Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
File: 8e4adf38-a007-4c0e-8621-1e65a160ad12.roa (raw, json)
Hash identifier: LEwb6Y6Qjjo4hru2EpaXjIy/63bwc7iZpLxoVfPgttE=
Subject key identifier: 6D:1F:BC:0F:F9:48:40:E0:C3:23:B3:B4:A4:25:6F:F2:F4:71:9A:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4319027B960F4BD7BF2D531F5C6AC79BDE5B5075
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
Signing time: Tue 20 May 2025 19:21:28 +0000
ROA not before: Tue 20 May 2025 19:21:28 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:19:02:7b:96:0f:4b:d7:bf:2d:53:1f:5c:6a:c7:9b:de:5b:50:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:28 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2afd925ec5426227b43ed58c6475165bcd927951d35505aff69c22b6786a7d5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b1:de:43:9a:ca:65:dc:17:16:15:64:7e:2e:
44:9f:41:dd:92:14:3c:a5:93:e4:0c:91:f1:fd:a6:
8b:e3:f6:be:0d:cc:fb:4c:a2:3c:c1:8d:d2:1d:72:
9f:06:6e:34:f9:37:2e:62:39:9e:17:0f:ea:8e:33:
4d:23:40:3d:10:4f:bc:7c:32:30:6a:64:ba:2f:a3:
fe:44:8e:30:c0:65:b2:1f:e6:2f:69:05:66:49:ed:
65:b2:7f:b0:87:73:85:c3:23:8e:7c:09:d5:d9:28:
b0:0b:62:50:7d:35:7d:ee:d2:21:f5:0e:45:3d:db:
21:88:87:af:07:72:cc:fc:a8:cc:9e:36:a6:2c:3e:
f2:74:bf:b3:4a:07:e2:9a:6a:da:50:6c:a2:c3:5c:
88:2c:d2:5a:24:fa:98:91:f0:03:97:99:10:46:11:
5b:d8:7f:13:87:c9:fe:19:5f:9f:a8:54:5c:4d:42:
de:7f:e8:c6:c3:1a:cf:a3:11:75:70:e9:35:f5:0a:
6d:d2:f6:c5:59:cc:1e:6f:db:fe:7c:c1:e4:b4:ea:
6d:a4:a5:31:b3:6f:43:d8:2a:71:ed:99:81:8b:11:
3f:c5:26:82:2c:83:77:b6:c4:39:93:b7:02:fb:e5:
8c:64:44:ed:56:b7:85:6b:72:b5:1c:57:e1:43:db:
2b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1F:BC:0F:F9:48:40:E0:C3:23:B3:B4:A4:25:6F:F2:F4:71:9A:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:c9:23:2e:d6:23:61:f9:ad:ee:1d:e5:f3:17:44:fb:cc:92:
ec:39:c1:8f:67:61:db:0d:e3:19:6c:36:fc:52:88:ed:10:f0:
1f:03:cc:16:12:1b:4c:f0:58:aa:75:75:b6:8f:28:f1:47:9b:
62:33:b9:c3:1e:50:29:8c:ee:2e:a4:f0:3c:6e:2a:b9:b6:9e:
7c:e3:14:ea:c5:49:30:f2:ae:1c:69:a7:8c:c0:2a:86:ae:3a:
14:b3:af:5e:66:06:04:db:1e:66:38:38:a4:e8:61:cf:64:1c:
14:cc:d5:c2:c2:4f:c6:a6:27:57:5c:c4:03:a7:bd:b3:ff:3a:
cb:5c:ab:9b:95:06:3f:e8:ff:95:58:03:06:aa:a3:13:b7:18:
c3:87:de:6c:63:86:9e:d0:8b:08:5b:0e:fc:3f:59:e6:75:8a:
70:34:7d:c5:0a:b9:8e:b7:71:c9:86:3c:34:4e:f1:09:36:1d:
ae:55:71:f0:8f:d5:43:cf:d5:c0:44:01:09:42:2d:d4:03:48:
ce:f4:18:71:12:cd:d9:d2:45:c4:69:58:ca:9e:e8:db:7a:25:
ef:3d:5b:ba:94:e6:17:8e:c1:09:d8:df:b7:24:99:88:8c:83:
dc:2d:2f:51:f4:a4:d6:2d:32:27:3a:7b:1c:76:df:e9:36:4a:
e7:84:14:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQxkCe5YPS9e/LVMfXGrHm95bUHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMjhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhZmQ5MjVlYzU0MjYyMjdiNDNlZDU4YzY0NzUxNjViY2Q5Mjc5NTFkMzU1
MDVhZmY2OWMyMmI2Nzg2YTdkNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyx3kOaymXcFxYVZH4uRJ9B3ZIUPKWT5AyR8f2mi+P2vg3M+0yiPMGN0h1y
nwZuNPk3LmI5nhcP6o4zTSNAPRBPvHwyMGpkui+j/kSOMMBlsh/mL2kFZkntZbJ/
sIdzhcMjjnwJ1dkosAtiUH01fe7SIfUORT3bIYiHrwdyzPyozJ42piw+8nS/s0oH
4ppq2lBsosNciCzSWiT6mJHwA5eZEEYRW9h/E4fJ/hlfn6hUXE1C3n/oxsMaz6MR
dXDpNfUKbdL2xVnMHm/b/nzB5LTqbaSlMbNvQ9gqce2ZgYsRP8UmgiyDd7bEOZO3
AvvljGRE7Va3hWtytRxX4UPbK08CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtH7wP
+UhA4MMjs7SkJW/y9HGaFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0YWRmMzgtYTAwNy00YzBlLTg2MjEtMWU2NWExNjBhZDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8g
MA0GCSqGSIb3DQEBCwUAA4IBAQDHySMu1iNh+a3uHeXzF0T7zJLsOcGPZ2HbDeMZ
bDb8UojtEPAfA8wWEhtM8FiqdXW2jyjxR5tiM7nDHlApjO4upPA8biq5tp584xTq
xUkw8q4caaeMwCqGrjoUs69eZgYE2x5mODik6GHPZBwUzNXCwk/GpidXXMQDp72z
/zrLXKublQY/6P+VWAMGqqMTtxjDh95sY4ae0IsIWw78P1nmdYpwNH3FCrmOt3HJ
hjw0TvEJNh2uVXHwj9VDz9XARAEJQi3UA0jO9BhxEs3Z0kXEaVjKnujbeiXvPVu6
lOYXjsEJ2N+3JJmIjIPcLS9R9KTWLTInOnscdt/pNkrnhBRU
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:52 2025 by rpki-client