJkzq//RqMtGwvLjdmRM+E1bOvdWVCh5C297CYVBp2wwxorVr
5ZABZ1oHDB4pQ3ZmOzg95105xecM57T3CrPzFfrv5cybhLREhAhArUqwskNkb4Ru
KT2a/qKNZzRT8xLssYqaD0J/yxUbwmcpM9a+XTnEMIPBGV8/OmITxWcraJUQe8GF
RC8KXRwvTKdVxcbrtiKJ3xSiepvOb9R8NXOIGoeZjRj3Te06
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:58:04 2025 by rpki-client