Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: 8c0zbCPPKDUDz7M+P47bif7M2jQ5joAlDkO3ZygohLA=
Subject key identifier: DF:D9:8F:AC:87:B8:1E:FD:69:FE:42:75:C0:60:13:E9:AB:99:B1:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52241784DF81D92BE5DF0E9377F4AC9DCDAF5A21
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Tue 20 May 2025 20:20:12 +0000
ROA not before: Tue 20 May 2025 20:20:12 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:24:17:84:df:81:d9:2b:e5:df:0e:93:77:f4:ac:9d:cd:af:5a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:20:12 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4f2b85590d1502bbc9e62aee6bde29e90ceaf0a9ce1b39dd9fcf834b8233f717, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:be:ae:95:6e:24:89:32:e9:4a:34:9d:f3:56:
cf:90:67:43:ef:44:0c:64:69:80:d2:7d:57:d0:00:
b1:1d:e6:2c:86:86:15:b9:4a:a8:bb:e3:54:c5:3c:
fa:4f:8b:02:0d:38:ff:a8:1f:75:01:20:6a:ec:6b:
a1:26:0c:08:98:4c:fb:4c:9f:3f:69:ca:71:c6:c1:
55:c6:fe:9e:87:6a:48:ac:a2:7e:9f:d1:45:5f:03:
38:36:59:0e:62:7e:78:ce:c2:36:b6:84:69:93:35:
d8:89:db:cd:df:c7:45:05:ce:01:33:5c:0f:90:7f:
b9:94:24:b4:68:c1:6a:90:47:70:5f:da:2f:44:5b:
1a:61:7f:f8:55:4e:1d:9b:3b:2d:71:c2:51:93:2e:
53:bd:7a:b2:4f:7d:3e:cf:82:a3:1e:3f:c7:90:ec:
84:3c:81:72:28:e7:e4:40:c3:f8:86:c0:65:c1:62:
2e:ba:b2:1c:92:f5:8f:7b:a4:95:13:db:4b:3e:83:
44:e1:1f:12:5f:d2:ac:83:f2:a8:d6:d9:53:2c:00:
db:bf:9e:3a:ba:b3:74:9c:3a:e4:75:ed:aa:10:37:
9f:88:ea:ea:56:7a:f1:2c:d1:e4:da:69:48:f0:41:
00:ad:77:be:2b:47:08:91:e6:33:f5:b7:f9:55:16:
43:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D9:8F:AC:87:B8:1E:FD:69:FE:42:75:C0:60:13:E9:AB:99:B1:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
aa:5b:e9:22:df:df:7c:c4:88:cc:48:7e:28:fa:00:b3:9d:70:
49:31:f0:bc:ed:46:7b:bd:48:c4:9c:f5:7e:dd:8b:1c:59:0f:
f9:8e:32:0b:52:1e:cf:e2:b4:18:34:ee:6a:3c:5a:f9:62:50:
07:86:e9:06:4d:29:47:31:33:73:17:87:93:a2:4d:57:b7:e4:
34:e4:89:df:02:27:d9:b9:59:92:9d:f1:80:60:fa:41:80:19:
28:e2:a4:aa:86:93:59:af:79:c5:ab:1b:f4:76:0b:de:1a:ca:
86:4d:87:fa:59:ee:03:34:4d:13:f4:bd:8d:2f:ec:42:64:21:
09:84:c0:d8:62:6f:e7:88:98:a4:eb:44:2f:e7:be:0b:a6:95:
e2:0f:a8:8d:4f:8c:32:9a:21:58:9d:a2:65:c3:ce:8f:da:7b:
cf:66:3e:a9:a5:74:8f:d5:2a:a7:9e:0b:7c:d0:49:08:d0:99:
d2:13:b6:4c:04:2a:f1:94:29:55:a2:51:49:c3:31:1b:b9:bd:
3f:c7:2c:c3:42:46:29:55:9a:e7:51:86:03:52:b2:7b:e8:2a:
5b:21:5e:66:ce:5f:14:ac:89:13:a2:7e:40:71:01:0b:28:56:
64:17:06:8e:2b:67:5f:17:28:6c:e3:fb:a2:f2:05:e3:ba:cc:
44:ef:a2:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUiQXhN+B2Svl3w6Td/Ssnc2vWiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIwMTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmMmI4NTU5MGQxNTAyYmJjOWU2MmFlZTZiZGUyOWU5MGNlYWYwYTljZTFi
MzlkZDlmY2Y4MzRiODIzM2Y3MTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKi+rpVuJIky6Uo0nfNWz5BnQ+9EDGRpgNJ9V9AAsR3mLIaGFblKqLvjVMU8
+k+LAg04/6gfdQEgauxroSYMCJhM+0yfP2nKccbBVcb+nodqSKyifp/RRV8DODZZ
DmJ+eM7CNraEaZM12Inbzd/HRQXOATNcD5B/uZQktGjBapBHcF/aL0RbGmF/+FVO
HZs7LXHCUZMuU716sk99Ps+Cox4/x5DshDyBcijn5EDD+IbAZcFiLrqyHJL1j3uk
lRPbSz6DROEfEl/SrIPyqNbZUywA27+eOrqzdJw65HXtqhA3n4jq6lZ68SzR5Npp
SPBBAK13vitHCJHmM/W3+VUWQ6MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTf2Y+s
h7ge/Wn+QnXAYBPpq5mxnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQCqW+ki3998xIjMSH4o+gCznXBJMfC87UZ7vUjE
nPV+3YscWQ/5jjILUh7P4rQYNO5qPFr5YlAHhukGTSlHMTNzF4eTok1Xt+Q05Inf
AifZuVmSnfGAYPpBgBko4qSqhpNZr3nFqxv0dgveGsqGTYf6We4DNE0T9L2NL+xC
ZCEJhMDYYm/niJik60Qv574LppXiD6iNT4wymiFYnaJlw86P2nvPZj6ppXSP1Sqn
ngt80EkI0JnSE7ZMBCrxlClVolFJwzEbub0/xyzDQkYpVZrnUYYDUrJ76CpbIV5m
zl8UrIkTon5AcQELKFZkFwaOK2dfFyhs4/ui8gXjusxE76L5
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:52:46 2025 by rpki-client