Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
File: bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa (raw, json)
Hash identifier: gb1IjGnT5whZYtjPPf7ZuI80E2xb0XaVykdIP4EYkP4=
Subject key identifier: 78:DB:EE:B7:A0:A7:35:DB:62:5E:1D:46:70:5B:FD:D3:01:93:9D:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EB5AE5F8FCD5AE71EFA240270637EDFCA81DF46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
Signing time: Tue 20 May 2025 18:41:03 +0000
ROA not before: Tue 20 May 2025 18:41:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:b5:ae:5f:8f:cd:5a:e7:1e:fa:24:02:70:63:7e:df:ca:81:df:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2cc3a01731081031880326c8f93f197016a93d9e5ae470c36981bacb7e06dccb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:5d:ce:d7:4b:c7:96:7e:02:89:e4:c8:d7:
83:03:4f:56:14:37:59:49:4a:37:2c:cb:0e:d1:41:
ce:46:99:64:07:ef:37:dc:c7:2f:ce:d2:b2:1b:8c:
ac:5b:ee:67:ee:3c:c4:8e:6c:be:ee:15:05:0f:c0:
62:ff:56:d0:0e:bd:89:54:65:de:97:a0:50:3d:70:
5f:36:11:8c:2f:d3:af:85:39:b3:a6:d1:9c:e3:27:
73:06:56:7b:80:8e:9c:07:22:e4:73:f3:84:02:1c:
40:db:56:50:88:20:0e:80:7b:7f:f8:50:5b:46:a8:
50:e7:6e:de:63:df:40:70:67:c3:70:bc:b1:c3:7a:
2d:d1:b0:b8:c6:85:d9:cd:6d:6b:7e:9f:fa:50:d7:
98:71:62:ae:1b:f8:3e:0b:68:d1:af:30:0e:5f:f3:
29:10:d4:3d:d1:4e:06:4d:70:59:1c:0e:20:c0:24:
d4:be:a3:1f:47:b6:c9:2a:06:eb:db:33:ed:5c:a4:
dc:18:2b:7b:e7:11:12:99:ca:c4:e3:a2:24:bc:b0:
74:08:0a:a5:ca:56:42:0e:d6:90:a5:d7:4f:0c:85:
0e:64:56:9b:87:74:f1:ba:10:c3:7a:93:c7:f4:1e:
b2:0a:82:03:0e:85:1e:da:cc:5d:65:d3:b1:ab:17:
34:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:DB:EE:B7:A0:A7:35:DB:62:5E:1D:46:70:5B:FD:D3:01:93:9D:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4020::/48
Signature Algorithm: sha256WithRSAEncryption
41:77:5e:9c:3e:4e:7f:97:94:7a:0d:dd:05:a9:60:9a:82:d6:
79:14:e3:ec:99:92:eb:fc:f6:b2:1b:22:4d:3c:d9:42:60:73:
0a:ef:ea:f4:9d:6b:d0:e9:cb:71:30:33:f7:4c:b8:c4:24:0d:
2e:0c:c5:1c:9d:26:ae:5d:ec:14:94:62:8f:e8:ec:44:7e:83:
d7:cc:72:20:9d:0b:26:1f:4a:e7:9a:d8:4d:f1:27:e0:d1:47:
ce:05:47:0b:68:e4:7c:1a:e6:35:ff:95:d7:35:ce:c3:92:2c:
e0:2c:88:5a:14:a7:84:ff:d8:eb:33:f8:3f:e4:ff:7f:92:c1:
ca:c5:05:7a:c1:a4:34:ba:5a:64:5c:1e:28:0b:cf:ca:04:cf:
35:0b:3b:e4:47:ec:e8:58:ae:fb:fd:0f:f9:fd:2e:ff:8a:a4:
09:21:06:4c:3c:61:1c:0e:8f:0e:5f:27:46:d9:4e:b5:c3:cb:
51:8d:e0:72:63:12:6a:20:01:a3:ab:c4:89:7c:54:e9:56:90:
2a:d2:64:ab:3b:39:5f:c8:c5:91:5f:c5:a2:88:eb:33:19:38:
a2:28:6b:6c:bc:52:2c:3c:d9:c1:ad:d3:77:5a:e8:02:d3:74:
27:d9:e6:ce:7f:05:73:cf:5b:3f:69:09:bf:41:11:5b:01:0b:
4a:0e:a1:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXrWuX4/NWuce+iQCcGN+38qB30YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjYzNhMDE3MzEwODEwMzE4ODAzMjZjOGY5M2YxOTcwMTZhOTNkOWU1YWU0
NzBjMzY5ODFiYWNiN2UwNmRjY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMlXc7XS8eWfgKJ5MjXgwNPVhQ3WUlKNyzLDtFBzkaZZAfvN9zHL87SshuM
rFvuZ+48xI5svu4VBQ/AYv9W0A69iVRl3pegUD1wXzYRjC/Tr4U5s6bRnOMncwZW
e4COnAci5HPzhAIcQNtWUIggDoB7f/hQW0aoUOdu3mPfQHBnw3C8scN6LdGwuMaF
2c1ta36f+lDXmHFirhv4Pgto0a8wDl/zKRDUPdFOBk1wWRwOIMAk1L6jH0e2ySoG
69sz7Vyk3Bgre+cREpnKxOOiJLywdAgKpcpWQg7WkKXXTwyFDmRWm4d08boQw3qT
x/QesgqCAw6FHtrMXWXTsasXNM8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR42+63
oKc122JeHUZwW/3TAZOdQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmY1NDA0YzItYmNiZS00ZGY0LTg2Y2UtNzJjZWIwNjdmNjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
IDANBgkqhkiG9w0BAQsFAAOCAQEAQXdenD5Of5eUeg3dBalgmoLWeRTj7JmS6/z2
shsiTTzZQmBzCu/q9J1r0OnLcTAz90y4xCQNLgzFHJ0mrl3sFJRij+jsRH6D18xy
IJ0LJh9K55rYTfEn4NFHzgVHC2jkfBrmNf+V1zXOw5Is4CyIWhSnhP/Y6zP4P+T/
f5LBysUFesGkNLpaZFweKAvPygTPNQs75Efs6Fiu+/0P+f0u/4qkCSEGTDxhHA6P
Dl8nRtlOtcPLUY3gcmMSaiABo6vEiXxU6VaQKtJkqzs5X8jFkV/FoojrMxk4oihr
bLxSLDzZwa3Td1roAtN0J9nmzn8Fc89bP2kJv0ERWwELSg6hKg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:10 2025 by rpki-client