Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
File: 819bfec2-19de-4cdb-ba40-657fff6a743e.roa (raw, json)
Hash identifier: 1uX5DegpI7sk+bcyC6HnifsIuuw5MNN8km8YZtWY9FY=
Subject key identifier: 87:4C:8D:5C:B1:DB:25:39:3F:7D:1A:DB:EA:6D:36:85:35:19:13:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60938C05A1D0D55B4BF4F4843FF701527EF5E6EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
Signing time: Tue 20 May 2025 19:10:43 +0000
ROA not before: Tue 20 May 2025 19:10:43 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:93:8c:05:a1:d0:d5:5b:4b:f4:f4:84:3f:f7:01:52:7e:f5:e6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:43 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d566e12ae82d2c8779031e0651cca48366c213f6b2f744ee4c18330a42a7e91f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:85:db:af:a1:16:22:76:ba:bd:4b:a9:9c:2c:
28:77:bd:d6:66:ac:3b:e6:24:8e:9f:86:dd:3c:39:
60:65:11:09:df:78:e1:d6:0a:04:d8:86:97:ad:60:
55:53:ca:58:d6:b6:47:8d:ad:b0:f3:eb:90:5e:05:
45:d0:46:9f:cc:4e:7f:ea:c6:ca:ba:6d:8b:9e:b6:
a2:8a:a9:72:21:3c:82:46:f9:c3:ff:8c:a9:ce:c5:
6d:ba:53:9e:32:81:eb:cc:16:2a:b1:84:6f:83:21:
d6:ff:67:48:d4:4b:67:2e:25:77:e6:e9:f9:66:71:
bd:5f:e8:0f:b8:a9:64:8f:04:28:6d:b2:c9:27:5e:
dd:db:bf:6e:44:b4:ca:64:15:55:86:86:38:e6:db:
b4:a4:bd:be:fe:c4:8a:3b:cc:0a:54:d8:14:a3:ea:
d9:f6:78:e3:43:64:2e:7a:0d:d4:62:b3:0b:de:91:
98:b7:59:0c:0b:f4:82:6b:2a:0a:39:92:92:9b:45:
95:bf:1d:1f:de:91:de:ab:60:e4:7f:b4:8d:1f:cd:
de:94:c8:6b:50:58:bc:b1:3c:89:85:a6:bb:94:68:
80:7b:79:06:a8:10:9b:8d:9c:c8:4c:76:ed:47:82:
ca:75:6f:06:17:af:20:e5:b1:a8:7e:05:89:3c:23:
12:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4C:8D:5C:B1:DB:25:39:3F:7D:1A:DB:EA:6D:36:85:35:19:13:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
39:29:48:a6:f2:73:ad:ef:e8:42:98:20:4f:2b:5f:2b:84:45:
1f:c4:f4:70:56:0c:8b:79:13:1c:41:90:35:cd:72:13:1f:ae:
6a:8c:75:be:c5:62:0a:c0:ed:4c:28:6f:6f:f5:fd:83:c1:bb:
f9:e3:16:fe:2a:0a:c0:4d:c1:36:80:6f:d3:f3:28:17:8d:85:
40:8d:ca:80:52:9d:83:8b:fe:ba:c8:28:9f:ee:bc:08:ff:bf:
e3:1a:a7:bf:92:68:a8:67:68:20:37:f7:9d:d2:e2:f5:e5:50:
7e:7e:cd:f5:b7:1b:c0:b8:5f:61:fc:52:1b:b1:67:bf:8b:60:
74:b0:3c:ca:73:c1:a2:db:b0:31:aa:29:4a:66:90:32:91:0e:
f7:ed:0a:7d:1f:35:f6:fc:95:ac:b0:e2:69:4c:1a:4c:ac:1b:
b0:9a:60:9d:81:95:e5:1e:7b:7b:16:91:87:78:1a:a4:72:95:
41:a2:b8:03:b3:89:93:41:21:bc:ae:60:dd:3c:cf:71:1d:9c:
1c:8a:1d:f0:6f:c5:74:fb:8f:80:18:21:97:75:ab:57:b7:11:
0d:e1:8a:08:16:52:31:7a:39:40:5c:d9:aa:63:48:d1:2b:76:
77:c7:34:26:c2:27:54:87:88:c5:e1:a1:78:0a:dd:fa:c7:e9:
3e:7c:0f:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYJOMBaHQ1VtL9PSEP/cBUn715uwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwNDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1NjZlMTJhZTgyZDJjODc3OTAzMWUwNjUxY2NhNDgzNjZjMjEzZjZiMmY3
NDRlZTRjMTgzMzBhNDJhN2U5MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+F26+hFiJ2ur1LqZwsKHe91masO+Ykjp+G3Tw5YGURCd944dYKBNiGl61g
VVPKWNa2R42tsPPrkF4FRdBGn8xOf+rGyrpti562ooqpciE8gkb5w/+Mqc7FbbpT
njKB68wWKrGEb4Mh1v9nSNRLZy4ld+bp+WZxvV/oD7ipZI8EKG2yySde3du/bkS0
ymQVVYaGOObbtKS9vv7EijvMClTYFKPq2fZ440NkLnoN1GKzC96RmLdZDAv0gmsq
CjmSkptFlb8dH96R3qtg5H+0jR/N3pTIa1BYvLE8iYWmu5RogHt5BqgQm42cyEx2
7UeCynVvBhevIOWxqH4FiTwjErkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHTI1c
sdslOT99GtvqbTaFNRkT1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE5YmZlYzItMTlkZS00Y2RiLWJhNDAtNjU3ZmZmNmE3NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA5KUim8nOt7+hCmCBPK18rhEUfxPRwVgyLeRMc
QZA1zXITH65qjHW+xWIKwO1MKG9v9f2Dwbv54xb+KgrATcE2gG/T8ygXjYVAjcqA
Up2Di/66yCif7rwI/7/jGqe/kmioZ2ggN/ed0uL15VB+fs31txvAuF9h/FIbsWe/
i2B0sDzKc8Gi27AxqilKZpAykQ737Qp9HzX2/JWssOJpTBpMrBuwmmCdgZXlHnt7
FpGHeBqkcpVBorgDs4mTQSG8rmDdPM9xHZwcih3wb8V0+4+AGCGXdatXtxEN4YoI
FlIxejlAXNmqY0jRK3Z3xzQmwidUh4jF4aF4Ct36x+k+fA/N
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:49 2025 by rpki-client