Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
File: b4bc5ce4-db80-4527-b720-60a744036322.roa (raw, json)
Hash identifier: QrfEsAdKdHtYtzKyqjogV1TWYh/zXSaeF9i4Gr2w6Jc=
Subject key identifier: 16:2E:91:4E:B6:05:D3:CD:3C:F3:2B:88:E3:8C:7D:7F:EC:82:7B:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F5254EB84863FDBBECBF1BAFC7158CED44E3F8C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
Signing time: Tue 20 May 2025 20:00:21 +0000
ROA not before: Tue 20 May 2025 20:00:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:52:54:eb:84:86:3f:db:be:cb:f1:ba:fc:71:58:ce:d4:4e:3f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=43785fa44c8a21070f4fcf67d927ca00872f7cc2622e6315bee223b1c3f92748, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:85:d9:8c:b2:06:e6:04:92:4e:8a:4e:23:eb:
02:5e:31:c4:27:f6:1b:49:2b:c3:c7:70:76:63:6c:
2d:0f:0f:ac:65:65:ea:ff:f5:62:a6:87:dc:8d:35:
1c:c2:68:ae:89:e6:7a:ec:bb:3e:22:fe:e5:4e:c3:
71:96:d9:d6:4c:36:25:e2:1e:63:f4:e2:46:38:1a:
77:f3:df:31:5f:9f:8a:e9:9f:83:00:dc:8f:f5:ff:
ca:cd:ab:6a:96:aa:8e:79:b3:e4:29:3c:30:94:7b:
cc:eb:55:6b:2b:7d:5e:cb:ed:ac:7a:60:4e:d9:9d:
1d:a7:ba:b5:e3:ef:61:df:89:96:40:06:53:47:d4:
4d:21:92:b8:5a:6e:91:45:30:48:7a:e6:2a:ae:91:
f3:81:a1:e3:6b:b5:3d:f2:f6:d2:0b:99:42:e0:89:
8d:3c:37:88:ad:17:ba:9a:9e:b8:28:5c:f0:42:bb:
c2:f8:a9:8d:e7:84:79:62:0e:a7:c3:45:65:b3:bc:
d3:d9:cb:c0:67:b0:3b:da:d9:b8:01:52:fe:25:6b:
0f:b3:af:3c:81:ef:4f:10:a7:80:25:68:c2:c2:f0:
e8:c1:bc:e7:e5:ea:8b:62:1b:47:14:02:db:62:8e:
27:6c:a5:b7:e9:26:d5:d5:2b:f5:27:0e:8b:49:1b:
e5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2E:91:4E:B6:05:D3:CD:3C:F3:2B:88:E3:8C:7D:7F:EC:82:7B:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:b000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:8d:09:04:2e:bb:36:2d:65:68:f9:43:36:4d:eb:ab:e9:ac:
61:74:4d:57:01:3a:a7:47:7b:3c:29:91:d4:e9:fa:63:3a:1b:
5f:2b:44:09:e0:e7:d6:6d:02:6f:9e:e3:9c:7c:4d:cb:41:39:
3b:91:00:93:89:98:7c:20:e5:9f:83:47:45:ca:d0:4c:68:e6:
d4:12:7f:de:c5:a8:39:7a:17:25:d4:c5:fc:ff:86:9d:35:9d:
95:88:7e:24:52:c0:12:7c:e1:14:a9:bf:2c:cc:04:a2:3d:52:
d2:cf:55:2a:19:3c:98:21:37:c2:bc:10:cf:fa:af:cd:32:ab:
4e:fd:50:42:c6:80:c2:11:3b:cc:ed:0a:f6:82:c0:91:11:84:
7a:e5:cd:22:13:28:65:e5:26:24:eb:cd:0f:30:f1:94:00:a3:
a1:0d:ad:b1:c0:36:60:e1:52:51:ad:4c:d5:e8:cc:1c:67:3f:
8c:c2:24:31:c1:17:95:0a:25:9d:92:f6:19:d5:2e:04:c2:2c:
2c:35:90:95:0c:ea:da:c3:86:07:b3:b2:9c:42:0a:76:46:bd:
1d:4d:5b:20:55:f1:0b:ab:37:01:7f:a7:49:57:93:f9:f9:33:
e6:70:0e:1a:f8:f9:f5:ab:b6:67:65:24:43:05:f0:e3:d9:f5:
b8:86:f3:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH1JU64SGP9u+y/G6/HFYztROP4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzNzg1ZmE0NGM4YTIxMDcwZjRmY2Y2N2Q5MjdjYTAwODcyZjdjYzI2MjJl
NjMxNWJlZTIyM2IxYzNmOTI3NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCF2YyyBuYEkk6KTiPrAl4xxCf2G0krw8dwdmNsLQ8PrGVl6v/1YqaH3I01
HMJoronmeuy7PiL+5U7DcZbZ1kw2JeIeY/TiRjgad/PfMV+fiumfgwDcj/X/ys2r
apaqjnmz5Ck8MJR7zOtVayt9XsvtrHpgTtmdHae6tePvYd+JlkAGU0fUTSGSuFpu
kUUwSHrmKq6R84Gh42u1PfL20guZQuCJjTw3iK0XupqeuChc8EK7wvipjeeEeWIO
p8NFZbO809nLwGewO9rZuAFS/iVrD7OvPIHvTxCngCVowsLw6MG85+Xqi2IbRxQC
22KOJ2ylt+km1dUr9ScOi0kb5f8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWLpFO
tgXTzTzzK4jjjH1/7IJ78zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjRiYzVjZTQtZGI4MC00NTI3LWI3MjAtNjBhNzQ0MDM2MzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6w
MA0GCSqGSIb3DQEBCwUAA4IBAQDEjQkELrs2LWVo+UM2Teur6axhdE1XATqnR3s8
KZHU6fpjOhtfK0QJ4OfWbQJvnuOcfE3LQTk7kQCTiZh8IOWfg0dFytBMaObUEn/e
xag5ehcl1MX8/4adNZ2ViH4kUsASfOEUqb8szASiPVLSz1UqGTyYITfCvBDP+q/N
MqtO/VBCxoDCETvM7Qr2gsCREYR65c0iEyhl5SYk680PMPGUAKOhDa2xwDZg4VJR
rUzV6MwcZz+MwiQxwReVCiWdkvYZ1S4EwiwsNZCVDOraw4YHs7KcQgp2Rr0dTVsg
VfELqzcBf6dJV5P5+TPmcA4a+Pn1q7ZnZSRDBfDj2fW4hvOm
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:45 2025 by rpki-client