Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
File: be609ec8-2ad0-42f7-9159-0a3ece35241f.roa (raw, json)
Hash identifier: VB99CShtTHIsWEOQzr5WOU0sOTvaHJHXoEqeEjp78X0=
Subject key identifier: E2:FD:47:E9:42:96:EA:6A:58:7D:D5:D8:AC:F9:D1:E2:3E:90:D2:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59E35FFCDD60B9F7AFAD3255CEA1B1757DFA44A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
Signing time: Tue 10 Jun 2025 17:21:18 +0000
ROA not before: Tue 10 Jun 2025 17:21:18 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:e3:5f:fc:dd:60:b9:f7:af:ad:32:55:ce:a1:b1:75:7d:fa:44:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:18 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=c369b1f5b408adac96f411e955462413763a5e40691b293571920cdbd0e277e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:39:a7:83:e5:e1:cf:ae:a0:d4:10:cc:da:66:
eb:d9:49:a4:dc:59:6f:61:df:ce:40:f9:fa:69:f3:
e1:bd:0b:f2:d6:4d:d9:91:4c:cb:d2:c6:53:fb:b4:
41:83:6c:50:a9:b0:bf:1f:69:4a:94:fe:52:0c:44:
89:02:72:cf:27:bc:de:d8:89:d4:14:53:3d:33:64:
99:82:c9:3a:e2:08:3f:04:d4:20:d6:10:a5:f1:d0:
ac:d8:04:ce:9f:ed:a3:ed:bf:1b:ef:0c:89:07:dd:
99:08:a3:f6:3c:9c:0f:66:83:11:72:3f:ee:14:b0:
b3:63:62:c6:85:6e:9e:a8:31:e2:83:65:36:84:2f:
5d:a4:28:50:e6:58:1a:47:37:e4:ab:8a:0c:a5:95:
8b:0e:ca:3e:ee:5c:6c:48:36:14:21:e0:f3:bf:09:
62:00:2f:c4:d3:fb:2e:9b:67:94:75:86:18:40:d3:
bb:ec:33:66:38:a3:53:8e:2f:fe:79:26:90:c7:ea:
11:6e:af:4c:92:6c:a4:3c:fe:f8:67:64:c3:48:c3:
2a:43:45:4c:35:45:c8:5b:a6:1a:ba:78:5a:15:f2:
06:80:75:87:97:82:b6:1e:92:ac:7c:f8:48:d8:56:
2f:ed:7e:8d:30:ac:e4:99:bf:1f:b7:ed:c3:52:77:
7d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FD:47:E9:42:96:EA:6A:58:7D:D5:D8:AC:F9:D1:E2:3E:90:D2:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:800::/40
Signature Algorithm: sha256WithRSAEncryption
5f:8c:ed:fa:05:63:cd:8f:42:df:31:1c:f9:1e:24:1b:23:40:
50:9d:2a:ff:aa:44:24:ea:87:71:77:5d:03:f2:f1:c8:72:f6:
16:4a:1b:c0:ef:e6:96:c3:10:8f:93:5f:bb:d0:63:87:ee:25:
92:d6:bd:d3:ac:3c:7d:be:08:ee:9a:d9:2c:c8:b0:95:61:7b:
c8:ee:70:91:7a:ba:f0:0e:88:1c:30:ef:f7:e8:fd:3a:9e:5f:
76:90:cc:d1:26:5c:f0:91:ee:46:05:56:65:64:fa:7a:47:a8:
dd:f5:f4:7e:f6:f3:1c:de:1b:cc:c0:e3:10:20:17:89:3b:10:
a0:fc:bc:bc:6d:5f:cb:52:6e:48:6e:2c:22:5e:94:47:29:da:
a2:a2:b0:33:e5:02:b7:56:d0:49:58:ef:ae:5a:3e:0d:89:34:
84:b4:29:70:cd:4e:27:f8:dd:d8:d0:29:fc:74:30:33:23:94:
26:ae:c9:dc:e7:a5:91:e0:26:d1:2b:0d:a6:2a:00:26:19:f1:
92:61:0c:86:5b:c1:d7:b8:ad:a4:24:d4:c5:0d:36:1c:5d:07:
cf:ad:70:28:be:15:27:82:69:ce:38:c6:f0:3a:44:3b:fe:51:
15:7f:5a:41:8c:0d:d0:1c:9e:b5:b0:ee:cf:a6:e6:2b:20:6a:
62:95:4a:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWeNf/N1gufevrTJVzqGxdX36RKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMThaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzNjliMWY1YjQwOGFkYWM5NmY0MTFlOTU1NDYyNDEzNzYzYTVlNDA2OTFi
MjkzNTcxOTIwY2RiZDBlMjc3ZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKE5p4Pl4c+uoNQQzNpm69lJpNxZb2HfzkD5+mnz4b0L8tZN2ZFMy9LGU/u0
QYNsUKmwvx9pSpT+UgxEiQJyzye83tiJ1BRTPTNkmYLJOuIIPwTUINYQpfHQrNgE
zp/to+2/G+8MiQfdmQij9jycD2aDEXI/7hSws2NixoVunqgx4oNlNoQvXaQoUOZY
Gkc35KuKDKWViw7KPu5cbEg2FCHg878JYgAvxNP7LptnlHWGGEDTu+wzZjijU44v
/nkmkMfqEW6vTJJspDz++Gdkw0jDKkNFTDVFyFumGrp4WhXyBoB1h5eCth6SrHz4
SNhWL+1+jTCs5Jm/H7ftw1J3fQ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTi/Ufp
Qpbqalh91dis+dHiPpDSLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MDllYzgtMmFkMC00MmY3LTkxNTktMGEzZWNlMzUyNDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAI
MA0GCSqGSIb3DQEBCwUAA4IBAQBfjO36BWPNj0LfMRz5HiQbI0BQnSr/qkQk6odx
d10D8vHIcvYWShvA7+aWwxCPk1+70GOH7iWS1r3TrDx9vgjumtksyLCVYXvI7nCR
errwDogcMO/36P06nl92kMzRJlzwke5GBVZlZPp6R6jd9fR+9vMc3hvMwOMQIBeJ
OxCg/Ly8bV/LUm5IbiwiXpRHKdqiorAz5QK3VtBJWO+uWj4NiTSEtClwzU4n+N3Y
0Cn8dDAzI5Qmrsnc56WR4CbRKw2mKgAmGfGSYQyGW8HXuK2kJNTFDTYcXQfPrXAo
vhUngmnOOMbwOkQ7/lEVf1pBjA3QHJ61sO7PpuYrIGpilUq4
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:52 2025 by rpki-client