Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
File: c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa (raw, json)
Hash identifier: WK8Ljkkv9risfcD9YSObXn4Rj9fesyRmLs9TmGV9QEc=
Subject key identifier: 86:E7:65:79:E9:BD:B0:47:55:96:E3:76:32:44:BD:49:72:19:57:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35222CCA0A1E16FBC6B8A4F9B99A554759B7BFA9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
Signing time: Tue 20 May 2025 18:50:50 +0000
ROA not before: Tue 20 May 2025 18:50:50 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:22:2c:ca:0a:1e:16:fb:c6:b8:a4:f9:b9:9a:55:47:59:b7:bf:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:50 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=382b9ba4239c631d7aa670228c973982a4e05839552a5c550e9b3d713eb93078, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:8b:7b:2f:0d:16:49:68:f7:f5:dc:04:18:fe:
26:11:12:cd:f0:5f:36:22:99:24:bd:92:b6:50:52:
0b:0f:45:c1:8f:f3:96:e8:c6:fd:e4:33:29:cd:64:
46:10:e5:c2:2f:f7:01:fd:24:ad:aa:c2:4f:1b:c6:
93:3e:bc:33:67:1d:10:fc:49:59:66:7f:10:ec:72:
58:eb:cf:2c:92:7f:8b:07:39:08:dc:43:a7:cb:64:
07:1a:7e:c4:27:82:cf:51:8d:27:c1:84:6a:e6:b2:
4c:00:74:b5:48:52:3d:48:f2:56:5b:63:18:e0:46:
89:87:63:ba:d2:ad:33:34:f0:20:de:3e:f0:ea:1e:
6e:3f:f6:92:2a:f6:38:25:d0:70:9d:dc:d7:9a:3a:
43:d8:b8:21:64:f0:31:9b:41:0a:93:f2:16:c0:46:
60:29:65:ab:2d:d3:36:d1:28:d4:59:79:53:91:b7:
d5:48:86:e5:d0:69:8a:58:1f:fc:72:c1:19:92:0d:
eb:a5:46:d6:62:0f:1a:7c:da:d1:78:97:e0:6d:fb:
be:91:60:24:b6:19:e2:9e:f6:14:0f:6b:34:17:ce:
6d:cf:ea:e8:dd:bd:55:c4:be:c6:ab:75:ac:c1:16:
05:b7:57:7c:7e:2c:b0:61:92:67:e5:7e:bf:91:72:
74:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E7:65:79:E9:BD:B0:47:55:96:E3:76:32:44:BD:49:72:19:57:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:18:6a:a8:f6:c4:61:7e:ab:a6:10:55:1b:dc:59:f0:cc:bc:
7c:ee:95:46:84:4f:18:83:bd:b2:e9:96:76:93:b8:6b:e1:da:
55:5e:6e:a5:89:0a:74:14:6a:00:05:99:a3:4c:c6:01:82:e5:
cc:70:e1:e6:f6:73:ab:10:f4:ca:8f:b4:3c:48:cc:b3:68:38:
e9:a0:85:7c:6b:c0:f2:5b:a9:01:50:04:f0:90:bf:ea:b8:64:
94:28:67:d6:07:d8:f7:f5:45:bd:67:77:8d:9f:96:b0:55:b9:
4e:51:cd:3f:2a:f8:50:60:67:bf:12:26:7c:f0:5b:2e:04:b0:
2f:3e:88:65:77:c4:4c:4d:36:13:15:e3:6f:3d:d9:b9:e5:c0:
db:0e:e7:47:33:5e:f8:94:2e:c5:32:db:c6:7f:14:07:c7:b1:
14:d8:89:81:bf:31:81:18:2e:9a:d4:01:d7:93:72:ad:88:36:
f3:43:44:1a:cf:33:93:0a:c9:67:bd:91:8c:67:c3:e5:47:ea:
0a:b6:bd:cb:cd:a5:11:0f:63:5e:9c:a1:79:57:3c:f6:13:e5:
36:1c:f6:90:2d:70:22:c2:f7:ed:5c:e5:1c:d3:76:12:af:37:
81:24:31:d5:3c:c0:0a:e7:c1:3c:b4:f7:89:30:e6:85:42:23:
e5:6b:60:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNSIsygoeFvvGuKT5uZpVR1m3v6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwNTBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MmI5YmE0MjM5YzYzMWQ3YWE2NzAyMjhjOTczOTgyYTRlMDU4Mzk1NTJh
NWM1NTBlOWIzZDcxM2ViOTMwNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANiLey8NFklo9/XcBBj+JhESzfBfNiKZJL2StlBSCw9FwY/zlujG/eQzKc1k
RhDlwi/3Af0krarCTxvGkz68M2cdEPxJWWZ/EOxyWOvPLJJ/iwc5CNxDp8tkBxp+
xCeCz1GNJ8GEauayTAB0tUhSPUjyVltjGOBGiYdjutKtMzTwIN4+8Ooebj/2kir2
OCXQcJ3c15o6Q9i4IWTwMZtBCpPyFsBGYCllqy3TNtEo1Fl5U5G31UiG5dBpilgf
/HLBGZIN66VG1mIPGnza0XiX4G37vpFgJLYZ4p72FA9rNBfObc/q6N29VcS+xqt1
rMEWBbdXfH4ssGGSZ+V+v5FydK8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSG52V5
6b2wR1WW43YyRL1JchlXQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkyNTY1MzYtMGU5YS00MTc1LThhYzctYTBmYjk5MWViZmY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCwGGqo9sRhfqumEFUb3FnwzLx87pVGhE8Yg72y
6ZZ2k7hr4dpVXm6liQp0FGoABZmjTMYBguXMcOHm9nOrEPTKj7Q8SMyzaDjpoIV8
a8DyW6kBUATwkL/quGSUKGfWB9j39UW9Z3eNn5awVblOUc0/KvhQYGe/EiZ88Fsu
BLAvPohld8RMTTYTFeNvPdm55cDbDudHM174lC7FMtvGfxQHx7EU2ImBvzGBGC6a
1AHXk3KtiDbzQ0QazzOTCslnvZGMZ8PlR+oKtr3LzaURD2NenKF5Vzz2E+U2HPaQ
LXAiwvftXOUc03YSrzeBJDHVPMAK58E8tPeJMOaFQiPla2C0
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:28 2025 by rpki-client