Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: kfMUKMrESNgjuyuk4gkXWRDoVSdE0FpaQcRUVeWUP98=
Subject key identifier: 4B:B9:98:79:28:BD:1D:E0:C3:73:DA:DD:BB:DB:F8:9F:1F:74:7F:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A732581C71C2399E8A0C47C943A607D7B6B86C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Tue 20 May 2025 19:50:09 +0000
ROA not before: Tue 20 May 2025 19:50:09 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:73:25:81:c7:1c:23:99:e8:a0:c4:7c:94:3a:60:7d:7b:6b:86:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:50:09 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=073040a282fc138dab9f915e0f4d35af4b9c27afff3dfd234f27d5a269b66609, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5a:3b:ed:9c:8d:26:f1:62:f7:df:4e:30:ca:
f4:41:0b:e5:0d:a8:ee:6e:9d:6a:59:99:76:b2:9f:
79:9d:20:70:6b:20:2e:be:5d:43:bc:20:44:15:c5:
9a:3e:b4:25:b0:a3:71:5c:cd:97:dd:69:e9:1f:be:
07:d0:1e:f4:da:0c:a3:c3:2a:07:14:3e:ed:f2:2c:
a0:b3:b1:9f:26:0a:e5:89:01:ae:f3:0d:d5:06:98:
f1:01:51:36:fa:f5:90:1b:ad:e3:5f:c7:9e:16:f7:
ca:3a:f0:c2:f8:d5:57:3b:b9:e2:3a:bd:6e:fe:41:
08:9d:03:fa:cf:c9:25:89:e7:42:a6:70:92:8f:13:
44:0a:31:2c:dd:e8:49:ea:de:c4:01:88:59:64:63:
76:9f:ac:dd:74:32:30:a8:87:c2:97:e0:e7:18:44:
04:92:30:69:57:e2:56:b5:27:31:c2:d2:1c:0c:56:
ad:77:c1:94:8a:d3:c6:c2:c2:0b:12:ab:97:7e:ae:
ca:ee:0d:44:59:d8:12:a6:58:c0:fe:51:21:32:22:
4c:de:08:44:ab:28:11:44:9e:20:2a:62:7c:a0:23:
4b:2e:de:22:3a:ff:2d:e6:4f:42:01:b8:f5:de:76:
7e:d5:15:1f:3b:f3:01:7c:4b:5c:bd:8b:c9:86:f2:
0f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B9:98:79:28:BD:1D:E0:C3:73:DA:DD:BB:DB:F8:9F:1F:74:7F:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
04:84:9a:af:ed:47:93:bb:92:23:fe:f2:a9:aa:3b:c5:1e:5f:
dc:3b:59:0e:a2:c9:b3:95:53:c0:94:6f:d6:e3:ef:a3:02:ae:
1a:79:5a:38:75:4d:ae:54:e6:1a:f3:a3:49:55:19:4d:91:1b:
c4:20:6a:54:d1:f6:f0:24:10:35:ad:ec:2d:06:2d:d2:0d:4a:
ae:db:ae:14:46:81:7b:50:f4:c7:bf:80:1b:7b:89:c6:34:6a:
d1:f4:00:4c:ac:3e:43:22:a0:e7:b5:73:03:6d:8a:36:a9:e7:
b3:84:65:af:a3:9f:2e:41:2e:4c:75:d3:7d:fa:e5:6d:be:50:
0a:7e:fe:a9:7d:e9:b3:d7:fe:99:7f:b0:2f:70:6c:e3:82:75:
7d:b8:50:db:29:7c:23:3c:f9:a0:27:3d:ca:1e:ee:ea:8b:e9:
29:db:e7:8a:71:b9:02:f7:79:13:5c:b1:51:3c:2d:e2:c1:b8:
ce:ea:ea:19:e2:95:2f:a3:ef:bd:49:69:fa:a0:4d:0c:8c:50:
15:5c:40:0e:7c:e6:69:63:57:ee:76:bb:df:a1:a8:f4:31:f7:
7c:e5:41:16:c0:d0:90:11:d9:57:9b:85:a2:c4:e1:0a:08:ee:
89:de:55:ca:40:66:ea:1d:18:1f:45:39:d2:6a:8f:7a:d1:a0:
26:97:1f:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUenMlgcccI5nooMR8lDpgfXtrhsMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUwMDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3MzA0MGEyODJmYzEzOGRhYjlmOTE1ZTBmNGQzNWFmNGI5YzI3YWZmZjNk
ZmQyMzRmMjdkNWEyNjliNjY2MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1aO+2cjSbxYvffTjDK9EEL5Q2o7m6dalmZdrKfeZ0gcGsgLr5dQ7wgRBXF
mj60JbCjcVzNl91p6R++B9Ae9NoMo8MqBxQ+7fIsoLOxnyYK5YkBrvMN1QaY8QFR
Nvr1kBut41/Hnhb3yjrwwvjVVzu54jq9bv5BCJ0D+s/JJYnnQqZwko8TRAoxLN3o
SerexAGIWWRjdp+s3XQyMKiHwpfg5xhEBJIwaVfiVrUnMcLSHAxWrXfBlIrTxsLC
CxKrl36uyu4NRFnYEqZYwP5RITIiTN4IRKsoEUSeICpifKAjSy7eIjr/LeZPQgG4
9d52ftUVHzvzAXxLXL2LyYbyD2UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLuZh5
KL0d4MNz2t272/ifH3R/OzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQAEhJqv7UeTu5Ij/vKpqjvFHl/cO1kOosmzlVPA
lG/W4++jAq4aeVo4dU2uVOYa86NJVRlNkRvEIGpU0fbwJBA1rewtBi3SDUqu264U
RoF7UPTHv4Abe4nGNGrR9ABMrD5DIqDntXMDbYo2qeezhGWvo58uQS5MddN9+uVt
vlAKfv6pfemz1/6Zf7AvcGzjgnV9uFDbKXwjPPmgJz3KHu7qi+kp2+eKcbkC93kT
XLFRPC3iwbjO6uoZ4pUvo++9SWn6oE0MjFAVXEAOfOZpY1fudrvfoaj0Mfd85UEW
wNCQEdlXm4WixOEKCO6J3lXKQGbqHRgfRTnSao960aAmlx/k
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:35 2025 by rpki-client