Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a25c5c84-0f08-47bb-96ab-7ab46c85a8e8.roa
File: a25c5c84-0f08-47bb-96ab-7ab46c85a8e8.roa (raw, json)
Hash identifier: zY46UhqqFxlOQL0X4ocREmj/90gjyYz6bLJ9H1ZAlL4=
Subject key identifier: 25:EC:94:BE:3F:71:46:0F:1C:C9:9E:7D:0B:8F:DE:76:C9:A5:A0:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17AC9380B09268F5E3D1B1F203646DC21BEC3486
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a25c5c84-0f08-47bb-96ab-7ab46c85a8e8.roa
Signing time: Tue 20 May 2025 19:52:03 +0000
ROA not before: Tue 20 May 2025 19:52:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:ac:93:80:b0:92:68:f5:e3:d1:b1:f2:03:64:6d:c2:1b:ec:34:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:52:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cae82943a5400d88e65fbb9bc73579d509137dec4281ba42d0a89763d182658a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3f:c1:96:2c:3b:8b:39:ef:15:fa:d6:c8:8e:
22:58:31:44:d3:55:30:c5:69:99:8b:ec:b8:6e:9a:
c2:91:d7:e4:e3:d7:a8:67:5b:05:9e:5b:da:7f:50:
08:4a:87:e5:79:b2:c8:22:fa:8b:a0:2b:7a:ed:03:
70:77:cf:e7:10:d7:a3:66:f5:b4:17:aa:2d:e9:ef:
9e:0e:7f:aa:38:8c:ab:d4:ef:84:c2:a2:9c:00:45:
f9:8e:f4:39:77:d1:5d:ad:c3:1b:83:04:66:70:f6:
d9:c6:65:cc:ac:30:cc:0e:d1:f2:1d:af:0b:46:b7:
7f:14:2d:6d:48:a4:a4:cb:70:d9:45:d7:69:ac:90:
12:11:0e:4a:ed:86:3e:16:e2:1b:b6:b6:92:4e:92:
c4:f4:28:76:89:eb:80:57:4e:00:b5:89:2b:29:64:
3f:16:21:fd:d3:6d:5d:27:03:1b:df:17:01:31:e4:
09:f9:cb:27:1c:b8:cd:16:b2:82:a9:53:97:f4:fa:
46:f1:51:18:8d:41:88:2d:ff:17:79:6a:57:ee:71:
a7:35:15:65:8c:43:a5:d1:6e:f2:a0:be:57:23:d2:
6f:c0:09:b3:06:6b:36:aa:1b:25:02:cf:ad:bd:2a:
d2:fd:ab:9e:66:b3:41:05:6d:e0:1d:2e:e0:a3:5a:
87:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EC:94:BE:3F:71:46:0F:1C:C9:9E:7D:0B:8F:DE:76:C9:A5:A0:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a25c5c84-0f08-47bb-96ab-7ab46c85a8e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:c8:73:2b:ae:63:9e:d0:12:c1:32:f1:9f:dc:44:76:83:3e:
8a:bc:d7:c0:34:83:bc:9a:77:37:a5:8f:33:15:87:fd:76:0e:
9a:ae:11:d2:57:d9:71:47:bf:be:a2:01:42:42:ab:14:2a:9e:
e8:02:ce:25:16:37:e8:5c:03:07:07:fe:a5:99:95:89:11:86:
6a:b8:f3:0d:5c:47:2b:6c:3a:08:19:3d:97:af:40:1a:32:2f:
75:1f:8c:a7:ae:71:e7:f0:9b:69:0f:3c:d4:6a:c9:b1:bf:1b:
14:f6:b0:00:12:83:70:16:ae:2a:4a:75:ce:81:f6:5d:ca:f8:
8c:d6:c7:15:2d:e4:fa:2f:b9:2d:a0:f1:d2:38:51:0f:67:75:
7d:e6:dd:4e:97:1b:68:e4:c1:86:38:ff:9d:f3:47:45:bc:a8:
a6:e4:f3:28:ab:88:73:02:e2:e7:69:56:be:ba:50:8e:40:7b:
58:80:c1:d6:bf:9b:f6:b4:f8:53:32:5c:65:af:82:0c:e5:46:
84:b3:2e:64:09:02:8d:5a:5a:76:fb:32:84:bb:17:ae:59:52:
a9:d4:d2:35:56:35:49:13:a1:c3:0c:52:dd:02:f6:05:f8:ba:
fa:02:1a:a4:83:29:62:e5:87:43:6f:6e:9c:bc:8d:97:5e:95:
59:e9:1b:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF6yTgLCSaPXj0bHyA2RtwhvsNIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUyMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhZTgyOTQzYTU0MDBkODhlNjVmYmI5YmM3MzU3OWQ1MDkxMzdkZWM0Mjgx
YmE0MmQwYTg5NzYzZDE4MjY1OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANo/wZYsO4s57xX61siOIlgxRNNVMMVpmYvsuG6awpHX5OPXqGdbBZ5b2n9Q
CEqH5XmyyCL6i6Areu0DcHfP5xDXo2b1tBeqLenvng5/qjiMq9TvhMKinABF+Y70
OXfRXa3DG4MEZnD22cZlzKwwzA7R8h2vC0a3fxQtbUikpMtw2UXXaayQEhEOSu2G
PhbiG7a2kk6SxPQodonrgFdOALWJKylkPxYh/dNtXScDG98XATHkCfnLJxy4zRay
gqlTl/T6RvFRGI1BiC3/F3lqV+5xpzUVZYxDpdFu8qC+VyPSb8AJswZrNqobJQLP
rb0q0v2rnmazQQVt4B0u4KNahykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQl7JS+
P3FGDxzJnn0Lj952yaWg+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI1YzVjODQtMGYwOC00N2JiLTk2YWItN2FiNDZjODVhOGU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hug
MA0GCSqGSIb3DQEBCwUAA4IBAQB7yHMrrmOe0BLBMvGf3ER2gz6KvNfANIO8mnc3
pY8zFYf9dg6arhHSV9lxR7++ogFCQqsUKp7oAs4lFjfoXAMHB/6lmZWJEYZquPMN
XEcrbDoIGT2Xr0AaMi91H4ynrnHn8JtpDzzUasmxvxsU9rAAEoNwFq4qSnXOgfZd
yviM1scVLeT6L7ktoPHSOFEPZ3V95t1Olxto5MGGOP+d80dFvKim5PMoq4hzAuLn
aVa+ulCOQHtYgMHWv5v2tPhTMlxlr4IM5UaEsy5kCQKNWlp2+zKEuxeuWVKp1NI1
VjVJE6HDDFLdAvYF+Lr6Ahqkgyli5YdDb26cvI2XXpVZ6Rvz
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:45 2025 by rpki-client