Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
File: c768f15e-576e-48c0-91d4-8446a6be70a8.roa (raw, json)
Hash identifier: rkv5ZX1jKNLRuTg3hZNgCEMBpmSgxhWwOdDCgStRlcM=
Subject key identifier: 3D:CF:90:ED:93:E8:CF:D9:99:75:89:76:E3:E6:FF:A0:44:15:47:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D819E8A39A6E641CD90F74F714A9DD6C489C006
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
Signing time: Tue 20 May 2025 20:11:11 +0000
ROA not before: Tue 20 May 2025 20:11:11 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:81:9e:8a:39:a6:e6:41:cd:90:f7:4f:71:4a:9d:d6:c4:89:c0:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:11 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c5d64435e51bd92637c59502c880fa31d49bf8554d938a4b5e5c28abfce45213, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:e5:bd:84:e8:71:cc:45:c0:81:04:8e:24:
9e:22:ff:0f:e6:be:b0:37:e8:29:77:8b:ca:43:f2:
b9:a8:dc:78:30:48:e7:fd:1e:92:9c:a1:19:18:cd:
da:1f:96:fa:f3:d0:3a:c7:dd:72:bb:da:ae:a0:2d:
84:f3:9b:1e:83:c6:89:63:49:87:6d:7a:80:a1:67:
79:d2:a2:d5:b4:45:1d:c5:87:5d:9c:fe:9c:68:93:
e6:45:9a:50:6d:1b:b1:91:05:af:2b:ce:79:d1:00:
30:ab:fe:5b:65:a1:6a:11:13:c9:3c:0b:94:5f:5a:
62:d9:3c:12:03:98:56:d0:af:d5:f7:e7:3a:ef:7b:
84:7e:bd:3d:39:10:c3:b2:3b:b3:d6:03:7f:bd:f0:
27:48:2e:ec:80:07:f0:54:90:53:46:20:1a:74:35:
fa:09:2c:22:b1:43:f4:af:68:1c:44:a3:27:87:8e:
f7:f1:f6:c8:43:ac:83:c1:0b:1b:5a:3a:cc:45:b8:
b5:db:c6:10:cb:ed:36:bd:ff:a7:cc:21:c0:2a:07:
dc:c7:94:71:94:c4:57:b5:4f:45:b4:58:18:3d:9a:
68:af:cc:08:f9:a7:f9:a1:cd:f3:ee:41:f9:5b:0d:
4f:6e:a6:70:20:59:9e:75:9e:f4:e4:d3:1c:11:90:
5f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CF:90:ED:93:E8:CF:D9:99:75:89:76:E3:E6:FF:A0:44:15:47:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:e0:c3:1e:91:b4:79:44:59:85:70:29:42:53:3d:3a:4e:a6:
ed:5f:75:99:e9:32:20:4d:05:bc:34:c9:2e:19:c5:26:d7:50:
1e:2c:f9:b3:72:d5:a4:0e:c2:f4:c4:68:ab:df:de:fb:67:6f:
91:7b:ca:d8:30:a6:8b:d5:2c:ab:19:59:03:f9:f2:30:a7:25:
ab:2b:06:fa:14:87:e6:60:6c:09:32:67:1b:3f:7c:bb:99:0e:
b7:3a:8e:3b:af:58:d7:35:1c:09:a7:48:b6:ea:b2:fb:70:c4:
b5:d1:bd:a2:94:e0:29:ce:8d:62:3a:25:0f:07:18:f7:cf:35:
fb:b1:20:4a:d9:d7:a8:c0:b7:81:ca:b6:b4:8f:6c:98:dd:ca:
0c:5c:7e:be:ae:9e:91:a6:14:8b:bd:4d:66:5c:b2:6a:a4:03:
d0:e6:6a:e4:66:79:c3:0e:3f:cd:63:63:ef:25:95:c7:c8:72:
79:47:a9:c3:25:3d:0e:87:e1:ff:ca:ab:44:ee:8e:10:69:ce:
b7:ed:87:4c:b1:27:d2:17:fb:bd:a6:78:8c:47:05:0f:69:7c:
10:b8:6e:0d:57:76:67:3e:58:3e:fd:63:2a:1c:1f:e7:a6:fc:
8c:29:e6:9c:54:d5:3b:80:e4:db:c6:a7:b5:5f:a8:44:98:73:
9d:4e:f4:4b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDYGeijmm5kHNkPdPcUqd1sSJwAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMTFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1ZDY0NDM1ZTUxYmQ5MjYzN2M1OTUwMmM4ODBmYTMxZDQ5YmY4NTU0ZDkz
OGE0YjVlNWMyOGFiZmNlNDUyMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQM5b2E6HHMRcCBBI4kniL/D+a+sDfoKXeLykPyuajceDBI5/0ekpyhGRjN
2h+W+vPQOsfdcrvarqAthPObHoPGiWNJh216gKFnedKi1bRFHcWHXZz+nGiT5kWa
UG0bsZEFryvOedEAMKv+W2WhahETyTwLlF9aYtk8EgOYVtCv1ffnOu97hH69PTkQ
w7I7s9YDf73wJ0gu7IAH8FSQU0YgGnQ1+gksIrFD9K9oHESjJ4eO9/H2yEOsg8EL
G1o6zEW4tdvGEMvtNr3/p8whwCoH3MeUcZTEV7VPRbRYGD2aaK/MCPmn+aHN8+5B
+VsNT26mcCBZnnWe9OTTHBGQX00CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9z5Dt
k+jP2Zl1iXbj5v+gRBVHmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc2OGYxNWUtNTc2ZS00OGMwLTkxZDQtODQ0NmE2YmU3MGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLg
MA0GCSqGSIb3DQEBCwUAA4IBAQCz4MMekbR5RFmFcClCUz06TqbtX3WZ6TIgTQW8
NMkuGcUm11AeLPmzctWkDsL0xGir3977Z2+Re8rYMKaL1SyrGVkD+fIwpyWrKwb6
FIfmYGwJMmcbP3y7mQ63Oo47r1jXNRwJp0i26rL7cMS10b2ilOApzo1iOiUPBxj3
zzX7sSBK2deowLeByra0j2yY3coMXH6+rp6RphSLvU1mXLJqpAPQ5mrkZnnDDj/N
Y2PvJZXHyHJ5R6nDJT0Oh+H/yqtE7o4Qac637YdMsSfSF/u9pniMRwUPaXwQuG4N
V3ZnPlg+/WMqHB/npvyMKeacVNU7gOTbxqe1X6hEmHOdTvRL
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:29 2025 by rpki-client