Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: WXA+2RqGXBqHVo50A0RTLtzMNjBPPr0gYeRoG4At4dU=
Subject key identifier: 56:CF:9C:15:99:BC:F5:EB:CC:56:6D:83:1B:32:0B:3C:FA:AB:B1:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7555F1B76CE03934AAE3942009A4F40022474AC5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Tue 20 May 2025 19:00:15 +0000
ROA not before: Tue 20 May 2025 19:00:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:55:f1:b7:6c:e0:39:34:aa:e3:94:20:09:a4:f4:00:22:47:4a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=6d720967b3eb0d4f79432a509512fa3c2717e4015ad8414218a9a3194d375cfe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:38:46:5b:fb:39:0b:40:9d:ae:c4:ee:18:fe:
c9:60:08:91:fd:30:ad:e7:5f:2b:54:d3:0f:7b:d9:
a0:95:f5:dc:2c:00:46:c7:3c:44:d0:af:f4:70:5b:
47:bf:a2:0f:45:07:d1:8f:35:28:98:88:0c:54:e7:
12:a0:d7:9b:ba:2b:fb:cb:24:40:b4:1e:21:d2:43:
18:ca:8b:39:22:a9:09:6f:16:b0:52:54:56:45:10:
77:b8:07:2d:3a:eb:d4:c8:e4:6e:c3:35:98:bc:d9:
35:66:93:51:68:fb:73:5f:0c:cd:48:77:9d:62:e2:
f5:49:ff:21:7b:c1:c0:29:69:02:f9:1a:39:d7:a5:
4e:1b:53:c1:dc:1e:1a:77:cc:77:a5:d9:d3:0a:9f:
e5:c6:2f:f1:5d:a0:1b:51:00:a8:d6:55:f5:94:b1:
1d:02:d1:34:bf:38:06:a8:9e:bc:08:4a:62:53:ed:
25:d1:fa:81:55:1e:59:e7:3a:2e:d8:08:53:34:99:
85:60:9d:33:ab:31:ab:aa:9d:ef:3a:84:ac:9d:7b:
e6:43:c5:48:f9:85:5e:96:bf:55:b3:f3:d8:38:65:
7c:45:81:36:83:e8:cc:5f:05:4f:c2:cb:79:18:94:
62:ee:34:8a:17:c5:ee:c9:65:75:37:c0:fd:8d:df:
64:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CF:9C:15:99:BC:F5:EB:CC:56:6D:83:1B:32:0B:3C:FA:AB:B1:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
70:87:80:65:bc:6c:8c:e2:33:0e:ba:69:6a:85:a5:1e:3a:26:
3e:84:9b:35:79:f8:e4:64:cc:ea:16:fb:d0:72:90:a8:14:32:
6a:ec:36:5a:dd:5d:c7:0c:6d:1a:c3:f6:9c:e5:ae:f7:0d:bd:
73:4e:1b:07:b6:50:df:d4:4e:25:f1:64:7a:1c:64:62:90:b2:
c4:d6:1d:1f:42:04:c3:3b:8a:55:3a:e2:51:29:2a:23:58:5a:
b9:ee:51:b4:bd:2b:ec:05:d2:5e:19:c0:8e:d6:12:55:1a:0d:
53:da:ae:bc:b5:e7:bf:bc:74:a0:1b:07:c5:63:90:a5:51:b2:
ac:d9:28:3c:b5:9d:82:43:6c:6b:f9:a4:c8:59:92:87:77:ff:
02:0a:7b:33:dd:6d:8c:4f:cc:17:87:89:aa:12:fa:55:62:70:
f6:8b:a6:97:ad:0f:2a:78:71:de:78:4a:43:ca:bb:8a:7a:1c:
68:e7:ce:8a:29:c1:cb:b0:31:d0:6e:c9:8f:6b:58:30:49:a3:
ed:b4:0f:a9:83:2c:5b:f6:7e:70:fc:fe:fc:0e:e0:45:50:4c:
e9:0d:b5:7b:29:ba:06:14:ea:a3:41:70:45:17:fa:02:d0:c0:
f3:43:6f:dc:57:ae:f0:00:74:98:a3:98:36:a0:d1:c8:c1:66:
79:fd:38:3e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdVXxt2zgOTSq45QgCaT0ACJHSsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkNzIwOTY3YjNlYjBkNGY3OTQzMmE1MDk1MTJmYTNjMjcxN2U0MDE1YWQ4
NDE0MjE4YTlhMzE5NGQzNzVjZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL04Rlv7OQtAna7E7hj+yWAIkf0wredfK1TTD3vZoJX13CwARsc8RNCv9HBb
R7+iD0UH0Y81KJiIDFTnEqDXm7or+8skQLQeIdJDGMqLOSKpCW8WsFJUVkUQd7gH
LTrr1MjkbsM1mLzZNWaTUWj7c18MzUh3nWLi9Un/IXvBwClpAvkaOdelThtTwdwe
GnfMd6XZ0wqf5cYv8V2gG1EAqNZV9ZSxHQLRNL84BqievAhKYlPtJdH6gVUeWec6
LtgIUzSZhWCdM6sxq6qd7zqErJ175kPFSPmFXpa/VbPz2DhlfEWBNoPozF8FT8LL
eRiUYu40ihfF7slldTfA/Y3fZMcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRWz5wV
mbz168xWbYMbMgs8+quxXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEAcIeAZbxsjOIzDrppaoWlHjomPoSbNXn45GTM
6hb70HKQqBQyauw2Wt1dxwxtGsP2nOWu9w29c04bB7ZQ39ROJfFkehxkYpCyxNYd
H0IEwzuKVTriUSkqI1haue5RtL0r7AXSXhnAjtYSVRoNU9quvLXnv7x0oBsHxWOQ
pVGyrNkoPLWdgkNsa/mkyFmSh3f/Agp7M91tjE/MF4eJqhL6VWJw9ouml60PKnhx
3nhKQ8q7inocaOfOiinBy7Ax0G7Jj2tYMEmj7bQPqYMsW/Z+cPz+/A7gRVBM6Q21
eym6BhTqo0FwRRf6AtDA80Nv3Feu8AB0mKOYNqDRyMFmef04Pg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:33 2025 by rpki-client