Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
File: a7031a07-12ba-45f8-a53b-6bd5b713c999.roa (raw, json)
Hash identifier: 5aCwriylhNXJF/LjXx/tNhTgAn5h+LSI4sbj+I8UVNw=
Subject key identifier: 0D:50:73:07:57:FA:83:1C:AA:56:B5:88:74:6B:7A:A6:E4:D5:B6:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4717CA7DB0A99D03615F88A1A4FBC9480765C3A8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
Signing time: Tue 20 May 2025 20:21:00 +0000
ROA not before: Tue 20 May 2025 20:21:00 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:17:ca:7d:b0:a9:9d:03:61:5f:88:a1:a4:fb:c9:48:07:65:c3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:00 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e9b904dfb5e199d681bd055e123285df37355e936cd9b32a0b141dfa2790dd4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:74:e5:25:05:c4:9f:f3:1e:98:a9:34:27:3f:
d0:95:8f:1a:cb:35:c7:d9:fe:01:2b:93:5b:ea:31:
5c:34:8d:2b:fd:74:45:a2:42:c7:4e:e8:20:c6:cd:
92:0c:37:eb:f4:be:f5:d6:4e:74:79:ff:b2:a7:4e:
f5:80:0a:63:db:65:12:2e:b8:1e:f1:ff:2e:f5:db:
9b:d2:2b:97:5e:a5:3b:65:31:1b:60:19:39:20:5f:
1e:74:53:25:f8:ad:b6:9d:41:bb:d6:9f:68:5e:8d:
0d:64:96:7b:89:01:d6:95:9c:a7:6d:48:7f:24:fc:
cf:18:9d:bd:1e:bc:12:83:ab:03:ee:df:77:c1:55:
31:84:b5:a6:d6:d6:7b:12:40:a3:d5:4c:2e:b1:29:
75:1b:36:4f:de:67:ac:37:6c:2d:51:03:95:12:f9:
0c:d1:c3:e6:3a:b7:65:a9:b7:39:c0:68:8e:21:ed:
70:6b:ad:53:7e:03:1b:ce:67:77:3b:d7:93:5b:18:
6d:be:56:66:95:be:31:53:a8:bd:a8:22:50:f0:ce:
b2:76:c5:2d:e2:43:89:db:3b:65:34:6b:ee:58:1f:
7e:17:90:f2:49:c3:f1:d7:67:ce:58:75:ee:04:51:
39:25:29:81:7d:d3:67:26:9f:41:8a:0f:04:19:7b:
d9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:50:73:07:57:FA:83:1C:AA:56:B5:88:74:6B:7A:A6:E4:D5:B6:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:400::/38
Signature Algorithm: sha256WithRSAEncryption
b1:af:15:a4:45:a2:2e:d0:c9:8e:1e:fd:1d:81:37:81:83:7b:
1d:df:8f:ab:79:e1:df:41:17:04:26:15:14:dc:11:22:d3:f5:
65:f5:59:f5:5a:1d:7c:c1:5b:13:30:1e:35:39:e6:e8:e9:08:
27:83:07:bb:e2:30:87:1f:e3:ae:25:53:41:d8:f6:e2:1e:a6:
23:57:3c:e3:ff:17:76:7d:a8:ff:85:c9:9e:98:b8:5e:6a:7e:
a7:7e:96:6a:49:0a:92:77:bb:3d:99:69:75:b7:9d:8d:c0:49:
d6:7a:c1:4a:5a:cb:0c:ea:76:ba:aa:64:95:80:90:36:12:67:
e3:6e:f8:d1:d7:c2:66:0d:40:0b:b3:a4:02:15:df:ca:6d:b1:
f4:0e:69:1e:9b:bf:30:a3:af:dc:09:f1:50:1f:61:5c:c3:26:
f5:7f:22:62:a1:69:6c:92:0c:37:1d:29:67:63:09:0d:49:83:
c3:13:12:bc:f9:97:b6:6f:1e:c8:a9:69:0f:64:e8:bb:80:c1:
fd:86:1e:d8:8d:3c:ff:6a:6d:91:53:50:b6:7a:9d:37:62:37:
32:87:1a:89:f9:8d:2d:26:bc:7e:39:50:5f:cc:ec:32:7d:f3:
de:a1:ea:bd:e2:be:59:9d:9e:9b:75:d1:b6:3a:60:f0:0f:75:
da:11:c4:4b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURxfKfbCpnQNhX4ihpPvJSAdlw6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxMDBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YjkwNGRmYjVlMTk5ZDY4MWJkMDU1ZTEyMzI4NWRmMzczNTVlOTM2Y2Q5
YjMyYTBiMTQxZGZhMjc5MGRkNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ05SUFxJ/zHpipNCc/0JWPGss1x9n+ASuTW+oxXDSNK/10RaJCx07oIMbN
kgw36/S+9dZOdHn/sqdO9YAKY9tlEi64HvH/LvXbm9Irl16lO2UxG2AZOSBfHnRT
Jfittp1Bu9afaF6NDWSWe4kB1pWcp21IfyT8zxidvR68EoOrA+7fd8FVMYS1ptbW
exJAo9VMLrEpdRs2T95nrDdsLVEDlRL5DNHD5jq3Zam3OcBojiHtcGutU34DG85n
dzvXk1sYbb5WZpW+MVOovagiUPDOsnbFLeJDids7ZTRr7lgffheQ8knD8ddnzlh1
7gRROSUpgX3TZyafQYoPBBl72TECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNUHMH
V/qDHKpWtYh0a3qm5NW24jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcwMzFhMDctMTJiYS00NWY4LWE1M2ItNmJkNWI3MTNjOTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoE
MA0GCSqGSIb3DQEBCwUAA4IBAQCxrxWkRaIu0MmOHv0dgTeBg3sd34+reeHfQRcE
JhUU3BEi0/Vl9Vn1Wh18wVsTMB41Oebo6Qgngwe74jCHH+OuJVNB2PbiHqYjVzzj
/xd2faj/hcmemLhean6nfpZqSQqSd7s9mWl1t52NwEnWesFKWssM6na6qmSVgJA2
EmfjbvjR18JmDUALs6QCFd/KbbH0Dmkem78wo6/cCfFQH2Fcwyb1fyJioWlskgw3
HSlnYwkNSYPDExK8+Ze2bx7IqWkPZOi7gMH9hh7YjTz/am2RU1C2ep03YjcyhxqJ
+Y0tJrx+OVBfzOwyffPeoeq94r5ZnZ6bddG2OmDwD3XaEcRL
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:54 2025 by rpki-client