Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
File: a72cbea9-100c-4974-8211-87debb0f6fbd.roa (raw, json)
Hash identifier: EHDdeebrgUDGRfbB6dy1wfyodtdchdslaJ/+0rLZaC0=
Subject key identifier: 74:8D:34:EE:93:4B:60:3F:C6:45:DA:42:E3:3F:C0:C6:1C:22:2B:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7696D09214230F82458568605A69B6D1A688166D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
Signing time: Fri 23 May 2025 00:41:22 +0000
ROA not before: Fri 23 May 2025 00:41:22 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:96:d0:92:14:23:0f:82:45:85:68:60:5a:69:b6:d1:a6:88:16:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:22 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=9442ef0e92114438d036834f82a279fee757b7446cc980700170b5eac8e0b5fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:5a:17:cd:49:12:dc:09:2c:e9:46:0b:91:ce:
4f:92:e7:38:02:2f:a2:41:c6:e2:ee:bd:b2:61:74:
05:e8:06:71:9e:7b:a2:5d:10:18:d1:f9:c5:52:dc:
d4:d9:04:d6:99:76:fd:94:3d:6a:10:80:15:45:50:
33:65:b2:7f:ca:2e:72:06:00:5b:9a:f0:39:d8:f7:
ed:f5:bd:fa:0d:5a:b8:6b:da:11:ef:5e:c0:37:68:
84:09:e1:8e:f0:45:86:36:fb:25:b3:52:6b:c2:6a:
37:24:cb:40:65:16:1a:48:59:e9:4c:e1:3e:ac:a4:
9b:35:da:2f:9e:d2:57:9b:a6:a5:42:3f:3d:d6:48:
5d:74:5d:c5:5a:4e:8d:3e:01:31:86:6f:c4:91:cf:
4a:59:e1:9c:42:ad:77:41:25:d8:42:04:b2:31:7c:
a1:9a:d1:63:12:3c:62:e2:a3:ec:fa:50:1a:80:ff:
26:0d:d7:0e:f7:58:f1:df:07:50:99:89:df:4f:a6:
09:88:fa:aa:17:e7:89:2e:2c:a2:e6:2d:83:00:28:
c8:d6:1f:84:01:35:20:0b:15:c9:71:ea:73:22:b3:
65:e4:5f:70:c2:03:81:6a:77:32:29:8d:0a:02:ce:
f9:d0:e2:82:37:3b:7a:ef:12:46:b8:e9:50:73:68:
71:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8D:34:EE:93:4B:60:3F:C6:45:DA:42:E3:3F:C0:C6:1C:22:2B:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:64:3b:e4:47:97:f9:d0:f0:f4:6a:de:b8:84:46:de:45:27:
14:74:63:d2:01:72:bc:b7:46:ab:15:7e:79:44:1b:40:ce:d2:
39:7c:be:bd:b1:7d:e7:50:83:ca:68:4d:c4:a4:32:73:db:d2:
41:e8:77:36:d9:a2:06:25:00:96:c7:9b:37:ab:52:97:ad:8e:
33:0a:bd:4e:13:60:05:10:71:2e:a9:98:7b:fb:19:19:69:10:
55:a3:3e:08:e4:9a:12:75:aa:64:11:76:da:86:2c:7b:19:9b:
f9:7f:a9:dd:3e:ce:f4:cc:f4:92:dc:f3:96:44:fa:d6:7e:e0:
20:dd:65:20:08:39:a6:9c:c6:47:35:4e:74:40:f7:22:34:41:
2e:c3:e2:4a:8d:23:76:5d:31:bb:52:e3:c7:8a:17:af:5e:92:
cd:a2:4c:08:ec:b9:c9:cf:c3:de:3d:30:35:a4:d4:1d:cb:93:
c5:f4:09:76:57:cd:df:4b:c2:36:9f:fd:90:0a:a2:27:e4:68:
f6:a8:c2:19:ee:7a:78:d6:9e:01:da:01:30:7a:b5:ca:74:94:
6a:af:73:49:58:0c:4c:4c:58:9b:0c:e8:1a:61:a9:62:77:03:
70:a6:89:ce:1f:4c:2f:7c:86:bf:64:fd:45:dd:3f:a1:ae:28:
01:f1:2d:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdpbQkhQjD4JFhWhgWmm20aaIFm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMjJaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0NDJlZjBlOTIxMTQ0MzhkMDM2ODM0ZjgyYTI3OWZlZTc1N2I3NDQ2Y2M5
ODA3MDAxNzBiNWVhYzhlMGI1ZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORaF81JEtwJLOlGC5HOT5LnOAIvokHG4u69smF0BegGcZ57ol0QGNH5xVLc
1NkE1pl2/ZQ9ahCAFUVQM2Wyf8oucgYAW5rwOdj37fW9+g1auGvaEe9ewDdohAnh
jvBFhjb7JbNSa8JqNyTLQGUWGkhZ6UzhPqykmzXaL57SV5umpUI/PdZIXXRdxVpO
jT4BMYZvxJHPSlnhnEKtd0El2EIEsjF8oZrRYxI8YuKj7PpQGoD/Jg3XDvdY8d8H
UJmJ30+mCYj6qhfniS4souYtgwAoyNYfhAE1IAsVyXHqcyKzZeRfcMIDgWp3MimN
CgLO+dDigjc7eu8SRrjpUHNocYkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0jTTu
k0tgP8ZF2kLjP8DGHCIrmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcyY2JlYTktMTAwYy00OTc0LTgyMTEtODdkZWJiMGY2ZmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmA
MA0GCSqGSIb3DQEBCwUAA4IBAQAaZDvkR5f50PD0at64hEbeRScUdGPSAXK8t0ar
FX55RBtAztI5fL69sX3nUIPKaE3EpDJz29JB6Hc22aIGJQCWx5s3q1KXrY4zCr1O
E2AFEHEuqZh7+xkZaRBVoz4I5JoSdapkEXbahix7GZv5f6ndPs70zPSS3POWRPrW
fuAg3WUgCDmmnMZHNU50QPciNEEuw+JKjSN2XTG7UuPHihevXpLNokwI7LnJz8Pe
PTA1pNQdy5PF9Al2V83fS8I2n/2QCqIn5Gj2qMIZ7np41p4B2gEwerXKdJRqr3NJ
WAxMTFibDOgaYalidwNwponOH0wvfIa/ZP1F3T+hrigB8S2i
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:49 2025 by rpki-client