Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
File: ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa (raw, json)
Hash identifier: PX8iTFff/3axOY7a6trG6erg3eUhttQdJB35xDSuzII=
Subject key identifier: B2:44:8A:AA:88:F0:48:88:E5:BC:D2:06:DC:73:55:8D:7D:43:AA:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F03C1FE79BF4AEFBF132801800E6C50ED79FA26
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
Signing time: Tue 20 May 2025 19:11:05 +0000
ROA not before: Tue 20 May 2025 19:11:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:03:c1:fe:79:bf:4a:ef:bf:13:28:01:80:0e:6c:50:ed:79:fa:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=52bbed42a0d419458cc7d79ad1097397ebbc56c8c0d6857c672d7171413757ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b9:7a:9e:70:bb:88:3d:8f:46:f5:9b:61:6f:
14:85:8c:d7:d0:aa:2c:c6:8c:e4:3c:98:f1:29:76:
17:8a:a0:a8:d5:90:b4:dc:f3:34:30:4b:eb:ac:27:
f2:a2:68:a9:6c:db:94:4e:1c:bf:a3:0f:4a:4f:fb:
9f:c5:4e:13:77:d8:a1:ca:0c:d8:5b:d4:43:c9:bc:
d2:97:e3:a9:11:d4:11:ff:dd:17:d4:f4:93:05:7e:
e5:a3:5a:b3:32:45:e1:9c:b4:9b:f6:9c:89:68:c4:
87:5b:6a:1d:05:5b:fa:df:33:4b:b9:3b:05:95:88:
40:b9:68:62:48:ac:34:77:73:b5:a2:33:8e:86:cc:
ad:7f:02:1e:af:01:a6:b4:6a:a0:79:20:92:98:71:
d0:09:22:13:cd:b3:33:ab:3a:c6:83:4a:93:87:8e:
cf:39:10:98:dc:7d:01:2e:a5:ae:11:3d:04:39:ec:
43:55:38:3c:69:c9:72:56:dd:4a:ee:f6:96:2f:48:
bd:b6:3f:65:55:b5:37:92:bf:66:50:c4:ab:b3:aa:
18:5f:ef:b3:63:f8:c5:0d:3f:72:ce:a7:66:b5:b9:
02:63:c2:84:a6:34:0c:78:21:9f:c5:b2:b9:a1:26:
60:9e:57:d7:de:65:e3:ce:88:dd:7a:07:3e:d5:08:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:44:8A:AA:88:F0:48:88:E5:BC:D2:06:DC:73:55:8D:7D:43:AA:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:73:a5:ca:3c:77:c2:f9:3b:00:6c:af:60:bf:43:65:f3:54:
9e:99:ae:be:d2:2b:97:6d:ca:ca:06:41:99:28:9b:c4:0f:7a:
a0:73:fa:b4:c9:7f:b6:6e:52:8d:30:8f:9e:52:0e:af:fd:ab:
8c:3b:a0:c3:3a:ad:45:b9:de:6d:d7:ba:7c:fc:4c:0e:06:6e:
c8:ce:bd:3f:d6:9e:a5:e9:82:e4:0f:24:a0:41:83:0e:b3:f1:
b7:b9:81:ce:05:5f:f2:12:70:d8:dd:ca:a6:7c:63:47:07:5f:
41:29:39:95:6d:53:39:61:95:18:99:0e:7a:b7:f0:66:e5:10:
2b:03:c0:f0:41:50:04:99:a3:c1:9d:23:da:78:14:b1:29:d2:
de:2f:8a:f4:57:ba:71:88:cf:40:5b:ec:d6:ba:43:82:4b:ee:
70:bd:43:91:9d:ba:c9:40:55:8d:4d:6b:90:39:8d:84:04:de:
16:23:53:19:9b:73:55:83:5c:a6:b9:c0:02:69:46:5a:52:83:
94:9a:04:e6:bb:42:6c:cf:aa:41:9f:3b:61:a5:0c:e1:a9:be:
ba:5d:b2:6e:a9:9f:d9:a6:cd:d8:d7:84:5a:de:6e:07:87:5d:
25:6c:d4:2b:6e:02:57:61:bb:2e:57:da:f7:a4:23:89:cf:14:
fb:3a:43:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbwPB/nm/Su+/EygBgA5sUO15+iYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyYmJlZDQyYTBkNDE5NDU4Y2M3ZDc5YWQxMDk3Mzk3ZWJiYzU2YzhjMGQ2
ODU3YzY3MmQ3MTcxNDEzNzU3YWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKe5ep5wu4g9j0b1m2FvFIWM19CqLMaM5DyY8Sl2F4qgqNWQtNzzNDBL66wn
8qJoqWzblE4cv6MPSk/7n8VOE3fYocoM2FvUQ8m80pfjqRHUEf/dF9T0kwV+5aNa
szJF4Zy0m/aciWjEh1tqHQVb+t8zS7k7BZWIQLloYkisNHdztaIzjobMrX8CHq8B
prRqoHkgkphx0AkiE82zM6s6xoNKk4eOzzkQmNx9AS6lrhE9BDnsQ1U4PGnJclbd
Su72li9IvbY/ZVW1N5K/ZlDEq7OqGF/vs2P4xQ0/cs6nZrW5AmPChKY0DHghn8Wy
uaEmYJ5X195l486I3XoHPtUILw0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSyRIqq
iPBIiOW80gbcc1WNfUOq+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzZjRkMTEtZGM2Yi00YTgyLWJlNjEtNjhmMWQ3ODM4ZjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQC7c6XKPHfC+TsAbK9gv0Nl81Sema6+0iuXbcrK
BkGZKJvED3qgc/q0yX+2blKNMI+eUg6v/auMO6DDOq1Fud5t17p8/EwOBm7Izr0/
1p6l6YLkDySgQYMOs/G3uYHOBV/yEnDY3cqmfGNHB19BKTmVbVM5YZUYmQ56t/Bm
5RArA8DwQVAEmaPBnSPaeBSxKdLeL4r0V7pxiM9AW+zWukOCS+5wvUORnbrJQFWN
TWuQOY2EBN4WI1MZm3NVg1ymucACaUZaUoOUmgTmu0Jsz6pBnzthpQzhqb66XbJu
qZ/Zps3Y14Ra3m4Hh10lbNQrbgJXYbsuV9r3pCOJzxT7OkNs
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:53 2025 by rpki-client