Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
File: 98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa (raw, json)
Hash identifier: b8sO8H4mCIHg2f4y1qCXc5K8UXERL+4OQGc+Pq/blos=
Subject key identifier: A0:4A:77:2A:84:DE:05:12:DC:60:F2:8C:EE:18:82:09:4F:A2:54:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B5C2D74425467B8F0D262061BEBAD2332C20FA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
Signing time: Tue 20 May 2025 20:31:22 +0000
ROA not before: Tue 20 May 2025 20:31:22 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:5c:2d:74:42:54:67:b8:f0:d2:62:06:1b:eb:ad:23:32:c2:0f:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:31:22 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=65bc078251c4c5180b1450d4c82b4ff7852cfa16518ad0450a97938af9ded6de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:79:15:38:b2:47:91:ca:d5:26:71:53:de:9b:
ac:06:64:5a:0f:8b:8f:3d:d4:26:08:ff:ed:b0:6f:
c4:b1:56:2b:ec:04:5a:40:ab:dc:8a:3b:d3:12:fe:
74:59:22:6c:dc:53:64:81:0a:8b:6e:8d:f2:42:a5:
d9:94:eb:1f:1a:38:a2:6f:fe:d3:cb:36:08:9d:fb:
e8:49:9f:6e:bb:ef:7a:f4:91:b5:df:ac:84:68:de:
90:4e:17:15:f7:d4:9f:da:09:2b:96:f7:9a:73:6c:
31:ee:31:d6:6d:a9:90:2d:6d:a2:cf:60:c1:38:a6:
c9:84:74:54:03:26:b9:6f:19:02:2c:fb:00:7f:8d:
e0:f1:9e:fb:c3:64:19:1a:a7:d1:b7:27:e9:f4:c9:
74:f3:93:4c:09:91:25:f4:6e:70:95:b3:08:68:b2:
55:c2:bc:7b:27:bf:45:50:06:1e:ee:c4:2e:d9:5f:
ca:f3:4c:a6:77:9a:71:86:9e:12:c9:c1:9b:4e:87:
47:62:f9:31:18:bf:42:b1:02:86:cf:6b:9e:70:f0:
e1:ba:a9:10:9d:30:64:45:72:b0:fe:23:79:90:22:
ed:9e:c3:d0:7c:f1:26:b2:18:0c:f0:fb:0e:a3:bb:
8a:fc:08:f3:ad:56:f1:73:e6:2a:75:98:d0:e6:ac:
90:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4A:77:2A:84:DE:05:12:DC:60:F2:8C:EE:18:82:09:4F:A2:54:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/36
Signature Algorithm: sha256WithRSAEncryption
37:07:67:c5:a3:a7:d3:66:95:ce:d7:76:02:f8:52:49:06:bb:
db:49:9d:9a:c1:06:78:16:f7:ea:70:17:7e:06:50:27:a7:e7:
bb:81:96:0e:a8:4e:fb:ac:46:a4:60:a8:b9:e4:3d:13:28:7f:
d7:2f:31:9b:39:36:50:fc:7b:5d:14:cd:2c:9e:12:01:69:c4:
3a:d6:7c:fd:13:e7:c4:c5:65:39:35:7b:a8:aa:c4:40:e2:78:
68:1c:ff:38:98:4c:1c:f8:03:76:58:b0:e3:61:d6:82:0a:6a:
97:d7:b1:08:fb:24:1e:80:84:af:e0:72:88:bb:df:21:f9:9a:
75:8e:03:7a:d8:9d:1c:20:b4:c9:22:d2:6e:45:6f:a7:64:50:
fd:0b:9c:01:74:38:90:b7:49:7c:90:23:12:2d:53:00:ba:ed:
44:dc:b6:09:ee:ca:9d:c6:68:08:da:b2:83:38:a6:f3:c3:e1:
a8:53:bb:e9:89:43:f9:a8:1a:6e:8e:18:35:47:79:95:ce:d0:
e2:99:97:9c:31:fd:16:b0:49:60:11:08:20:64:26:87:82:89:
b1:c5:3f:5c:89:af:01:a7:49:61:17:3e:e9:8c:39:a1:fb:d0:
1e:42:05:2e:69:cb:e6:1a:86:57:c7:ff:7e:0f:0c:7b:ec:36:
3f:9f:99:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS1wtdEJUZ7jw0mIGG+utIzLCD6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMxMjJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1YmMwNzgyNTFjNGM1MTgwYjE0NTBkNGM4MmI0ZmY3ODUyY2ZhMTY1MThh
ZDA0NTBhOTc5MzhhZjlkZWQ2ZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV5FTiyR5HK1SZxU96brAZkWg+Ljz3UJgj/7bBvxLFWK+wEWkCr3Io70xL+
dFkibNxTZIEKi26N8kKl2ZTrHxo4om/+08s2CJ376EmfbrvvevSRtd+shGjekE4X
FffUn9oJK5b3mnNsMe4x1m2pkC1tos9gwTimyYR0VAMmuW8ZAiz7AH+N4PGe+8Nk
GRqn0bcn6fTJdPOTTAmRJfRucJWzCGiyVcK8eye/RVAGHu7ELtlfyvNMpneacYae
EsnBm06HR2L5MRi/QrEChs9rnnDw4bqpEJ0wZEVysP4jeZAi7Z7D0HzxJrIYDPD7
DqO7ivwI861W8XPmKnWY0OaskI0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgSncq
hN4FEtxg8ozuGIIJT6JUKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThjZjU1YzUtYmI0YS00NmE1LWE2NjctOTAxYjFhMmZmYjRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQA3B2fFo6fTZpXO13YC+FJJBrvbSZ2awQZ4Fvfq
cBd+BlAnp+e7gZYOqE77rEakYKi55D0TKH/XLzGbOTZQ/HtdFM0snhIBacQ61nz9
E+fExWU5NXuoqsRA4nhoHP84mEwc+AN2WLDjYdaCCmqX17EI+yQegISv4HKIu98h
+Zp1jgN62J0cILTJItJuRW+nZFD9C5wBdDiQt0l8kCMSLVMAuu1E3LYJ7sqdxmgI
2rKDOKbzw+GoU7vpiUP5qBpujhg1R3mVztDimZecMf0WsElgEQggZCaHgomxxT9c
ia8Bp0lhFz7pjDmh+9AeQgUuacvmGoZXx/9+Dwx77DY/n5lU
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:37 2025 by rpki-client