Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
File: cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa (raw, json)
Hash identifier: atSQw2YIgH9ULw5iWgFys0QI0O+JFC+kcBWn6iJFgiw=
Subject key identifier: 16:88:FA:DC:B3:79:ED:41:11:DE:89:59:C7:20:A1:11:0B:99:C8:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65F5017C31E63B997AD29815DA5729FE63B95DFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
Signing time: Tue 20 May 2025 20:21:36 +0000
ROA not before: Tue 20 May 2025 20:21:36 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:f5:01:7c:31:e6:3b:99:7a:d2:98:15:da:57:29:fe:63:b9:5d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:36 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=3622c0b11d68f1cfb0e0c0feb7189749c7a7f6d328ad3aad6bc837393cb04e4a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:49:3b:50:25:77:80:1b:6c:1a:4c:7c:18:69:
27:76:a2:f2:ba:cb:9d:f1:b7:78:24:47:a1:6e:5e:
af:35:0c:d1:60:1f:3e:84:34:c7:46:28:52:1e:8d:
73:37:2f:86:3f:f5:40:d6:66:fa:3f:1a:93:70:6a:
07:52:37:44:25:23:60:ab:e4:f9:47:32:8b:e0:46:
e9:40:4b:c7:f2:d6:61:d6:4f:0a:cf:4b:5f:84:17:
95:d2:ec:80:56:b4:4a:49:ae:5d:4d:dc:23:7a:7a:
dd:8e:04:48:ae:77:b4:4e:82:5f:d0:20:b8:96:d1:
8a:91:ea:14:d6:80:94:fb:f4:68:0b:26:21:b1:80:
69:1d:b7:b0:5a:31:2a:2b:d3:69:be:2b:ab:dc:6f:
ce:ea:09:a1:3b:ea:85:9e:ea:c2:4d:1c:19:d3:66:
3e:c7:cb:65:86:a8:d3:1d:e8:69:39:43:93:e2:a1:
35:b8:a2:4a:42:86:96:36:66:5b:e1:e9:3e:14:87:
9e:53:55:e1:b6:d5:ff:31:ea:66:43:9c:72:95:e9:
01:67:4f:72:8d:23:b3:92:a2:75:e2:95:1e:15:bf:
4d:b5:7b:fc:c6:54:15:6a:58:ed:28:83:39:20:af:
f3:8d:b4:72:7a:56:b6:8b:14:2c:f8:c6:ee:a3:1d:
38:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:88:FA:DC:B3:79:ED:41:11:DE:89:59:C7:20:A1:11:0B:99:C8:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:a000::/40
Signature Algorithm: sha256WithRSAEncryption
77:b3:3b:78:eb:3c:e7:8e:9c:96:09:a0:03:43:9e:36:58:53:
d0:29:02:b2:4e:33:fc:00:7b:c1:8b:69:02:24:f2:53:72:1c:
19:8d:ac:d7:84:c5:8f:10:9d:9b:30:dc:24:d4:9f:91:7d:0f:
fe:01:29:f1:6f:57:80:56:0d:11:49:65:e0:a4:60:88:19:73:
22:a5:fa:7a:00:ac:1c:8c:8a:1d:cc:36:01:16:42:c3:8a:74:
05:fc:1b:1b:a4:72:dc:de:93:7c:13:15:d1:dd:4d:c9:ad:55:
02:80:af:b6:ee:86:5e:37:c1:26:b6:9e:07:ed:7d:d4:e1:39:
7a:b7:13:01:49:61:68:86:91:d6:e3:f2:c0:57:49:ec:9d:f9:
95:ef:a9:ba:41:84:ba:1d:1b:78:38:96:a7:23:d5:ac:62:cf:
f0:f0:6a:d1:b1:e1:29:78:4a:55:0f:85:82:d6:65:7b:52:93:
2f:14:30:7d:af:c8:33:ac:3a:ce:7e:89:ec:a4:0a:5c:a2:54:
34:b7:33:f8:7d:0e:09:d4:2d:b9:ab:f2:8c:68:41:8b:6c:0d:
3b:74:51:83:4b:d4:41:28:fb:df:60:6c:47:4f:79:fc:9d:e0:
3d:31:da:52:c1:35:76:ad:37:58:9e:e4:17:eb:12:de:d7:36:
52:dc:57:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZfUBfDHmO5l60pgV2lcp/mO5XfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxMzZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2MjJjMGIxMWQ2OGYxY2ZiMGUwYzBmZWI3MTg5NzQ5YzdhN2Y2ZDMyOGFk
M2FhZDZiYzgzNzM5M2NiMDRlNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRJO1Ald4AbbBpMfBhpJ3ai8rrLnfG3eCRHoW5erzUM0WAfPoQ0x0YoUh6N
czcvhj/1QNZm+j8ak3BqB1I3RCUjYKvk+Ucyi+BG6UBLx/LWYdZPCs9LX4QXldLs
gFa0SkmuXU3cI3p63Y4ESK53tE6CX9AguJbRipHqFNaAlPv0aAsmIbGAaR23sFox
KivTab4rq9xvzuoJoTvqhZ7qwk0cGdNmPsfLZYao0x3oaTlDk+KhNbiiSkKGljZm
W+HpPhSHnlNV4bbV/zHqZkOccpXpAWdPco0js5KideKVHhW/TbV7/MZUFWpY7SiD
OSCv8420cnpWtosULPjG7qMdOLcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWiPrc
s3ntQRHeiVnHIKERC5nISjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I0YTczZTEtYmU2Yi00Y2JhLWIxMzAtYTIyYmIzOWNmNjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKg
MA0GCSqGSIb3DQEBCwUAA4IBAQB3szt46zznjpyWCaADQ542WFPQKQKyTjP8AHvB
i2kCJPJTchwZjazXhMWPEJ2bMNwk1J+RfQ/+ASnxb1eAVg0RSWXgpGCIGXMipfp6
AKwcjIodzDYBFkLDinQF/BsbpHLc3pN8ExXR3U3JrVUCgK+27oZeN8Emtp4H7X3U
4Tl6txMBSWFohpHW4/LAV0nsnfmV76m6QYS6HRt4OJanI9WsYs/w8GrRseEpeEpV
D4WC1mV7UpMvFDB9r8gzrDrOfonspApcolQ0tzP4fQ4J1C25q/KMaEGLbA07dFGD
S9RBKPvfYGxHT3n8neA9MdpSwTV2rTdYnuQX6xLe1zZS3Fff
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:16 2025 by rpki-client