Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
File: 8aeef071-ad76-436d-a059-ad727b09eb3b.roa (raw, json)
Hash identifier: 06J5P7WHfdwS464zsJphP1lfl3PwnWPbfDnepKbD1j0=
Subject key identifier: 0A:99:F0:66:82:4A:EE:2F:B3:BA:7B:CB:FE:F1:0B:69:7C:7E:B8:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1574E2DA6CDC848665440CD141ABD541446ED4BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
Signing time: Fri 23 May 2025 00:40:53 +0000
ROA not before: Fri 23 May 2025 00:40:53 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:74:e2:da:6c:dc:84:86:65:44:0c:d1:41:ab:d5:41:44:6e:d4:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:53 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=c473112dbeae716398f7d2531859898e9a8df54c36d48304ee72f3a607a768ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:57:35:ee:ac:5c:23:23:e3:5b:e2:1d:f3:0d:
34:01:06:c7:d5:51:28:98:f3:a7:b9:ce:72:d4:85:
c8:19:34:43:16:c1:6c:75:52:f5:2d:e5:df:4d:a0:
62:04:07:82:10:e5:f3:06:af:fb:06:4a:11:b4:81:
a9:62:10:07:2d:7a:f0:29:52:b8:e8:88:92:b8:fa:
df:f3:57:be:67:6b:f6:e6:6f:98:43:17:4b:92:cb:
68:b1:ad:67:31:69:46:db:31:76:ec:0d:d8:31:44:
d2:d7:f1:7b:42:1c:e8:0c:ad:38:c7:47:da:6d:67:
77:da:03:b1:ee:c7:74:b7:3c:78:8d:81:f0:66:55:
9e:16:17:0d:20:08:10:e2:e2:71:b5:02:cd:4d:0d:
37:9e:9a:de:b7:22:e9:0e:b4:e0:b5:9c:a1:65:b3:
a1:2d:1e:8e:04:4b:7f:04:c7:5e:b2:ec:5d:69:af:
57:fd:aa:0c:46:72:ee:df:bb:ce:84:39:86:e4:32:
02:de:eb:5b:69:64:a0:be:c5:cd:18:6d:2a:a8:c4:
57:db:5e:2d:49:e6:93:9a:4b:ea:29:86:d6:26:71:
86:d5:10:5f:72:f9:1a:ff:69:78:0d:e3:2d:ad:87:
5b:54:c8:a1:8c:93:56:96:94:82:ad:de:f8:f6:e8:
a3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:99:F0:66:82:4A:EE:2F:B3:BA:7B:CB:FE:F1:0B:69:7C:7E:B8:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:2000::/40
Signature Algorithm: sha256WithRSAEncryption
19:2f:54:30:58:05:02:d4:84:67:28:05:58:03:f1:67:59:00:
82:a1:ac:5f:f5:84:dc:a7:e6:0d:be:a5:fd:b9:33:70:c9:62:
ad:ce:e0:93:fa:96:c2:c1:4b:a6:0f:98:17:4a:fa:61:d4:f8:
f1:ed:b0:cb:46:20:1a:a8:7b:92:ef:79:95:da:d6:6f:0d:98:
fd:24:2b:1a:e4:74:9d:5d:1b:91:83:86:90:ee:65:c8:a2:b6:
57:ad:09:f2:47:c2:b4:14:b9:10:9c:49:3e:1c:eb:17:a9:fa:
ef:13:1e:0b:42:86:a3:cc:92:ff:07:33:3e:7a:63:09:3b:60:
12:c7:c4:d0:d4:4b:f7:4c:af:b8:46:22:32:31:f5:42:13:7d:
da:00:29:e3:8d:9e:74:dc:c2:dd:12:db:97:20:e3:2f:8e:a2:
6d:31:69:41:6d:a0:d1:63:a8:c6:51:0b:ec:f4:bf:eb:70:ff:
e1:df:03:3a:50:1a:3f:58:97:5b:32:e7:76:1e:ff:ca:d2:28:
64:9c:5e:30:fb:f9:05:f6:17:bf:33:58:58:bb:26:12:26:ab:
05:1e:c9:ae:1c:e0:55:e9:db:6c:89:87:d0:d3:da:40:30:88:
08:14:cc:25:13:98:cd:80:2d:9d:1a:c1:ad:76:db:35:ef:77:
46:af:c4:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFXTi2mzchIZlRAzRQavVQURu1LwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwNTNaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0NzMxMTJkYmVhZTcxNjM5OGY3ZDI1MzE4NTk4OThlOWE4ZGY1NGMzNmQ0
ODMwNGVlNzJmM2E2MDdhNzY4YWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdXNe6sXCMj41viHfMNNAEGx9VRKJjzp7nOctSFyBk0QxbBbHVS9S3l302g
YgQHghDl8wav+wZKEbSBqWIQBy168ClSuOiIkrj63/NXvmdr9uZvmEMXS5LLaLGt
ZzFpRtsxduwN2DFE0tfxe0Ic6AytOMdH2m1nd9oDse7HdLc8eI2B8GZVnhYXDSAI
EOLicbUCzU0NN56a3rci6Q604LWcoWWzoS0ejgRLfwTHXrLsXWmvV/2qDEZy7t+7
zoQ5huQyAt7rW2lkoL7FzRhtKqjEV9teLUnmk5pL6imG1iZxhtUQX3L5Gv9peA3j
La2HW1TIoYyTVpaUgq3e+PbooxkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQKmfBm
gkruL7O6e8v+8QtpfH64bTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFlZWYwNzEtYWQ3Ni00MzZkLWEwNTktYWQ3MjdiMDllYjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dgg
MA0GCSqGSIb3DQEBCwUAA4IBAQAZL1QwWAUC1IRnKAVYA/FnWQCCoaxf9YTcp+YN
vqX9uTNwyWKtzuCT+pbCwUumD5gXSvph1Pjx7bDLRiAaqHuS73mV2tZvDZj9JCsa
5HSdXRuRg4aQ7mXIorZXrQnyR8K0FLkQnEk+HOsXqfrvEx4LQoajzJL/BzM+emMJ
O2ASx8TQ1Ev3TK+4RiIyMfVCE33aACnjjZ503MLdEtuXIOMvjqJtMWlBbaDRY6jG
UQvs9L/rcP/h3wM6UBo/WJdbMud2Hv/K0ihknF4w+/kF9he/M1hYuyYSJqsFHsmu
HOBV6dtsiYfQ09pAMIgIFMwlE5jNgC2dGsGtdts173dGr8RF
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:42 2025 by rpki-client