Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
File: b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa (raw, json)
Hash identifier: T/RrlI2KH2kaUALGSMv1YDT1/+ROkMilwPov1XL7vHw=
Subject key identifier: 49:B3:32:4B:97:47:AE:F7:89:28:05:BF:D8:E1:64:57:5A:4D:D2:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 050CBD7E4921318DB41E3B0F2DF5EC23737C58F1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
Signing time: Tue 20 May 2025 19:40:51 +0000
ROA not before: Tue 20 May 2025 19:40:51 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:0c:bd:7e:49:21:31:8d:b4:1e:3b:0f:2d:f5:ec:23:73:7c:58:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:51 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a0314bf84867685e3282aee87ca2eedf88256299d651216abc80063e68dd91eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:aa:d1:6f:d5:06:12:4a:bb:cd:c9:ee:53:e0:
d6:ea:b1:3e:b0:d2:4e:e5:be:09:50:e3:df:8a:13:
a9:c7:05:6a:63:d8:4c:86:f3:b7:00:1b:cc:62:d3:
eb:08:c7:21:d4:c0:54:3a:01:c4:65:cb:4f:82:08:
97:3b:9c:b9:f4:60:f2:78:f0:f6:78:4e:ec:8e:f6:
65:ee:63:bb:3d:7c:fa:8d:c2:ca:ef:58:8b:d7:e3:
91:8b:b4:3a:d7:67:b5:71:97:ed:14:c3:e5:53:61:
59:d9:ad:5c:4b:a6:b6:92:89:f3:24:31:75:b6:ce:
7f:05:20:41:56:08:1e:55:ed:be:71:01:f9:74:e6:
82:f9:50:9d:00:68:4c:b3:a7:96:2f:ae:65:3d:04:
45:f3:67:e9:b5:cb:e9:f0:a1:f7:b1:42:73:d8:7d:
c6:be:58:26:94:a7:ee:7e:d9:dd:d1:e2:8e:3a:77:
41:89:bc:64:cd:1e:e0:2b:e9:9d:8d:ba:ed:a7:c0:
62:b4:82:43:bb:e9:c5:3a:b0:c0:82:76:58:f9:38:
5f:9b:f9:c3:65:78:a7:2a:c1:7e:b9:ea:a5:8b:8b:
26:66:b4:77:9f:c6:a9:46:ad:7a:e1:36:1f:a3:54:
30:1e:d5:d4:ae:bf:dc:31:87:a7:2d:27:39:b4:dd:
1f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B3:32:4B:97:47:AE:F7:89:28:05:BF:D8:E1:64:57:5A:4D:D2:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c040::/46
Signature Algorithm: sha256WithRSAEncryption
0d:b0:94:64:3f:8f:c7:2a:3a:f3:ab:b3:d4:d8:66:80:32:2e:
98:4c:fc:af:f6:4a:cf:0f:24:0b:c9:d7:d7:17:77:3d:86:9e:
e2:09:9d:d0:5c:b6:95:89:17:14:ca:1c:1c:2f:34:a1:a3:68:
c3:2c:f5:4b:04:28:58:d5:c4:e7:26:7f:ed:ec:0a:80:f7:3d:
4f:5a:5b:7c:30:bc:ba:a4:86:57:be:5c:8b:60:b5:b0:63:c7:
82:9e:33:59:da:d2:e8:95:bd:8c:d8:e8:2c:71:73:49:81:06:
a3:9b:33:2c:47:37:41:f6:f3:d9:61:fc:1c:e7:bb:27:02:38:
9c:9f:a1:97:f3:4b:1a:f5:e6:07:b8:e3:95:c4:c6:45:0c:56:
cc:eb:5c:5b:37:00:00:58:df:89:eb:54:01:80:35:e5:85:78:
b2:6e:89:cc:48:87:05:f8:62:19:de:bc:09:43:65:77:79:32:
34:66:27:0d:eb:96:09:5a:5e:bd:e3:61:0d:e1:29:e7:c6:ee:
63:91:42:0d:2f:f4:8a:12:82:e6:e6:03:00:5d:12:b9:0d:36:
ad:e7:10:14:50:a3:9c:77:4e:05:e6:a1:a7:e3:17:65:5b:36:
e9:53:f9:2c:7c:0d:62:76:27:b9:c6:fe:87:cf:c8:9c:8f:99:
d4:88:1c:a9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBQy9fkkhMY20HjsPLfXsI3N8WPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwNTFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwMzE0YmY4NDg2NzY4NWUzMjgyYWVlODdjYTJlZWRmODgyNTYyOTlkNjUx
MjE2YWJjODAwNjNlNjhkZDkxZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCq0W/VBhJKu83J7lPg1uqxPrDSTuW+CVDj34oTqccFamPYTIbztwAbzGLT
6wjHIdTAVDoBxGXLT4IIlzucufRg8njw9nhO7I72Ze5juz18+o3Cyu9Yi9fjkYu0
OtdntXGX7RTD5VNhWdmtXEumtpKJ8yQxdbbOfwUgQVYIHlXtvnEB+XTmgvlQnQBo
TLOnli+uZT0ERfNn6bXL6fCh97FCc9h9xr5YJpSn7n7Z3dHijjp3QYm8ZM0e4Cvp
nY267afAYrSCQ7vpxTqwwIJ2WPk4X5v5w2V4pyrBfrnqpYuLJma0d5/GqUateuE2
H6NUMB7V1K6/3DGHpy0nObTdH+MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJszJL
l0eu94koBb/Y4WRXWk3SFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQwZGQ5ZWMtNDE3Ny00NDhmLWIzYzItOTM3MjYzMmNkMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
QDANBgkqhkiG9w0BAQsFAAOCAQEADbCUZD+Pxyo686uz1NhmgDIumEz8r/ZKzw8k
C8nX1xd3PYae4gmd0Fy2lYkXFMocHC80oaNowyz1SwQoWNXE5yZ/7ewKgPc9T1pb
fDC8uqSGV75ci2C1sGPHgp4zWdrS6JW9jNjoLHFzSYEGo5szLEc3Qfbz2WH8HOe7
JwI4nJ+hl/NLGvXmB7jjlcTGRQxWzOtcWzcAAFjfietUAYA15YV4sm6JzEiHBfhi
Gd68CUNld3kyNGYnDeuWCVpeveNhDeEp58buY5FCDS/0ihKC5uYDAF0SuQ02recQ
FFCjnHdOBeahp+MXZVs26VP5LHwNYnYnucb+h8/InI+Z1IgcqQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:05 2025 by rpki-client