Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json)
Hash identifier: U70H3cBet1szzVV8fx/C7mfSZe+j20+QrYW/oR7ti6M=
Subject key identifier: 03:5C:CD:BE:6B:7A:E0:72:9D:54:A3:D1:CB:94:97:E7:56:16:F4:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4319D78E8C74503100EE023E4B2B476C43A78BFE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
Signing time: Tue 20 May 2025 20:20:19 +0000
ROA not before: Tue 20 May 2025 20:20:19 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:19:d7:8e:8c:74:50:31:00:ee:02:3e:4b:2b:47:6c:43:a7:8b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:20:19 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1b7a297fa759dc5b9ca33d33e37a491c1a0791a22f8aed27126b3dfa80ebf69d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:43:e6:a8:f9:e0:63:03:d8:90:6d:d1:01:6a:
7d:f9:fa:3b:88:09:7f:e3:7b:20:41:db:a3:84:43:
a0:ef:b7:9b:7e:0f:6a:0b:50:e2:5a:b8:d8:65:d9:
4a:19:13:d0:aa:62:ac:50:95:86:80:bd:80:71:9f:
bc:8a:48:bb:e8:e0:ea:94:ee:f5:10:08:4d:07:30:
3a:7f:14:0a:fa:e1:e4:8f:76:52:ea:ea:7f:14:cc:
a7:01:15:73:d5:44:97:fa:6d:57:d3:00:13:2e:74:
ab:8a:7d:77:06:e1:d4:8e:7e:e2:25:8b:28:45:d6:
08:58:5b:65:b9:c6:50:da:fe:bc:8a:ac:bd:dc:c4:
b0:75:58:4b:2f:19:37:bd:b6:90:17:3a:d0:24:de:
ac:e4:d0:0b:0a:56:70:ca:f3:da:b2:a0:ab:31:ec:
aa:ab:a4:f9:1b:cd:e4:51:23:9d:4f:b0:29:02:de:
07:a6:61:9f:49:38:51:8c:de:2f:45:2e:fb:35:59:
1c:b8:94:fa:55:89:e6:84:df:d4:e3:43:bf:51:85:
b8:f8:71:ce:fa:3f:59:83:af:a3:7c:ae:e9:01:73:
d6:98:d8:73:13:ef:2c:da:9c:6e:55:c3:13:56:00:
80:9b:ba:0a:1b:a2:fb:20:c2:ce:dd:ef:fa:19:f5:
01:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5C:CD:BE:6B:7A:E0:72:9D:54:A3:D1:CB:94:97:E7:56:16:F4:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:800::/38
Signature Algorithm: sha256WithRSAEncryption
85:89:6a:7e:f5:1b:05:76:dc:1f:de:6f:f7:6a:c4:79:59:3c:
0f:32:4f:11:b7:28:42:5b:cb:60:fd:e2:42:11:d8:bb:f1:0c:
f8:01:68:7e:6b:5c:b0:57:df:ee:d1:c5:5d:80:35:f7:da:1d:
ab:9c:88:ad:a6:94:e9:8a:45:dc:79:1f:9d:a8:c3:c0:ef:4b:
57:58:ce:82:3e:13:7c:c7:23:26:4a:14:b5:32:24:04:00:3d:
a6:78:ce:2d:7b:36:7e:cc:d2:64:45:38:6c:64:5b:39:04:57:
13:79:1a:cf:9e:78:ba:29:1a:43:33:13:09:10:90:bf:b3:a9:
71:53:bc:b0:83:5e:4a:69:b6:76:79:73:24:06:d8:c7:69:8f:
af:a8:16:33:7f:c7:66:30:a2:25:3b:82:56:2f:87:b1:33:1a:
15:9c:78:44:ff:60:cf:19:2a:43:20:49:7b:f2:f8:07:4e:17:
3c:1f:91:50:fd:c7:db:5a:a4:0e:15:93:43:06:41:2b:86:e2:
ec:4b:7d:60:f9:d9:df:d8:27:41:57:45:c0:15:45:ff:8e:9a:
fd:8f:1a:0a:74:4b:e6:8b:17:63:66:53:3a:5c:d8:c2:1e:36:
61:ab:ca:56:48:de:34:3c:d5:b8:63:e0:64:4f:25:9e:45:0a:
1a:c2:bd:98
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQxnXjox0UDEA7gI+SytHbEOni/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIwMTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiN2EyOTdmYTc1OWRjNWI5Y2EzM2QzM2UzN2E0OTFjMWEwNzkxYTIyZjhh
ZWQyNzEyNmIzZGZhODBlYmY2OWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhD5qj54GMD2JBt0QFqffn6O4gJf+N7IEHbo4RDoO+3m34PagtQ4lq42GXZ
ShkT0KpirFCVhoC9gHGfvIpIu+jg6pTu9RAITQcwOn8UCvrh5I92UurqfxTMpwEV
c9VEl/ptV9MAEy50q4p9dwbh1I5+4iWLKEXWCFhbZbnGUNr+vIqsvdzEsHVYSy8Z
N722kBc60CTerOTQCwpWcMrz2rKgqzHsqquk+RvN5FEjnU+wKQLeB6Zhn0k4UYze
L0Uu+zVZHLiU+lWJ5oTf1ONDv1GFuPhxzvo/WYOvo3yu6QFz1pjYcxPvLNqcblXD
E1YAgJu6Chui+yDCzt3v+hn1AWUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDXM2+
a3rgcp1Uo9HLlJfnVhb0EzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI
MA0GCSqGSIb3DQEBCwUAA4IBAQCFiWp+9RsFdtwf3m/3asR5WTwPMk8RtyhCW8tg
/eJCEdi78Qz4AWh+a1ywV9/u0cVdgDX32h2rnIitppTpikXceR+dqMPA70tXWM6C
PhN8xyMmShS1MiQEAD2meM4tezZ+zNJkRThsZFs5BFcTeRrPnni6KRpDMxMJEJC/
s6lxU7ywg15KabZ2eXMkBtjHaY+vqBYzf8dmMKIlO4JWL4exMxoVnHhE/2DPGSpD
IEl78vgHThc8H5FQ/cfbWqQOFZNDBkErhuLsS31g+dnf2CdBV0XAFUX/jpr9jxoK
dEvmixdjZlM6XNjCHjZhq8pWSN40PNW4Y+BkTyWeRQoawr2Y
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:12 2025 by rpki-client