Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json)
Hash identifier: upERHaqFs9b7DFoKS8svUyJW3wln0Z1BzibXd76yFSw=
Subject key identifier: 3D:1D:BD:30:0D:F8:80:C6:5C:27:04:06:BC:F6:6E:C2:F9:03:05:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AAF8CFF4648CEA53EF3D4139D244E08B27741F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
Signing time: Tue 20 May 2025 19:50:17 +0000
ROA not before: Tue 20 May 2025 19:50:17 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:af:8c:ff:46:48:ce:a5:3e:f3:d4:13:9d:24:4e:08:b2:77:41:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:50:17 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=520d837b6b07040c52a49319631bf86eba19125430bdd1cf6be67b0f85f6a7ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:04:5c:c5:48:df:e3:61:2c:f5:2f:16:2b:1a:
f2:a8:36:c5:62:bd:ef:6f:5f:e1:18:8b:35:a9:67:
f9:5f:30:d8:16:0e:58:9c:ae:dd:66:97:2f:5a:a7:
fc:43:6b:e6:d5:38:f1:fe:44:aa:d6:6b:10:ae:92:
c9:8f:b4:64:24:92:fb:68:bb:3d:e4:79:7c:da:5d:
fd:9a:de:c7:38:f2:84:5d:8e:60:e5:b0:bc:13:98:
06:12:f6:b2:a4:95:d8:67:96:ad:14:3f:7b:35:26:
02:c8:ce:76:eb:c0:56:a6:21:dd:47:a1:87:66:59:
d4:d5:32:a6:5c:35:6d:b1:3f:07:a1:33:39:b2:95:
09:95:a6:2b:39:88:92:7b:5c:2c:a0:27:7d:42:c7:
89:f3:5f:c7:de:6e:97:ce:8e:eb:b8:a1:87:8a:0f:
de:8a:79:f0:30:d1:d7:e8:8a:79:50:8b:42:b0:1a:
d4:14:dc:85:dc:de:2d:d6:8e:5a:8e:1d:cb:99:38:
3a:80:32:ec:e9:a7:da:69:83:89:72:e8:49:c5:1c:
7e:89:c7:93:10:50:e4:86:e5:26:c5:22:43:bf:84:
69:77:3d:6e:9a:44:a0:3e:f8:3f:7c:87:b4:8d:e1:
64:b5:e0:7f:11:b1:75:88:e0:13:db:37:11:26:40:
b5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1D:BD:30:0D:F8:80:C6:5C:27:04:06:BC:F6:6E:C2:F9:03:05:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:6000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:6d:3a:2f:8c:15:c5:18:f7:ea:ec:a3:8e:dd:66:2b:9a:2a:
f1:ee:34:f1:2b:d8:34:cb:3e:bd:87:cd:d4:d0:b6:15:2b:7a:
fd:34:7e:c9:7d:40:0c:38:ea:2d:d6:2c:b5:b0:d8:29:d8:07:
4c:c7:09:e0:3c:f0:db:31:f4:50:7a:54:df:98:29:b1:e1:f9:
14:c4:cd:42:8a:2c:d0:b8:54:b2:b6:07:cf:b9:d3:e8:13:5b:
c3:9c:a2:32:46:8b:54:6c:59:f4:50:e4:12:c5:dd:db:57:c9:
25:3e:d1:b8:b9:b0:46:40:29:35:86:35:22:5c:6c:b3:6d:fe:
68:14:e9:f8:1b:c7:2a:3f:52:fe:1d:8a:a0:b4:b7:3e:6e:8c:
4f:bb:58:a5:5b:be:25:92:57:95:28:55:d8:68:96:44:5b:53:
ee:ec:82:3c:42:ac:9d:01:c2:ba:79:c6:b1:a8:55:06:35:20:
10:d9:8f:7f:0b:fe:65:d6:45:fd:bf:18:86:1a:3d:5a:9a:6b:
69:10:75:47:19:96:b9:3a:2c:79:b0:89:56:36:a1:b2:22:e8:
84:f5:03:2f:c1:43:8d:b7:9b:6f:26:fb:ea:d2:f2:49:4e:99:
25:4e:68:0e:0e:a9:63:d2:df:6a:62:8a:f9:e3:d4:ec:be:5e:
03:04:15:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKq+M/0ZIzqU+89QTnSROCLJ3QfUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUwMTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyMGQ4MzdiNmIwNzA0MGM1MmE0OTMxOTYzMWJmODZlYmExOTEyNTQzMGJk
ZDFjZjZiZTY3YjBmODVmNmE3YWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUEXMVI3+NhLPUvFisa8qg2xWK9729f4RiLNaln+V8w2BYOWJyu3WaXL1qn
/ENr5tU48f5EqtZrEK6SyY+0ZCSS+2i7PeR5fNpd/ZrexzjyhF2OYOWwvBOYBhL2
sqSV2GeWrRQ/ezUmAsjOduvAVqYh3Uehh2ZZ1NUyplw1bbE/B6EzObKVCZWmKzmI
kntcLKAnfULHifNfx95ul86O67ihh4oP3op58DDR1+iKeVCLQrAa1BTchdzeLdaO
Wo4dy5k4OoAy7Omn2mmDiXLoScUcfonHkxBQ5IblJsUiQ7+EaXc9bppEoD74P3yH
tI3hZLXgfxGxdYjgE9s3ESZAtQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9Hb0w
DfiAxlwnBAa89m7C+QMFiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg
MA0GCSqGSIb3DQEBCwUAA4IBAQCcbTovjBXFGPfq7KOO3WYrmirx7jTxK9g0yz69
h83U0LYVK3r9NH7JfUAMOOot1iy1sNgp2AdMxwngPPDbMfRQelTfmCmx4fkUxM1C
iizQuFSytgfPudPoE1vDnKIyRotUbFn0UOQSxd3bV8klPtG4ubBGQCk1hjUiXGyz
bf5oFOn4G8cqP1L+HYqgtLc+boxPu1ilW74lkleVKFXYaJZEW1Pu7II8QqydAcK6
ecaxqFUGNSAQ2Y9/C/5l1kX9vxiGGj1ammtpEHVHGZa5Oix5sIlWNqGyIuiE9QMv
wUONt5tvJvvq0vJJTpklTmgODqlj0t9qYor549Tsvl4DBBVt
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:25 2025 by rpki-client