Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json)
Hash identifier: /4Y35331h0FNGcrwXDfwTv8mA48eTcuw21OgiV9b3KU=
Subject key identifier: 86:50:D6:1F:4E:F5:FC:CF:4D:7D:12:A8:A3:04:E6:AB:25:4E:98:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B5B05262A3772383452C42686E6B73C5EA8854D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
Signing time: Tue 20 May 2025 19:21:31 +0000
ROA not before: Tue 20 May 2025 19:21:31 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:5b:05:26:2a:37:72:38:34:52:c4:26:86:e6:b7:3c:5e:a8:85:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:31 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2db791ceacb25ac6072a2e68bded0aa9546ca33a577ac2e3cda4a61338f52533, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:81:d9:e9:64:24:63:40:9b:3a:ae:57:92:fd:
a6:1c:b5:e6:4d:e2:51:63:f9:56:e1:ef:ce:8a:98:
a0:1a:d4:f8:66:45:7d:ee:a3:d9:fa:bc:4c:98:71:
de:46:07:18:ec:da:de:b2:84:bd:e1:b7:19:3c:92:
9d:12:39:ae:d2:05:ef:5b:27:bf:00:48:11:14:e8:
ee:5d:79:42:41:96:b4:67:0a:0f:39:2a:e0:43:96:
2e:7d:9d:e1:df:20:e6:7a:8f:8d:23:32:86:18:da:
0c:0f:de:d9:71:67:20:c7:0c:5b:08:7d:48:af:ac:
e0:66:f8:20:40:f1:7a:e0:55:71:d2:4b:6d:fc:9b:
1d:aa:56:88:8a:d6:08:36:93:5b:c7:9b:7c:66:47:
59:43:e2:52:b3:e9:b4:a4:bc:9e:30:8e:cd:9f:7a:
15:be:de:51:20:00:97:50:dc:d8:95:76:2a:f9:07:
bb:12:97:61:2e:30:ac:d2:ab:ed:b5:bd:da:0c:d2:
7b:3a:36:78:53:14:8d:d0:59:20:6b:9a:3b:ed:ec:
ce:50:d0:5c:d5:d0:3d:59:61:e1:3d:df:9e:60:37:
bc:cf:ac:ad:5e:11:ae:57:de:8e:52:b2:01:76:dc:
d0:1c:a2:62:96:ea:26:e0:ca:35:2e:57:60:e8:78:
eb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:50:D6:1F:4E:F5:FC:CF:4D:7D:12:A8:A3:04:E6:AB:25:4E:98:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
19:05:e7:a9:8c:bc:64:0b:37:1d:bb:73:d7:00:4a:7d:0b:13:
d0:5d:f5:42:f2:d2:8e:6b:64:d5:f7:43:67:5e:8b:3a:eb:73:
d0:55:98:57:95:40:5e:e2:e6:b2:cd:c0:27:24:66:8a:f7:72:
4f:20:4b:22:84:9d:97:42:8b:f9:ea:78:d8:fc:fc:54:fd:20:
47:38:0e:31:ad:e0:a7:5c:ec:3c:fa:24:3e:9f:77:e4:d7:28:
0b:e7:17:50:d7:a2:b7:bd:8d:89:91:02:ca:99:27:ec:0c:82:
15:46:67:f4:db:ef:55:43:d7:cd:23:5d:9f:a6:e5:3a:94:f5:
96:fc:ad:9c:0c:b2:d1:f5:7a:f8:24:75:96:9b:fd:a4:07:42:
df:17:c5:8f:23:a4:ee:e9:64:d5:bb:de:05:e3:22:37:26:93:
01:3c:91:6c:3a:18:3f:a2:d5:37:6f:9a:b1:4e:9a:ec:7b:ae:
5c:ad:ed:1c:82:b9:3e:fb:71:d9:59:8d:5d:74:5b:4d:b3:0b:
6a:cc:fd:5f:46:13:ec:fe:c6:8e:dc:49:99:5b:47:0c:56:bf:
d3:44:9d:bd:1d:2b:c8:d9:fe:70:79:66:69:c1:28:d2:64:1e:
1a:40:c5:56:2b:db:17:20:cb:74:98:eb:44:74:7e:e5:17:ad:
94:2c:9e:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG1sFJio3cjg0UsQmhua3PF6ohU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMzFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkYjc5MWNlYWNiMjVhYzYwNzJhMmU2OGJkZWQwYWE5NTQ2Y2EzM2E1Nzdh
YzJlM2NkYTRhNjEzMzhmNTI1MzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIeB2elkJGNAmzquV5L9phy15k3iUWP5VuHvzoqYoBrU+GZFfe6j2fq8TJhx
3kYHGOza3rKEveG3GTySnRI5rtIF71snvwBIERTo7l15QkGWtGcKDzkq4EOWLn2d
4d8g5nqPjSMyhhjaDA/e2XFnIMcMWwh9SK+s4Gb4IEDxeuBVcdJLbfybHapWiIrW
CDaTW8ebfGZHWUPiUrPptKS8njCOzZ96Fb7eUSAAl1Dc2JV2KvkHuxKXYS4wrNKr
7bW92gzSezo2eFMUjdBZIGuaO+3szlDQXNXQPVlh4T3fnmA3vM+srV4RrlfejlKy
AXbc0ByiYpbqJuDKNS5XYOh464UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGUNYf
TvX8z019EqijBOarJU6YpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZBeepjLxkCzcdu3PXAEp9CxPQXfVC8tKOa2TV
90NnXos663PQVZhXlUBe4uayzcAnJGaK93JPIEsihJ2XQov56njY/PxU/SBHOA4x
reCnXOw8+iQ+n3fk1ygL5xdQ16K3vY2JkQLKmSfsDIIVRmf02+9VQ9fNI12fpuU6
lPWW/K2cDLLR9Xr4JHWWm/2kB0LfF8WPI6Tu6WTVu94F4yI3JpMBPJFsOhg/otU3
b5qxTprse65cre0cgrk++3HZWY1ddFtNswtqzP1fRhPs/saO3EmZW0cMVr/TRJ29
HSvI2f5weWZpwSjSZB4aQMVWK9sXIMt0mOtEdH7lF62ULJ6l
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:26 2025 by rpki-client