Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/85151a34-1ac3-4b9b-801b-33bd153ac88d.roa
File: 85151a34-1ac3-4b9b-801b-33bd153ac88d.roa (raw, json)
Hash identifier: IcA24gV8ywS/q56bB3qfv+ExGbC3RhkfbVe1QULBaiA=
Subject key identifier: 9B:AF:B3:19:65:45:C7:AA:84:8E:D9:22:19:5C:B1:CD:0C:39:1B:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6710480E1AB4763FF03BEF673F4BF9072F5C21C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/85151a34-1ac3-4b9b-801b-33bd153ac88d.roa
Signing time: Tue 20 May 2025 20:00:14 +0000
ROA not before: Tue 20 May 2025 20:00:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:10:48:0e:1a:b4:76:3f:f0:3b:ef:67:3f:4b:f9:07:2f:5c:21:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=11f8a106df0a341da97e3223ecc5500f016b4887cae301c453963783f763fb06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:09:eb:88:40:bc:06:36:a8:88:3f:97:30:43:
69:5a:44:33:bf:b8:a1:82:36:85:bc:c5:71:94:4a:
1f:b7:16:1e:c9:98:9f:24:e7:6e:ea:52:3e:d9:fe:
5d:03:35:02:28:3e:78:33:28:44:ba:47:31:31:23:
d2:e7:cd:6b:57:e7:98:1f:6f:29:fd:60:e8:29:bd:
b7:c9:6e:ea:f5:1a:1a:26:d8:ec:af:c3:34:f2:ed:
bb:da:03:bb:7d:89:40:bf:80:b1:a2:cd:c5:25:7d:
56:86:24:a3:53:75:d4:5a:22:77:37:2a:a9:6d:75:
0e:3e:41:4c:13:29:37:93:09:07:ec:a0:4c:fc:4d:
f8:fe:e2:5e:17:19:9a:d8:f7:1a:e6:34:46:d6:ad:
f5:ce:87:81:45:a4:27:41:eb:a1:ad:79:44:b4:26:
52:b6:3d:ff:e1:a3:e9:81:0a:87:0a:78:31:8b:0a:
dd:c1:a1:cb:72:5f:0e:1c:44:0b:db:c8:af:44:73:
7f:b7:fb:0d:7e:df:20:12:74:b8:71:7a:82:4e:51:
0c:76:61:7f:15:8e:2b:ab:5b:ca:16:ca:0a:e0:4c:
fe:74:7c:48:63:1f:58:4a:0d:7e:5c:27:70:d0:fc:
94:18:d6:13:36:93:44:17:a7:f6:a0:57:b8:b1:8b:
1f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AF:B3:19:65:45:C7:AA:84:8E:D9:22:19:5C:B1:CD:0C:39:1B:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/85151a34-1ac3-4b9b-801b-33bd153ac88d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:b3:28:fc:f8:2c:4f:d6:f9:8c:cd:02:69:44:0a:a7:ab:f4:
df:eb:8d:9a:bd:b0:40:0b:0e:f5:fc:43:14:f2:c2:17:ef:8a:
63:10:bb:68:ff:e6:b4:08:58:77:f0:f6:8f:9a:5d:b9:3a:f7:
ba:1c:12:3f:df:16:72:76:17:3d:1c:de:d2:11:fd:12:0a:27:
c0:a3:33:15:c6:1b:c0:e1:c5:d9:f1:ac:b0:ad:96:37:32:71:
64:61:94:3d:5e:5f:3c:43:92:eb:6a:c4:e8:f4:da:33:87:7a:
de:e0:17:c3:2e:44:1d:94:c1:ee:07:0a:dd:ba:8a:e3:20:bc:
11:fb:47:b1:fa:c7:88:ce:a9:f8:4e:45:c6:1c:20:fe:82:ba:
ce:0b:bf:5b:ba:c7:d1:d5:7c:4c:51:38:d4:7c:25:ba:0a:80:
97:38:f5:90:16:c7:3c:82:1a:8a:c2:a3:8c:ab:98:15:fa:20:
21:44:4d:62:7e:45:30:ba:87:9d:5f:cc:66:61:98:92:3c:be:
37:df:1d:2a:9d:b8:08:2a:92:3f:54:1c:ed:f7:85:f8:de:0d:
b4:d1:1d:cc:cc:8e:56:15:67:ce:17:30:ce:78:56:a7:75:e7:
ed:6f:f3:40:81:35:24:e5:30:ee:43:00:2b:e3:63:14:37:b6:
cb:b6:48:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZxBIDhq0dj/wO+9nP0v5By9cIcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDExZjhhMTA2ZGYwYTM0MWRhOTdlMzIyM2VjYzU1MDBmMDE2YjQ4ODdjYWUz
MDFjNDUzOTYzNzgzZjc2M2ZiMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMJ64hAvAY2qIg/lzBDaVpEM7+4oYI2hbzFcZRKH7cWHsmYnyTnbupSPtn+
XQM1Aig+eDMoRLpHMTEj0ufNa1fnmB9vKf1g6Cm9t8lu6vUaGibY7K/DNPLtu9oD
u32JQL+AsaLNxSV9VoYko1N11FoidzcqqW11Dj5BTBMpN5MJB+ygTPxN+P7iXhcZ
mtj3GuY0Rtat9c6HgUWkJ0Hroa15RLQmUrY9/+Gj6YEKhwp4MYsK3cGhy3JfDhxE
C9vIr0Rzf7f7DX7fIBJ0uHF6gk5RDHZhfxWOK6tbyhbKCuBM/nR8SGMfWEoNflwn
cND8lBjWEzaTRBen9qBXuLGLH5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSbr7MZ
ZUXHqoSO2SIZXLHNDDkb2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODUxNTFhMzQtMWFjMy00YjliLTgwMWItMzNiZDE1M2FjODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCnsyj8+CxP1vmMzQJpRAqnq/Tf642avbBACw71
/EMU8sIX74pjELto/+a0CFh38PaPml25Ove6HBI/3xZydhc9HN7SEf0SCifAozMV
xhvA4cXZ8aywrZY3MnFkYZQ9Xl88Q5LrasTo9Nozh3re4BfDLkQdlMHuBwrduorj
ILwR+0ex+seIzqn4TkXGHCD+grrOC79busfR1XxMUTjUfCW6CoCXOPWQFsc8ghqK
wqOMq5gV+iAhRE1ifkUwuoedX8xmYZiSPL433x0qnbgIKpI/VBzt94X43g200R3M
zI5WFWfOFzDOeFandeftb/NAgTUk5TDuQwAr42MUN7bLtkiw
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:33 2025 by rpki-client