Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: cLL2DQS5hwnhSutflDEilH4vs//Fpmn4A9iZ46HRCXo=
Subject key identifier: 44:31:6D:5D:0E:33:35:E7:04:8C:33:88:75:7A:62:21:7F:63:C9:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4ABD1E5B20F83F76A95F88F0BC54A9AAB14231B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Tue 20 May 2025 20:40:02 +0000
ROA not before: Tue 20 May 2025 20:40:02 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:bd:1e:5b:20:f8:3f:76:a9:5f:88:f0:bc:54:a9:aa:b1:42:31:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:40:02 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a591ba6600f960ee9c48733a18cb81d1fcd435b8de9df643cb14b12ea35f70cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5f:1f:32:cc:2a:a2:29:65:d3:71:7b:85:29:
bf:4d:ec:f8:70:b6:56:f2:e3:31:dc:86:b2:27:a1:
62:a4:46:b3:6d:83:21:ee:2c:56:de:3b:20:28:9d:
ff:9e:78:bc:5f:08:63:ad:9c:d8:55:07:d2:74:4b:
62:82:fa:f1:58:a5:a1:ab:18:2e:1b:14:39:cf:bf:
91:3f:3b:88:bb:2c:78:b4:14:f8:c9:0e:a7:f8:b9:
01:32:1e:5d:01:59:49:d2:d4:de:43:ad:c2:39:5d:
6e:8d:bf:71:35:b7:2e:3c:bd:82:6e:85:07:59:bf:
09:2d:7e:17:07:38:2d:22:fc:a4:24:d2:cf:b5:65:
9c:0f:00:d5:df:52:70:b3:c4:b3:25:ed:12:ad:fd:
92:73:2d:4c:dd:3d:17:15:e2:9b:24:15:c4:9d:cc:
d0:a6:b4:26:e4:4f:97:49:d3:42:40:b9:7e:f9:db:
45:91:a9:94:b7:5b:5f:26:d4:22:c5:9a:a8:6f:47:
f7:9b:9b:5e:69:c3:7b:b5:9b:53:96:a5:6a:e2:57:
eb:be:b4:8e:de:b9:14:46:5a:d6:59:77:ca:b8:96:
36:c4:26:60:ab:05:70:27:82:b9:24:1f:98:fb:34:
4c:db:57:b8:8f:ca:f8:e1:45:2c:cc:2a:8a:41:15:
a4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:31:6D:5D:0E:33:35:E7:04:8C:33:88:75:7A:62:21:7F:63:C9:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
87:9f:42:49:3d:37:5a:17:55:a6:6b:90:12:c7:ea:af:92:e5:
4a:f3:a2:2c:31:0c:c4:0e:1f:35:d0:48:e7:a4:34:a2:ad:1b:
f1:1a:31:2e:93:54:de:54:02:25:6d:9b:e1:3b:df:0c:d3:af:
36:20:61:11:42:7f:1c:8e:09:01:fb:34:42:62:6f:32:a4:66:
54:97:55:dd:e2:5c:fe:6e:34:71:99:8d:fb:93:62:9b:3f:1e:
a1:b1:57:34:86:0c:e5:77:49:a3:18:b8:57:22:24:5e:40:3e:
2f:68:b4:9c:b2:2d:a2:72:7a:52:c6:93:48:78:1c:b6:69:50:
bb:5d:52:95:c9:ef:2f:86:33:6f:10:b5:0c:81:17:c6:ae:03:
9b:31:4d:e3:58:d3:01:e4:ce:95:b6:6c:5e:9b:7f:dd:9c:eb:
db:32:fe:13:5b:47:71:fb:bc:66:00:d7:f9:3f:2e:e1:bd:70:
58:28:39:df:4b:88:f0:3b:c0:57:b2:23:4b:c5:12:f2:8a:bc:
c3:7a:43:47:a8:83:58:33:fb:6a:4c:e2:d3:fb:ba:69:c5:c4:
e7:a0:fb:8d:53:18:5f:6a:bc:21:12:d9:d6:64:1a:04:ec:a6:
b4:fa:e7:33:9c:f2:65:85:96:21:d3:f0:6e:a0:a8:40:6a:89:
dc:c5:c0:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSr0eWyD4P3apX4jwvFSpqrFCMbcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDQwMDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1OTFiYTY2MDBmOTYwZWU5YzQ4NzMzYTE4Y2I4MWQxZmNkNDM1YjhkZTlk
ZjY0M2NiMTRiMTJlYTM1ZjcwY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5fHzLMKqIpZdNxe4Upv03s+HC2VvLjMdyGsiehYqRGs22DIe4sVt47ICid
/554vF8IY62c2FUH0nRLYoL68ViloasYLhsUOc+/kT87iLsseLQU+MkOp/i5ATIe
XQFZSdLU3kOtwjldbo2/cTW3Ljy9gm6FB1m/CS1+Fwc4LSL8pCTSz7VlnA8A1d9S
cLPEsyXtEq39knMtTN09FxXimyQVxJ3M0Ka0JuRPl0nTQkC5fvnbRZGplLdbXybU
IsWaqG9H95ubXmnDe7WbU5alauJX6760jt65FEZa1ll3yriWNsQmYKsFcCeCuSQf
mPs0TNtXuI/K+OFFLMwqikEVpK8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREMW1d
DjM15wSMM4h1emIhf2PJATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCHn0JJPTdaF1Wma5ASx+qvkuVK86IsMQzEDh81
0EjnpDSirRvxGjEuk1TeVAIlbZvhO98M0682IGERQn8cjgkB+zRCYm8ypGZUl1Xd
4lz+bjRxmY37k2KbPx6hsVc0hgzld0mjGLhXIiReQD4vaLScsi2icnpSxpNIeBy2
aVC7XVKVye8vhjNvELUMgRfGrgObMU3jWNMB5M6Vtmxem3/dnOvbMv4TW0dx+7xm
ANf5Py7hvXBYKDnfS4jwO8BXsiNLxRLyirzDekNHqINYM/tqTOLT+7ppxcTnoPuN
UxhfarwhEtnWZBoE7Ka0+ucznPJlhZYh0/BuoKhAaoncxcD5
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:41 2025 by rpki-client