Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
File: b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa (raw, json)
Hash identifier: I/wn57DH+TtFvnE4Njjn8GBQEpbwgNoM2KJRNkZVoX0=
Subject key identifier: A4:37:23:48:D4:01:92:6D:FC:BC:F1:A4:AA:D5:C4:A9:B5:1E:19:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5322FEC36BF9BC3BF0C0078B09CC4FF088D91D50
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
Signing time: Tue 20 May 2025 20:20:57 +0000
ROA not before: Tue 20 May 2025 20:20:57 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:22:fe:c3:6b:f9:bc:3b:f0:c0:07:8b:09:cc:4f:f0:88:d9:1d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:20:57 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0ae65168538284e68dee571d2fc396d0e79514a1e0c6a78a250651b7ef8fb511, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:3f:5e:f5:96:a8:4c:6d:c3:ec:b1:b5:e5:
68:b9:b3:37:7d:c2:f1:90:b9:fd:b7:67:05:81:c6:
34:4f:d3:95:ab:84:db:37:77:e9:8d:f2:6d:e0:20:
6e:22:61:0c:ae:63:e9:72:fc:91:72:23:79:ea:6d:
3d:ef:6e:47:9f:37:b7:dd:9b:f2:20:47:46:af:d5:
a7:df:12:76:6b:a9:a3:32:d0:76:54:e4:d0:0e:fc:
c6:8a:f2:1c:aa:50:f5:57:68:df:53:51:bd:9c:1d:
d3:0f:f5:eb:01:f5:72:f0:72:f9:a4:bc:49:43:e1:
65:3f:9c:f0:0f:1c:ed:ff:bb:7e:49:9d:c0:c3:f6:
5d:c8:9f:2b:cc:d9:a4:50:1a:91:88:2f:f6:e2:97:
f7:2e:f2:e0:40:e5:e2:4c:e8:4c:ed:58:8c:84:3f:
c2:b5:2c:96:85:60:0e:d0:5d:a2:a6:99:ac:ba:b2:
f3:70:ba:88:ff:36:47:0e:19:91:e6:8d:e9:02:03:
44:02:13:c6:77:0b:bb:ef:af:d3:59:e1:b2:c3:c1:
b9:8b:37:1e:78:ee:da:ec:30:c7:be:34:d3:57:0a:
c6:29:ba:bc:d7:cf:93:25:12:d4:23:52:b2:07:cc:
4c:29:22:c5:08:f6:17:29:74:51:da:de:7f:01:92:
54:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:37:23:48:D4:01:92:6D:FC:BC:F1:A4:AA:D5:C4:A9:B5:1E:19:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:800::/38
Signature Algorithm: sha256WithRSAEncryption
96:00:ed:da:c7:f1:30:4e:20:cf:b4:d6:c6:07:dd:16:58:ce:
e0:90:4b:93:7c:c4:f0:88:c7:3c:ff:16:e8:8c:e4:98:78:2e:
9b:ca:3f:31:4e:d9:76:8b:22:7d:b8:25:f3:49:8d:9a:5f:bd:
2d:ab:66:d0:e3:ca:93:ad:29:79:96:5c:5a:15:57:9d:2c:ea:
03:63:96:7a:c3:4b:4e:13:2a:38:ba:b2:8c:4d:21:6a:e4:5b:
61:66:32:63:21:11:89:f4:11:58:74:b7:d2:0d:2b:cd:eb:d7:
6e:cf:93:25:1b:ec:61:75:5f:d4:79:0b:fb:e2:9e:83:7c:44:
3f:b1:24:9a:1c:31:69:97:04:2b:06:b9:77:b8:36:ca:f3:ef:
1d:01:74:c5:8c:d9:35:d4:a2:7e:89:2b:c3:d8:34:e9:f7:df:
00:c5:23:3c:6f:91:92:98:58:dd:53:4c:44:e8:3e:31:1b:3b:
5a:fb:65:b3:4b:09:56:94:0f:89:00:4c:50:18:27:ec:9f:fe:
01:90:30:6f:61:a0:e6:c8:42:a8:01:21:f8:5c:fd:a0:c1:b3:
94:0a:66:6f:58:b2:8e:b9:0a:e0:fb:27:d0:5e:26:f6:ad:cf:
78:a7:13:17:bf:97:6b:14:fa:db:39:d3:37:26:7d:8a:90:cf:
b2:3c:62:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUyL+w2v5vDvwwAeLCcxP8IjZHVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIwNTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhZTY1MTY4NTM4Mjg0ZTY4ZGVlNTcxZDJmYzM5NmQwZTc5NTE0YTFlMGM2
YTc4YTI1MDY1MWI3ZWY4ZmI1MTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/mP171lqhMbcPssbXlaLmzN33C8ZC5/bdnBYHGNE/TlauE2zd36Y3ybeAg
biJhDK5j6XL8kXIjeeptPe9uR583t92b8iBHRq/Vp98SdmupozLQdlTk0A78xory
HKpQ9Vdo31NRvZwd0w/16wH1cvBy+aS8SUPhZT+c8A8c7f+7fkmdwMP2XcifK8zZ
pFAakYgv9uKX9y7y4EDl4kzoTO1YjIQ/wrUsloVgDtBdoqaZrLqy83C6iP82Rw4Z
keaN6QIDRAITxncLu++v01nhssPBuYs3Hnju2uwwx74001cKxim6vNfPkyUS1CNS
sgfMTCkixQj2Fyl0UdrefwGSVJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkNyNI
1AGSbfy88aSq1cSptR4ZRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yjc2NjgzZmItZDQxZi00YmZkLWJhNzgtYjRiMjQ5MmFjZDFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4I
MA0GCSqGSIb3DQEBCwUAA4IBAQCWAO3ax/EwTiDPtNbGB90WWM7gkEuTfMTwiMc8
/xbojOSYeC6byj8xTtl2iyJ9uCXzSY2aX70tq2bQ48qTrSl5llxaFVedLOoDY5Z6
w0tOEyo4urKMTSFq5FthZjJjIRGJ9BFYdLfSDSvN69duz5MlG+xhdV/UeQv74p6D
fEQ/sSSaHDFplwQrBrl3uDbK8+8dAXTFjNk11KJ+iSvD2DTp998AxSM8b5GSmFjd
U0xE6D4xGzta+2WzSwlWlA+JAExQGCfsn/4BkDBvYaDmyEKoASH4XP2gwbOUCmZv
WLKOuQrg+yfQXib2rc94pxMXv5drFPrbOdM3Jn2KkM+yPGIe
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:56 2025 by rpki-client