Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
File: a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa (raw, json)
Hash identifier: jqYJZKoGdwjHApPsuYuL4EDzMwJhDUisfUFz4Tgt0+Q=
Subject key identifier: 8D:20:C4:D2:D8:BB:D8:1B:16:3B:97:B2:43:CE:72:14:62:A7:38:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7343504A6E9D114763D9F9499F9E3481337578EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
Signing time: Tue 20 May 2025 19:00:07 +0000
ROA not before: Tue 20 May 2025 19:00:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:43:50:4a:6e:9d:11:47:63:d9:f9:49:9f:9e:34:81:33:75:78:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a5c4f82f7ae4dd416b148da1c76d9491c88b4e2e516f30c7f7b015115d5e1d9d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9a:68:8a:4c:8e:5c:0a:73:24:dc:bd:3f:3d:
ab:ed:ec:fe:00:e3:b7:38:ec:4d:ca:2c:c6:8e:30:
1f:c2:0c:4d:aa:bd:fb:9f:f0:f1:a9:1a:9d:1d:c2:
33:86:1d:77:84:05:aa:0c:6c:a1:5f:fc:bf:a2:af:
9d:47:a0:27:46:99:ce:1c:c3:bd:18:92:4f:8e:3b:
56:53:71:13:7e:dd:8d:3d:e5:48:68:f8:71:79:29:
91:07:98:06:bd:39:d3:a4:44:e0:6c:4d:5c:7e:d0:
40:66:37:c7:03:2d:cf:69:93:92:a7:f2:7a:a5:5c:
54:28:ad:26:25:f5:ac:30:49:83:a9:85:ce:a7:33:
23:ab:80:de:d1:9e:28:1d:cf:9c:90:b0:97:a0:91:
f5:e0:99:2f:f7:6c:cd:44:2e:cb:2c:a4:b9:c9:e7:
ee:9f:2f:8b:05:0b:b2:2b:af:ce:f9:74:2d:cd:33:
41:7d:37:ab:2d:11:50:61:f5:43:25:c5:e1:ca:e9:
e3:e4:94:41:f0:66:26:e9:d3:17:af:91:f3:b5:ad:
de:69:c2:7b:32:ab:3f:eb:55:27:ae:87:44:7e:56:
7f:7d:24:5d:00:2c:1c:44:17:1d:b5:ee:9e:71:c7:
ba:2a:17:f7:34:e6:d1:e7:da:82:7c:28:01:1a:4d:
4a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:20:C4:D2:D8:BB:D8:1B:16:3B:97:B2:43:CE:72:14:62:A7:38:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6080::/48
Signature Algorithm: sha256WithRSAEncryption
7b:05:1d:3d:c2:ed:7b:aa:1e:c6:5f:b9:f8:00:10:76:14:b4:
67:d2:6b:4c:c9:6d:2f:94:3d:02:87:fd:14:1c:e2:0d:5b:f6:
d2:1b:30:32:da:6d:2f:12:38:5d:d5:8b:87:f6:35:b9:9c:d6:
74:bc:d2:d4:f2:e1:2f:8e:42:46:fa:6f:38:70:b6:95:2f:6e:
0b:ee:94:6b:cf:57:b4:cc:d8:99:b2:5b:f8:07:4c:f2:a0:68:
f7:8b:f6:42:37:76:2d:a2:ee:73:2b:4d:2b:ae:79:07:7d:0c:
34:77:8b:0b:dc:e7:d0:7a:53:3f:7a:6b:c0:47:bd:a4:7c:a5:
c8:73:da:25:d4:c9:a4:03:72:16:93:d5:9c:bb:4e:a2:16:c7:
11:9e:ac:a4:43:4a:a4:69:0d:4f:3a:8d:3b:2a:18:dc:f0:5d:
60:c9:1e:d5:58:17:d1:2d:4a:71:18:cb:bc:65:9e:d2:55:a6:
ec:e0:5c:68:d5:1d:5a:2b:bc:ac:18:9d:d6:07:24:6b:7b:e7:
c2:90:5b:73:e3:0d:59:f8:ef:6b:22:c9:f8:a0:2a:ae:45:2f:
cf:2b:c1:ae:5c:1f:de:57:a7:a1:14:6b:b1:ce:10:6e:a1:d1:
15:1f:db:1b:7b:1e:65:98:47:db:2f:e5:e6:dd:75:63:c4:0c:
22:df:ee:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUc0NQSm6dEUdj2flJn540gTN1eO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1YzRmODJmN2FlNGRkNDE2YjE0OGRhMWM3NmQ5NDkxYzg4YjRlMmU1MTZm
MzBjN2Y3YjAxNTExNWQ1ZTFkOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuaaIpMjlwKcyTcvT89q+3s/gDjtzjsTcosxo4wH8IMTaq9+5/w8akanR3C
M4Ydd4QFqgxsoV/8v6KvnUegJ0aZzhzDvRiST447VlNxE37djT3lSGj4cXkpkQeY
Br0506RE4GxNXH7QQGY3xwMtz2mTkqfyeqVcVCitJiX1rDBJg6mFzqczI6uA3tGe
KB3PnJCwl6CR9eCZL/dszUQuyyykucnn7p8viwULsiuvzvl0Lc0zQX03qy0RUGH1
QyXF4crp4+SUQfBmJunTF6+R87Wt3mnCezKrP+tVJ66HRH5Wf30kXQAsHEQXHbXu
nnHHuioX9zTm0efagnwoARpNSrMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSNIMTS
2LvYGxY7l7JDznIUYqc47jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQwZTJjZjItZDZlNC00ODEzLWE1YWEtNjIzZWRhODkyNmU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
gDANBgkqhkiG9w0BAQsFAAOCAQEAewUdPcLte6oexl+5+AAQdhS0Z9JrTMltL5Q9
Aof9FBziDVv20hswMtptLxI4XdWLh/Y1uZzWdLzS1PLhL45CRvpvOHC2lS9uC+6U
a89XtMzYmbJb+AdM8qBo94v2Qjd2LaLucytNK655B30MNHeLC9zn0HpTP3prwEe9
pHylyHPaJdTJpANyFpPVnLtOohbHEZ6spENKpGkNTzqNOyoY3PBdYMke1VgX0S1K
cRjLvGWe0lWm7OBcaNUdWiu8rBid1gcka3vnwpBbc+MNWfjvayLJ+KAqrkUvzyvB
rlwf3lenoRRrsc4QbqHRFR/bG3seZZhH2y/l5t11Y8QMIt/uEg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:46 2025 by rpki-client