Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
File: b5baa4ff-ac5d-476f-a428-fb66fb294867.roa (raw, json)
Hash identifier: s742QK6mb6AkchXPkx/siINSmxg6SHmSN3ai31ynKDA=
Subject key identifier: EA:D7:EE:75:C8:EC:7B:D2:AD:47:56:00:24:E4:1A:AB:B7:2C:2B:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15ED3072A9134C71AFD819FEB9F4E0C74496687A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
Signing time: Tue 20 May 2025 19:51:54 +0000
ROA not before: Tue 20 May 2025 19:51:54 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:ed:30:72:a9:13:4c:71:af:d8:19:fe:b9:f4:e0:c7:44:96:68:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:54 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d8b1dda2744e02633d3c8f353b2debcf2f783215bf46ca63cf0619a469ecec71, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5d:6c:e1:e4:02:0e:d8:a7:64:67:8c:0a:4c:
a9:3e:14:e3:a3:51:0b:01:f9:78:0c:45:53:6b:94:
68:44:be:22:8e:3d:b3:10:db:e3:8a:b6:f5:11:3c:
e8:93:f3:19:fe:53:24:8a:51:02:bc:e7:87:e3:36:
7b:c7:b5:e7:d4:93:ee:0a:6b:c0:b8:f7:59:b7:53:
45:e3:db:17:9a:5a:25:0c:5a:78:55:df:c3:fa:fd:
36:0d:d9:8e:92:c4:5a:fe:e7:d6:17:40:0a:c3:6c:
85:ec:4e:90:2f:30:93:b5:9f:8d:80:aa:cd:0b:f4:
82:fc:25:bb:b5:f3:92:3e:fc:61:2a:a4:61:2e:48:
19:0e:3e:50:46:c6:65:83:b4:b2:06:64:fe:1f:6b:
2b:66:69:13:e9:a9:86:4f:4f:0f:b5:94:69:c2:35:
b4:3d:46:08:32:4a:3b:34:a0:01:4d:5b:52:0f:71:
65:70:39:4b:44:69:73:33:65:c2:44:e3:80:29:44:
bc:76:eb:21:85:a4:65:67:0b:a3:86:6c:4a:43:50:
e1:d9:dd:a7:67:c7:13:35:78:eb:04:9d:1f:e7:cc:
06:9e:18:92:b1:48:e8:98:80:a2:2d:50:ea:b2:5a:
8e:47:14:be:70:38:6d:e6:1b:8f:01:22:75:89:3c:
cf:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D7:EE:75:C8:EC:7B:D2:AD:47:56:00:24:E4:1A:AB:B7:2C:2B:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c5:d2:61:70:4b:c2:53:9f:af:d3:9c:fa:2e:14:37:b8:56:4d:
9a:8a:1c:bf:7e:6f:22:de:46:8b:35:b8:1f:ce:7a:13:bb:19:
f4:ce:55:68:91:b2:7d:04:7d:73:b2:44:e4:2d:af:cd:85:63:
ea:99:36:60:54:58:fe:64:f3:c7:20:60:30:4b:a2:7f:ed:8d:
92:65:92:33:3c:6c:1b:b6:94:74:ae:e3:7d:c9:4a:4e:7a:13:
1e:7f:70:37:a0:e6:30:dc:46:8c:ea:6c:87:db:55:41:8a:05:
d6:de:a3:35:b9:20:0d:c9:50:b5:f7:3a:a0:81:51:84:07:b3:
5c:a4:8b:33:d4:c1:49:86:cc:43:7e:82:1e:17:c0:fb:02:68:
eb:20:09:8d:8a:e0:0e:d0:b8:bd:3c:ee:34:c4:b2:8c:cb:24:
d9:f6:9a:c8:d9:ea:75:f1:f7:a0:6f:d1:9c:2d:45:ee:94:4f:
30:80:a5:38:0c:21:75:b1:a0:d2:e8:84:10:5c:21:76:ec:1e:
6c:70:e7:8d:40:55:a5:29:e1:f6:b4:35:63:3c:78:c0:8d:3b:
a0:ef:03:f6:ff:e7:42:c2:a8:b3:cb:26:55:d9:a3:15:13:27:
2f:4d:8b:0b:64:b9:70:bf:da:b1:4c:f4:dc:49:26:71:52:0c:
f4:5c:b1:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFe0wcqkTTHGv2Bn+ufTgx0SWaHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxNTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4YjFkZGEyNzQ0ZTAyNjMzZDNjOGYzNTNiMmRlYmNmMmY3ODMyMTViZjQ2
Y2E2M2NmMDYxOWE0NjllY2VjNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNdbOHkAg7Yp2RnjApMqT4U46NRCwH5eAxFU2uUaES+Io49sxDb44q29RE8
6JPzGf5TJIpRArznh+M2e8e159ST7gprwLj3WbdTRePbF5paJQxaeFXfw/r9Ng3Z
jpLEWv7n1hdACsNshexOkC8wk7WfjYCqzQv0gvwlu7Xzkj78YSqkYS5IGQ4+UEbG
ZYO0sgZk/h9rK2ZpE+mphk9PD7WUacI1tD1GCDJKOzSgAU1bUg9xZXA5S0RpczNl
wkTjgClEvHbrIYWkZWcLo4ZsSkNQ4dndp2fHEzV46wSdH+fMBp4YkrFI6JiAoi1Q
6rJajkcUvnA4beYbjwEidYk8z/MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTq1+51
yOx70q1HVgAk5BqrtywrfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjViYWE0ZmYtYWM1ZC00NzZmLWE0MjgtZmI2NmZiMjk0ODY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HdA
MA0GCSqGSIb3DQEBCwUAA4IBAQDF0mFwS8JTn6/TnPouFDe4Vk2aihy/fm8i3kaL
NbgfznoTuxn0zlVokbJ9BH1zskTkLa/NhWPqmTZgVFj+ZPPHIGAwS6J/7Y2SZZIz
PGwbtpR0ruN9yUpOehMef3A3oOYw3EaM6myH21VBigXW3qM1uSANyVC19zqggVGE
B7NcpIsz1MFJhsxDfoIeF8D7AmjrIAmNiuAO0Li9PO40xLKMyyTZ9prI2ep18feg
b9GcLUXulE8wgKU4DCF1saDS6IQQXCF27B5scOeNQFWlKeH2tDVjPHjAjTug7wP2
/+dCwqizyyZV2aMVEycvTYsLZLlwv9qxTPTcSSZxUgz0XLG0
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:27 2025 by rpki-client