Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json)
Hash identifier: 5W+2/MPcKNHh6PUfD2zojA19rkMPr2RRY6E7LR6VnWU=
Subject key identifier: 40:CC:4F:BE:55:59:49:BA:3A:AD:B9:7B:68:A4:DB:F2:4E:26:97:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4918D8FCE9E5D63E0A249DA5D1DDAD36F357E3A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
Signing time: Tue 20 May 2025 20:30:15 +0000
ROA not before: Tue 20 May 2025 20:30:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:18:d8:fc:e9:e5:d6:3e:0a:24:9d:a5:d1:dd:ad:36:f3:57:e3:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2ac913844529e740ffef2097ba6c5944b2aad1a4eb938f2de7e8abc94af015fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:98:43:30:8b:a7:fc:95:91:08:e9:bf:df:06:
b9:0e:ea:7a:7e:13:ba:b8:c2:a0:0e:98:69:4f:fd:
08:55:42:d2:75:85:7f:cd:da:0c:71:27:6d:c3:c6:
4c:2e:9b:b3:e6:f6:7d:dd:b7:8a:a6:03:d4:11:f6:
9f:cc:33:3f:90:e2:f3:d3:7d:9c:f3:41:f6:df:09:
ee:18:b2:85:77:00:0c:b5:29:e8:e5:7d:1e:1f:2d:
64:95:85:d4:c8:6d:21:b8:60:82:69:25:6b:f5:bc:
7f:0a:5c:9b:f7:25:32:13:9b:6c:d3:9d:24:84:9c:
04:d4:47:9a:4d:52:c8:fe:d1:a6:de:67:44:a7:72:
23:27:8d:f8:de:a6:5b:eb:92:ef:1e:18:b2:2e:db:
0b:3e:88:f6:4f:7b:14:0a:d9:0b:42:88:8d:28:ec:
ce:77:bf:90:7d:76:62:5c:e0:22:46:26:92:c5:4f:
4e:56:b4:9f:c7:9b:c0:87:00:22:1d:ed:3a:db:61:
9f:b5:83:32:20:cc:de:8a:82:29:54:31:58:c7:9a:
74:16:00:3a:dc:e4:72:f6:42:72:a3:3a:26:09:0f:
e1:9d:aa:3c:8c:eb:27:9f:5d:9e:a0:ba:93:b9:e9:
42:d6:f6:17:7d:05:99:28:bd:8f:75:43:37:5b:24:
48:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CC:4F:BE:55:59:49:BA:3A:AD:B9:7B:68:A4:DB:F2:4E:26:97:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/37
Signature Algorithm: sha256WithRSAEncryption
5a:12:61:c4:2d:02:bc:29:a1:7b:9e:9d:32:f6:9c:c3:58:e7:
0c:0e:cf:3f:06:7c:47:3e:76:16:12:72:3b:14:40:51:93:2d:
88:30:0b:4c:77:69:63:20:1d:44:6b:b6:eb:53:ae:91:8b:ec:
4d:a0:41:84:d2:df:d0:1a:69:71:1d:f7:e7:c4:22:af:69:31:
5a:f9:6e:51:f5:84:a1:c0:99:02:5d:57:4e:6e:5b:a1:25:05:
66:62:25:6f:18:0e:36:f8:4a:e3:a5:25:ee:bc:44:29:db:f2:
cb:96:37:ab:6e:0c:de:f7:af:68:c9:39:78:ae:b2:53:07:4e:
0e:11:5d:4a:ce:8b:c9:77:1f:d5:b4:bf:eb:6e:cb:19:3e:31:
8c:c2:1b:23:82:7b:b8:be:64:b2:e3:03:ec:26:7a:bd:99:be:
cc:6c:16:55:02:87:14:71:e5:4c:27:3b:87:32:9f:c4:67:ca:
fe:8d:e5:bc:69:02:8f:d3:05:82:ef:94:6c:6a:ab:a0:38:69:
5d:18:51:af:ce:10:e7:a2:9f:f3:d9:6c:75:9e:03:02:3c:a6:
16:5d:94:02:7c:d8:0e:73:bb:37:5d:88:fb:54:89:3f:50:ff:
db:5a:57:04:62:68:32:b3:e5:83:8f:64:2e:fd:3c:7a:c8:c2:
ad:7e:25:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSRjY/Onl1j4KJJ2l0d2tNvNX46MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhYzkxMzg0NDUyOWU3NDBmZmVmMjA5N2JhNmM1OTQ0YjJhYWQxYTRlYjkz
OGYyZGU3ZThhYmM5NGFmMDE1ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuYQzCLp/yVkQjpv98GuQ7qen4TurjCoA6YaU/9CFVC0nWFf83aDHEnbcPG
TC6bs+b2fd23iqYD1BH2n8wzP5Di89N9nPNB9t8J7hiyhXcADLUp6OV9Hh8tZJWF
1MhtIbhggmkla/W8fwpcm/clMhObbNOdJIScBNRHmk1SyP7Rpt5nRKdyIyeN+N6m
W+uS7x4Ysi7bCz6I9k97FArZC0KIjSjszne/kH12YlzgIkYmksVPTla0n8ebwIcA
Ih3tOtthn7WDMiDM3oqCKVQxWMeadBYAOtzkcvZCcqM6JgkP4Z2qPIzrJ59dnqC6
k7npQtb2F30FmSi9j3VDN1skSH0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRAzE++
VVlJujqtuXtopNvyTiaXMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQBaEmHELQK8KaF7np0y9pzDWOcMDs8/BnxHPnYW
EnI7FEBRky2IMAtMd2ljIB1Ea7brU66Ri+xNoEGE0t/QGmlxHffnxCKvaTFa+W5R
9YShwJkCXVdObluhJQVmYiVvGA42+ErjpSXuvEQp2/LLljerbgze969oyTl4rrJT
B04OEV1KzovJdx/VtL/rbssZPjGMwhsjgnu4vmSy4wPsJnq9mb7MbBZVAocUceVM
JzuHMp/EZ8r+jeW8aQKP0wWC75RsaqugOGldGFGvzhDnop/z2Wx1ngMCPKYWXZQC
fNgOc7s3XYj7VIk/UP/bWlcEYmgys+WDj2Qu/Tx6yMKtfiW2
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:48 2025 by rpki-client