Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa
File: a6c6065d-431b-4a4f-98c4-f607358ee480.roa (raw, json)
Hash identifier: Rq/J/+WOblUvqI7e9WvykumP9ghHF2npWPKjYuwP+ak=
Subject key identifier: 5E:57:1E:34:24:2F:22:04:F7:65:29:0E:C0:58:EF:83:7F:90:73:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51EFE680D0137B433D3D8E4582CBF77D9045BEBF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa
Signing time: Fri 23 May 2025 00:41:16 +0000
ROA not before: Fri 23 May 2025 00:41:16 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:ef:e6:80:d0:13:7b:43:3d:3d:8e:45:82:cb:f7:7d:90:45:be:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:16 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=dcb59faae837ed0f975c38226261b117c8f03be55f563bf9ee9fd929bf72e7c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:35:8c:11:d9:25:3c:ea:5f:38:60:b4:da:
b5:30:ed:73:6e:8e:5c:c6:58:bd:fa:cb:9c:d2:1d:
ff:d7:4e:e5:ff:15:02:68:87:23:87:04:31:3d:99:
cc:4f:05:9a:90:2f:7e:18:7d:70:1b:43:ef:ea:b5:
3d:a2:b3:b8:a4:12:45:0b:c9:fc:94:43:2c:d7:26:
db:19:72:8b:02:1c:8e:87:94:97:94:43:54:25:99:
c3:a5:7c:c5:63:f3:46:e3:4e:8e:8b:72:3b:58:f1:
9a:98:ae:dd:81:ec:d6:91:93:30:e2:9d:1c:34:2c:
89:e4:f2:99:a0:3f:f8:f5:f9:f9:d5:e4:23:52:ed:
28:22:c0:44:f3:2e:8b:72:6c:4e:d7:e6:30:9a:23:
c9:97:a4:fd:83:73:64:f0:c6:06:35:01:66:33:a2:
20:08:bf:4c:59:00:57:37:1d:42:4b:5f:d0:08:8e:
b1:b7:36:fe:6f:d5:bf:9e:05:f8:5d:1f:de:c7:1a:
e1:b7:fd:a9:f9:88:6c:66:74:31:be:55:c3:0c:b7:
da:bb:97:f6:b0:43:c4:1f:ac:88:04:31:99:44:15:
f4:59:65:70:a9:50:1b:0b:d3:08:c1:47:d4:1f:56:
d9:a7:28:94:20:ef:cf:02:bf:33:30:9c:6c:c1:11:
f8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:57:1E:34:24:2F:22:04:F7:65:29:0E:C0:58:EF:83:7F:90:73:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
32:26:d4:ef:ce:c4:c8:05:57:6b:11:ef:c3:e4:78:20:ea:31:
db:3e:c8:99:c4:03:04:1f:d8:00:7f:b4:23:2c:dc:ab:ee:bf:
0f:32:44:a1:54:6c:5b:7f:df:de:08:1b:b7:8f:d1:1a:94:0c:
bf:be:fd:29:66:fa:a9:dc:2a:69:f6:68:19:51:ae:ab:e2:b8:
6b:8b:a1:44:3f:d5:b1:6f:4f:64:b9:53:3e:de:5b:a7:dc:f7:
47:a6:77:00:54:65:65:fc:6d:67:41:9c:8a:63:b8:6e:7c:21:
e3:c3:04:6d:a1:14:83:a2:d2:1a:e1:1f:05:b8:ae:a3:79:73:
c1:e9:6c:e4:0e:20:9f:3f:b9:a6:9c:62:10:33:0b:55:10:d6:
f7:87:7f:18:b6:1f:31:8f:53:6f:87:f5:a9:56:65:ef:82:d2:
b6:5e:2a:2b:c1:16:e2:14:4b:02:23:20:80:80:61:7f:5c:e9:
04:01:9a:41:9d:43:8f:ef:e0:ef:ae:39:d1:33:28:d6:b9:5b:
74:1f:af:69:97:76:b8:27:01:d7:db:94:77:39:aa:c4:2f:48:
e5:40:e2:2e:ca:8e:f7:61:cd:c8:77:6f:9d:a5:b9:9f:82:65:
f8:c5:4f:89:ae:44:6f:13:13:56:ac:62:83:d7:3e:01:cf:54:
52:3f:5d:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUe/mgNATe0M9PY5Fgsv3fZBFvr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMTZaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjYjU5ZmFhZTgzN2VkMGY5NzVjMzgyMjYyNjFiMTE3YzhmMDNiZTU1ZjU2
M2JmOWVlOWZkOTI5YmY3MmU3YzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOrNYwR2SU86l84YLTatTDtc26OXMZYvfrLnNId/9dO5f8VAmiHI4cEMT2Z
zE8FmpAvfhh9cBtD7+q1PaKzuKQSRQvJ/JRDLNcm2xlyiwIcjoeUl5RDVCWZw6V8
xWPzRuNOjotyO1jxmpiu3YHs1pGTMOKdHDQsieTymaA/+PX5+dXkI1LtKCLARPMu
i3JsTtfmMJojyZek/YNzZPDGBjUBZjOiIAi/TFkAVzcdQktf0AiOsbc2/m/Vv54F
+F0f3sca4bf9qfmIbGZ0Mb5Vwwy32ruX9rBDxB+siAQxmUQV9FllcKlQGwvTCMFH
1B9W2acolCDvzwK/MzCcbMER+LcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReVx40
JC8iBPdlKQ7AWO+Df5BzWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZjNjA2NWQtNDMxYi00YTRmLTk4YzQtZjYwNzM1OGVlNDgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/A
MA0GCSqGSIb3DQEBCwUAA4IBAQAyJtTvzsTIBVdrEe/D5Hgg6jHbPsiZxAMEH9gA
f7QjLNyr7r8PMkShVGxbf9/eCBu3j9EalAy/vv0pZvqp3Cpp9mgZUa6r4rhri6FE
P9Wxb09kuVM+3lun3PdHpncAVGVl/G1nQZyKY7hufCHjwwRtoRSDotIa4R8FuK6j
eXPB6WzkDiCfP7mmnGIQMwtVENb3h38Yth8xj1Nvh/WpVmXvgtK2XiorwRbiFEsC
IyCAgGF/XOkEAZpBnUOP7+DvrjnRMyjWuVt0H69pl3a4JwHX25R3OarEL0jlQOIu
yo73Yc3Id2+dpbmfgmX4xU+JrkRvExNWrGKD1z4Bz1RSP12m
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:49 2025 by rpki-client