Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
File: 94d1ece6-a642-4297-8fb7-d7003b36fe75.roa (raw, json)
Hash identifier: BawZNCrUd1VsgEhCT4bMtg4RnvHwrNUfpN8HuZiuC7A=
Subject key identifier: A2:06:ED:10:07:BD:10:5A:F9:66:92:B2:C5:FE:F3:71:9F:19:51:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 465FB391F0DB3D283AE301F09B0A0030E894ECFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
Signing time: Tue 20 May 2025 20:31:14 +0000
ROA not before: Tue 20 May 2025 20:31:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:5f:b3:91:f0:db:3d:28:3a:e3:01:f0:9b:0a:00:30:e8:94:ec:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:31:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f2201b42ccd6b486431b1bcddfa705a9a33ccfd08770bcce2611761222ade93b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:77:e0:76:92:77:5a:bc:77:be:83:f2:05:8a:
3f:e5:e8:08:d5:1e:b9:04:9e:a6:13:63:0a:30:47:
eb:7b:4d:b7:98:7d:85:8a:d4:37:7f:c8:e7:94:ba:
b5:f3:e0:15:9c:74:f4:67:5b:d6:9c:61:ac:9c:81:
b1:e1:c0:93:35:de:73:55:82:e5:64:74:c2:9c:0f:
0e:49:78:51:ca:9a:fa:7c:a0:55:8a:f9:79:95:c1:
62:4c:cc:d3:81:47:5b:7f:0d:c4:46:3a:0a:62:e8:
2f:67:cc:f2:69:45:50:40:15:cb:d3:a0:e6:88:1b:
ce:77:c3:b3:48:3c:3c:db:1d:d9:94:98:d8:fd:13:
d9:70:38:c5:10:61:31:72:e1:75:1f:c1:fc:a2:a8:
97:73:70:4e:dc:a5:41:3f:d6:eb:af:01:7e:16:7b:
f0:73:4d:0f:5b:fc:ed:82:cd:06:08:cd:11:0d:0f:
4f:e4:4a:13:88:61:34:81:a3:e4:da:cc:85:d0:73:
2b:78:9f:ad:0d:96:62:15:24:51:63:ab:4d:97:f4:
f7:e5:31:42:06:17:eb:e5:ed:f2:88:35:b0:2a:79:
5b:7e:31:0c:7d:09:04:c6:f7:fd:bf:24:2c:d1:25:
b8:21:87:fd:63:a5:cb:50:b3:bb:42:3e:63:4d:86:
39:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:06:ED:10:07:BD:10:5A:F9:66:92:B2:C5:FE:F3:71:9F:19:51:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:800::/38
Signature Algorithm: sha256WithRSAEncryption
73:0e:6c:68:72:a8:37:97:41:69:cc:04:54:06:b5:45:1e:7d:
ce:f3:6c:33:0b:79:99:68:07:83:44:d2:82:f0:40:02:69:00:
e3:2d:7e:67:47:9b:f9:85:86:10:2a:f6:5e:1b:37:10:14:e9:
48:2f:8a:dd:93:22:83:b1:20:ca:b6:5f:8b:20:d2:ee:71:b9:
07:b9:92:47:76:c2:8e:02:f0:94:f7:69:8d:73:3b:da:08:76:
7d:ab:53:4a:c3:92:32:a1:84:8f:ee:ba:c7:1a:4a:f4:ab:66:
a9:2d:f1:0d:c4:35:ec:8d:16:6b:82:16:93:1a:16:52:36:fd:
ee:d2:eb:cd:39:bf:ae:e9:d3:44:39:50:b7:8a:09:3f:8d:cf:
ad:bf:0d:22:e5:3d:4a:0f:21:bf:1f:dc:61:1c:fd:27:a5:be:
7e:fe:6e:37:43:10:24:fa:a2:0c:54:4d:4b:0d:4e:6f:70:da:
9d:9f:6b:c0:e9:fe:73:02:05:d9:54:14:c4:51:16:ed:e3:ff:
6a:58:bd:ab:72:09:e6:c3:ac:b3:28:25:e7:2f:1d:ff:5a:ea:
68:1c:11:e6:d9:97:f3:da:34:1b:bc:03:f4:e9:ee:73:76:17:
4c:0c:10:8d:67:b3:1f:3e:f2:bc:ec:af:3f:32:6a:56:8e:df:
85:5b:df:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURl+zkfDbPSg64wHwmwoAMOiU7PwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMxMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMjAxYjQyY2NkNmI0ODY0MzFiMWJjZGRmYTcwNWE5YTMzY2NmZDA4Nzcw
YmNjZTI2MTE3NjEyMjJhZGU5M2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIZ34HaSd1q8d76D8gWKP+XoCNUeuQSephNjCjBH63tNt5h9hYrUN3/I55S6
tfPgFZx09Gdb1pxhrJyBseHAkzXec1WC5WR0wpwPDkl4Ucqa+nygVYr5eZXBYkzM
04FHW38NxEY6CmLoL2fM8mlFUEAVy9Og5ogbznfDs0g8PNsd2ZSY2P0T2XA4xRBh
MXLhdR/B/KKol3NwTtylQT/W668BfhZ78HNND1v87YLNBgjNEQ0PT+RKE4hhNIGj
5NrMhdBzK3ifrQ2WYhUkUWOrTZf09+UxQgYX6+Xt8og1sCp5W34xDH0JBMb3/b8k
LNEluCGH/WOly1Czu0I+Y02GOVUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSiBu0Q
B70QWvlmkrLF/vNxnxlRPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRkMWVjZTYtYTY0Mi00Mjk3LThmYjctZDcwMDNiMzZmZTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgI
MA0GCSqGSIb3DQEBCwUAA4IBAQBzDmxocqg3l0FpzARUBrVFHn3O82wzC3mZaAeD
RNKC8EACaQDjLX5nR5v5hYYQKvZeGzcQFOlIL4rdkyKDsSDKtl+LINLucbkHuZJH
dsKOAvCU92mNczvaCHZ9q1NKw5IyoYSP7rrHGkr0q2apLfENxDXsjRZrghaTGhZS
Nv3u0uvNOb+u6dNEOVC3igk/jc+tvw0i5T1KDyG/H9xhHP0npb5+/m43QxAk+qIM
VE1LDU5vcNqdn2vA6f5zAgXZVBTEURbt4/9qWL2rcgnmw6yzKCXnLx3/WupoHBHm
2Zfz2jQbvAP06e5zdhdMDBCNZ7MfPvK87K8/MmpWjt+FW99T
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:47 2025 by rpki-client