Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
File: 9fb96617-2d2f-468d-b766-35c52d9f2681.roa (raw, json)
Hash identifier: w/y2myenaf9S6n51kryLUOHEzsmK9Ne9HQAgKUPZRUA=
Subject key identifier: AC:D0:23:F9:0E:DC:2F:B0:4E:64:52:93:38:B3:7C:19:43:9A:88:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 438966964864EA98B2762C152C0EB34155F658CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
Signing time: Tue 20 May 2025 20:21:04 +0000
ROA not before: Tue 20 May 2025 20:21:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:89:66:96:48:64:ea:98:b2:76:2c:15:2c:0e:b3:41:55:f6:58:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1b0a88819d2ae471293cadd9768b0a841700a924efc71bc6082f605d6d77489a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e6:d6:df:9f:b1:fb:3c:35:8c:8e:b9:12:34:
4f:36:b0:e1:a4:d3:b1:fc:fe:ce:79:ce:9b:2c:25:
c5:22:dc:5b:82:b7:0c:47:62:04:3c:fa:0f:47:2e:
59:b8:ea:65:a4:01:4e:72:c4:34:52:79:2d:aa:4b:
e8:8e:4e:c4:fb:98:0f:cc:31:cf:be:ba:02:a8:11:
a4:a7:bb:cc:cf:ab:71:46:2a:67:cd:03:77:ae:7a:
78:2e:18:ac:92:31:2a:19:4b:f2:51:43:ff:e8:8a:
9e:b2:33:c6:d0:05:5a:37:ea:47:4a:f4:db:32:7d:
82:f7:19:ca:81:f7:09:87:d9:b9:5b:66:5a:1d:4a:
e1:d4:8d:f4:f1:81:44:66:4b:27:a1:dd:27:3d:b8:
c9:78:34:3c:0c:9f:ad:0d:55:12:52:7c:51:04:f9:
af:da:a9:43:ab:e0:75:77:f6:3e:f7:1e:f2:c8:4f:
e5:dd:e5:59:ba:c4:3f:1f:f3:b6:08:d7:10:c0:18:
54:20:6b:06:fe:d1:ca:d7:11:ea:d8:87:a4:97:bd:
4a:d3:23:11:d2:36:1d:bf:46:19:d2:39:7e:19:18:
b4:6d:77:bf:7c:cb:d6:ae:53:af:c2:16:6a:ad:3f:
68:4c:f4:68:ab:7b:f0:79:38:7b:c2:ce:27:fd:78:
ca:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D0:23:F9:0E:DC:2F:B0:4E:64:52:93:38:B3:7C:19:43:9A:88:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:800::/38
Signature Algorithm: sha256WithRSAEncryption
47:89:38:a9:eb:81:38:37:29:db:b7:6f:d1:0d:d4:06:1c:73:
62:d8:98:2a:04:5a:f1:8d:3a:86:93:00:6c:5c:63:e3:28:c2:
e0:d5:e7:98:26:2e:f0:93:16:a4:f9:ca:e3:5d:16:d2:d0:16:
e0:6d:a0:1f:1d:04:29:05:7f:90:d7:61:be:e3:36:fd:ed:7e:
2e:18:52:04:a6:a3:72:a9:43:67:02:91:e8:e6:8a:14:b6:07:
7b:35:ef:70:9d:31:07:6f:6f:bc:10:1e:76:e9:8a:cf:8c:6b:
ef:8f:eb:f2:57:6a:17:bc:d8:ca:a4:cb:b2:31:88:13:74:36:
58:ae:c7:aa:23:16:9f:8a:8e:a4:cd:a1:af:16:5b:bd:04:01:
f3:94:27:fd:17:04:7c:4e:92:b3:fb:aa:2a:0f:8c:b1:85:2d:
5c:ed:4c:d0:cd:3b:f2:9f:41:38:76:c4:44:24:33:d2:36:25:
74:ab:61:7b:b5:2d:5d:b1:1f:ae:c5:10:fb:86:00:b4:f5:79:
3b:fc:18:05:f0:3e:cc:18:44:d0:17:56:61:e4:82:df:42:fa:
3d:14:45:a4:66:d4:a3:7f:6e:4f:4f:91:cb:ad:b4:76:57:3c:
09:60:4c:36:a6:f2:fe:8e:81:54:2c:24:ff:5d:9d:86:92:36:
89:9f:6e:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ4lmlkhk6piydiwVLA6zQVX2WM4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiMGE4ODgxOWQyYWU0NzEyOTNjYWRkOTc2OGIwYTg0MTcwMGE5MjRlZmM3
MWJjNjA4MmY2MDVkNmQ3NzQ4OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODm1t+fsfs8NYyOuRI0Tzaw4aTTsfz+znnOmywlxSLcW4K3DEdiBDz6D0cu
WbjqZaQBTnLENFJ5LapL6I5OxPuYD8wxz766AqgRpKe7zM+rcUYqZ80Dd656eC4Y
rJIxKhlL8lFD/+iKnrIzxtAFWjfqR0r02zJ9gvcZyoH3CYfZuVtmWh1K4dSN9PGB
RGZLJ6HdJz24yXg0PAyfrQ1VElJ8UQT5r9qpQ6vgdXf2Pvce8shP5d3lWbrEPx/z
tgjXEMAYVCBrBv7RytcR6tiHpJe9StMjEdI2Hb9GGdI5fhkYtG13v3zL1q5Tr8IW
aq0/aEz0aKt78Hk4e8LOJ/14yp8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSs0CP5
DtwvsE5kUpM4s3wZQ5qIwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZiOTY2MTctMmQyZi00NjhkLWI3NjYtMzVjNTJkOWYyNjgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUI
MA0GCSqGSIb3DQEBCwUAA4IBAQBHiTip64E4Nynbt2/RDdQGHHNi2JgqBFrxjTqG
kwBsXGPjKMLg1eeYJi7wkxak+crjXRbS0BbgbaAfHQQpBX+Q12G+4zb97X4uGFIE
pqNyqUNnApHo5ooUtgd7Ne9wnTEHb2+8EB526YrPjGvvj+vyV2oXvNjKpMuyMYgT
dDZYrseqIxafio6kzaGvFlu9BAHzlCf9FwR8TpKz+6oqD4yxhS1c7UzQzTvyn0E4
dsREJDPSNiV0q2F7tS1dsR+uxRD7hgC09Xk7/BgF8D7MGETQF1Zh5ILfQvo9FEWk
ZtSjf25PT5HLrbR2VzwJYEw2pvL+joFULCT/XZ2GkjaJn27L
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:19 2025 by rpki-client