Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
File: 84b89066-b432-45c3-befb-ffa2b4be3b71.roa (raw, json)
Hash identifier: fMCNBwwbVaLraOw32poXwHQmtlYI2YKzj7C9RK0pX3A=
Subject key identifier: 8C:88:73:58:99:EC:54:82:CF:6B:58:33:4C:5B:10:40:92:B4:96:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21A5ED1F777DF29D63BD909111890F2271A1CE26
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
Signing time: Tue 20 May 2025 20:11:32 +0000
ROA not before: Tue 20 May 2025 20:11:32 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:a5:ed:1f:77:7d:f2:9d:63:bd:90:91:11:89:0f:22:71:a1:ce:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:32 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=bf996a010337d7795ffc72fe523007ff9c5d18b8a985f105668bff700730a320, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:46:0f:1c:98:12:3b:10:95:c9:4e:f5:4f:75:
ed:b3:71:32:f0:78:1d:e4:93:8a:54:79:28:d0:23:
b2:48:02:55:94:a3:4b:05:b6:0f:4b:02:d3:e0:9e:
8e:bb:71:59:12:ce:03:29:68:17:e3:2c:f0:dd:b6:
2b:0d:88:88:b7:98:6d:0c:e3:2b:69:39:42:5d:bb:
45:2b:76:e2:b1:35:b1:df:9e:fb:bf:f0:a1:f8:63:
b5:d3:c2:de:d3:aa:9c:99:46:0e:93:23:3d:a2:9b:
66:d9:27:e6:fb:32:bc:17:49:18:bd:ca:18:5f:fc:
01:10:0a:bf:af:8e:d7:93:d7:e9:fb:83:e3:50:35:
38:53:00:61:3b:b7:05:27:fb:6e:3b:2d:a6:cf:da:
22:ec:28:d5:65:11:27:42:a2:c7:65:fb:13:d9:5c:
93:d6:f9:80:04:37:19:02:90:8b:26:c9:d4:d0:44:
3a:8c:69:78:1a:fc:d6:b6:10:ef:8e:6e:22:fe:52:
de:28:5e:cd:ec:b8:6d:61:5d:fe:86:58:73:bc:76:
15:cd:1e:23:2b:c9:e5:9a:9f:19:7b:65:09:24:57:
b4:fb:f0:cf:57:b0:4e:b4:8b:5b:91:de:d5:09:f9:
e5:c0:b8:88:ad:60:84:07:c1:2f:ea:79:5b:9c:03:
0e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:88:73:58:99:EC:54:82:CF:6B:58:33:4C:5B:10:40:92:B4:96:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:4000::/40
Signature Algorithm: sha256WithRSAEncryption
72:71:72:6d:d5:c3:b7:11:dd:1b:86:d8:d9:03:be:28:57:18:
fb:8d:22:0e:73:84:33:e5:d2:ac:76:ef:27:7e:1c:c8:67:6d:
ad:2c:26:4c:7a:cd:70:86:da:a0:4b:17:db:25:c7:1b:60:62:
dc:4b:ce:16:14:39:a2:91:e1:03:d4:3b:23:ac:7b:f5:ee:10:
91:e5:20:aa:81:45:d3:98:81:dc:14:84:cb:6d:5a:b1:f9:30:
2c:46:73:59:51:47:a4:0f:10:59:6b:eb:c1:04:77:fc:26:d8:
ed:47:51:9e:a9:ce:1c:85:67:a7:bf:a1:3a:8b:1f:71:34:30:
b4:4b:71:3c:51:6a:1d:21:65:83:19:66:aa:8f:06:97:60:c6:
1f:b6:1b:ae:dd:ef:34:f1:67:25:94:3f:21:4b:a5:de:f7:7a:
8c:24:18:a6:22:71:00:e7:e0:ff:eb:9b:05:a6:9e:72:b3:6a:
70:33:2a:ad:06:f8:92:cc:62:76:6e:3a:7f:80:f0:e0:45:37:
bd:c7:14:b0:45:d4:2e:59:bd:2c:a4:7f:5b:fe:c5:0a:36:31:
54:a1:b0:df:ec:23:03:15:44:61:9c:60:c5:9b:20:49:92:0b:
fb:c0:c1:a5:76:2f:ca:40:5f:44:b2:72:7c:30:d1:a7:21:a7:
2e:01:34:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIaXtH3d98p1jvZCREYkPInGhziYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMzJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmOTk2YTAxMDMzN2Q3Nzk1ZmZjNzJmZTUyMzAwN2ZmOWM1ZDE4YjhhOTg1
ZjEwNTY2OGJmZjcwMDczMGEzMjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIdGDxyYEjsQlclO9U917bNxMvB4HeSTilR5KNAjskgCVZSjSwW2D0sC0+Ce
jrtxWRLOAyloF+Ms8N22Kw2IiLeYbQzjK2k5Ql27RSt24rE1sd+e+7/wofhjtdPC
3tOqnJlGDpMjPaKbZtkn5vsyvBdJGL3KGF/8ARAKv6+O15PX6fuD41A1OFMAYTu3
BSf7bjstps/aIuwo1WURJ0Kix2X7E9lck9b5gAQ3GQKQiybJ1NBEOoxpeBr81rYQ
745uIv5S3ihezey4bWFd/oZYc7x2Fc0eIyvJ5ZqfGXtlCSRXtPvwz1ewTrSLW5He
1Qn55cC4iK1ghAfBL+p5W5wDDlsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMiHNY
mexUgs9rWDNMWxBAkrSWQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODRiODkwNjYtYjQzMi00NWMzLWJlZmItZmZhMmI0YmUzYjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBycXJt1cO3Ed0bhtjZA74oVxj7jSIOc4Qz5dKs
du8nfhzIZ22tLCZMes1whtqgSxfbJccbYGLcS84WFDmikeED1DsjrHv17hCR5SCq
gUXTmIHcFITLbVqx+TAsRnNZUUekDxBZa+vBBHf8JtjtR1Geqc4chWenv6E6ix9x
NDC0S3E8UWodIWWDGWaqjwaXYMYfthuu3e808WcllD8hS6Xe93qMJBimInEA5+D/
65sFpp5ys2pwMyqtBviSzGJ2bjp/gPDgRTe9xxSwRdQuWb0spH9b/sUKNjFUobDf
7CMDFURhnGDFmyBJkgv7wMGldi/KQF9EsnJ8MNGnIacuATSt
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:14 2025 by rpki-client