Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddf3d6f-37b0-4b6c-93fa-2753d8700b96.roa
File: bddf3d6f-37b0-4b6c-93fa-2753d8700b96.roa (raw, json)
Hash identifier: bTBWIcCdJfyisZ2ynpT62lbfq/gbKYh9MSwjsVETg1E=
Subject key identifier: 72:8E:66:73:3F:F8:DA:26:0A:2B:44:F5:99:4B:83:01:77:EA:B5:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AB8345F577129791DC43B805C989D594CD848A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddf3d6f-37b0-4b6c-93fa-2753d8700b96.roa
Signing time: Tue 20 May 2025 19:51:51 +0000
ROA not before: Tue 20 May 2025 19:51:51 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:b8:34:5f:57:71:29:79:1d:c4:3b:80:5c:98:9d:59:4c:d8:48:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:51 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=db6f8d52d42830a35179979e7ef13929bf115e02d9b2c604ae66b799001dd49c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:2b:a4:15:6b:d0:97:82:81:f6:62:40:de:51:
3f:81:f4:5d:47:e4:50:ef:6b:12:1b:8f:f2:be:e0:
dd:18:39:d8:40:06:3c:59:9a:8d:c6:6a:22:2e:1b:
b8:85:54:02:28:a9:47:84:94:34:96:9a:30:6e:a7:
01:e5:eb:66:f8:a6:d4:61:0e:76:a7:f8:36:fc:88:
30:0b:f7:02:db:c4:24:85:97:f8:f4:ba:47:52:a8:
c6:80:d5:f3:fd:ef:33:d8:ec:95:72:03:24:81:7b:
99:fe:a1:1b:31:ac:05:3f:86:19:d5:e9:f6:ee:5c:
bf:da:3c:22:c2:04:be:aa:7d:8d:fc:d5:de:a2:9d:
cc:8b:b1:2e:bf:b4:c6:32:9e:07:4f:c7:66:f5:19:
1c:6b:38:13:05:ef:3b:67:02:c4:f9:8b:2d:28:63:
04:92:23:e2:54:5e:8d:fb:29:30:b4:d4:de:cb:c3:
e2:a1:ed:b7:12:e4:81:ba:a6:1b:34:af:a1:48:d8:
47:dd:9b:b0:ab:3c:ad:e8:fe:09:3e:22:20:88:1a:
75:3f:de:8b:a3:96:30:29:f9:64:b6:82:07:21:4d:
31:78:81:fa:a9:8a:cc:b0:61:20:63:e2:89:ee:0e:
3f:77:0d:50:9b:da:b2:70:0a:2e:d7:c7:f3:1e:6f:
96:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8E:66:73:3F:F8:DA:26:0A:2B:44:F5:99:4B:83:01:77:EA:B5:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddf3d6f-37b0-4b6c-93fa-2753d8700b96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:45:b4:6a:02:e8:29:2d:c1:8c:95:7e:08:1c:47:95:ad:50:
ed:c4:1c:87:b0:10:d2:49:80:e1:16:87:63:2f:3c:c5:fa:8b:
a6:5c:a5:a4:f6:ed:ac:87:6b:41:0a:61:46:32:b5:66:b5:d9:
4c:a3:5e:35:c9:cc:49:07:f9:9b:37:6b:19:ff:03:86:9b:9d:
4e:e1:4d:dc:21:22:da:a0:24:89:4f:4a:06:10:a5:57:21:05:
e1:8e:ad:8f:f3:4e:11:14:d9:a4:be:44:01:46:1e:df:d6:3f:
1c:1c:97:82:4b:ef:f0:24:25:e2:05:76:22:31:55:f1:b0:13:
18:f1:2f:54:83:74:7d:3f:ee:f1:3c:b8:7e:7f:f9:93:80:6a:
6d:f1:ed:1a:0b:00:f6:a2:c1:10:d3:89:08:56:86:f4:1a:57:
ca:5c:90:2b:41:81:79:2c:a1:4e:5e:5b:d8:d3:09:d3:ad:16:
9f:18:5d:75:b0:07:39:5d:3b:7a:5e:70:33:90:ea:c3:73:63:
2a:16:95:f9:b0:27:ea:16:8e:d4:d2:93:c6:f4:a1:31:18:55:
b6:7b:ed:29:e7:23:db:d8:ca:c1:b9:35:dc:5c:8e:c1:89:7f:
9e:97:e3:73:62:d2:5a:8c:89:6b:99:11:be:fb:98:06:d1:72:
63:fe:11:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKrg0X1dxKXkdxDuAXJidWUzYSKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxNTFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNmY4ZDUyZDQyODMwYTM1MTc5OTc5ZTdlZjEzOTI5YmYxMTVlMDJkOWIy
YzYwNGFlNjZiNzk5MDAxZGQ0OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPIrpBVr0JeCgfZiQN5RP4H0XUfkUO9rEhuP8r7g3Rg52EAGPFmajcZqIi4b
uIVUAiipR4SUNJaaMG6nAeXrZvim1GEOdqf4NvyIMAv3AtvEJIWX+PS6R1KoxoDV
8/3vM9jslXIDJIF7mf6hGzGsBT+GGdXp9u5cv9o8IsIEvqp9jfzV3qKdzIuxLr+0
xjKeB0/HZvUZHGs4EwXvO2cCxPmLLShjBJIj4lRejfspMLTU3svD4qHttxLkgbqm
GzSvoUjYR92bsKs8rej+CT4iIIgadT/ei6OWMCn5ZLaCByFNMXiB+qmKzLBhIGPi
ie4OP3cNUJvasnAKLtfH8x5vlmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyjmZz
P/jaJgorRPWZS4MBd+q1yzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZjNkNmYtMzdiMC00YjZjLTkzZmEtMjc1M2Q4NzAwYjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HeA
MA0GCSqGSIb3DQEBCwUAA4IBAQCzRbRqAugpLcGMlX4IHEeVrVDtxByHsBDSSYDh
FodjLzzF+oumXKWk9u2sh2tBCmFGMrVmtdlMo141ycxJB/mbN2sZ/wOGm51O4U3c
ISLaoCSJT0oGEKVXIQXhjq2P804RFNmkvkQBRh7f1j8cHJeCS+/wJCXiBXYiMVXx
sBMY8S9Ug3R9P+7xPLh+f/mTgGpt8e0aCwD2osEQ04kIVob0GlfKXJArQYF5LKFO
XlvY0wnTrRafGF11sAc5XTt6XnAzkOrDc2MqFpX5sCfqFo7U0pPG9KExGFW2e+0p
5yPb2MrBuTXcXI7BiX+el+NzYtJajIlrmRG++5gG0XJj/hFB
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:56 2025 by rpki-client