Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
File: cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa (raw, json)
Hash identifier: bvNJO2txcDY/CR5Nj4GwCGcXb9WKU1GfsK+eJwTico8=
Subject key identifier: CD:56:40:63:1C:25:F0:C5:16:EE:EC:22:63:48:9E:A7:50:CC:83:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7898DCFAF0C18669CCD5ED6CA63B3481636A8FA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
Signing time: Tue 20 May 2025 20:31:22 +0000
ROA not before: Tue 20 May 2025 20:31:22 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:98:dc:fa:f0:c1:86:69:cc:d5:ed:6c:a6:3b:34:81:63:6a:8f:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:31:22 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=257e86a16d0fbc1aa2ddfc934e1d50cf5a15c9339efa917e9a864e8c5a7e381d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:50:d3:63:bb:f2:f2:3a:3c:aa:c4:b0:5d:37:
5c:01:cb:eb:d6:81:95:b0:99:c1:8a:ef:26:45:23:
fc:04:dd:99:c9:33:44:91:d3:80:7c:1e:84:3f:8f:
c3:dc:79:e9:7d:c7:f0:0b:72:9e:30:12:3f:66:55:
5b:66:a0:d8:73:d9:9e:3f:fb:3f:69:1b:f8:30:9f:
cd:27:9f:b1:98:af:7b:50:36:a5:4b:a7:83:9a:13:
ad:be:9b:a1:63:50:4c:b5:0d:6b:29:5f:a6:d1:76:
42:b7:e0:30:73:24:1f:1c:0e:c8:f8:00:16:58:4d:
70:ac:73:6a:bd:15:bd:ca:5c:b0:0a:6e:da:25:da:
d6:fd:e0:66:b4:fd:22:14:1d:0b:38:9d:49:ae:a6:
2f:28:33:34:9f:00:a8:a6:bf:53:32:9d:33:1e:43:
ac:ca:35:21:8c:85:06:fb:63:4a:aa:3b:36:72:59:
ab:91:08:14:ff:6e:cf:ce:82:20:72:e3:54:76:d6:
99:31:48:5f:ee:5f:e9:ff:51:b2:62:6e:2b:ea:f7:
88:71:51:ba:54:89:d7:e7:87:83:30:f4:fd:a3:67:
47:8c:d7:be:67:3d:ff:55:7e:20:cd:b6:33:8a:92:
33:7e:86:c6:80:6f:33:83:33:70:3f:16:1d:91:a3:
5b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:56:40:63:1C:25:F0:C5:16:EE:EC:22:63:48:9E:A7:50:CC:83:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:c00::/38
Signature Algorithm: sha256WithRSAEncryption
88:6c:c1:0c:90:09:e8:50:e5:52:b0:e4:cd:8b:21:98:e1:80:
06:91:13:02:7a:82:d4:12:bf:af:51:33:cc:fa:89:0b:43:95:
5d:de:0c:07:b1:35:6f:a4:d0:8a:5b:a6:c0:54:8f:99:1e:d7:
20:79:f9:38:d8:1c:f8:73:4b:1b:21:f8:29:f0:a3:1e:de:c6:
cb:85:c6:74:03:9c:af:70:c4:5b:c2:d5:95:77:ca:e2:cb:52:
61:9e:43:90:7d:0b:2b:6e:9a:77:db:a6:32:eb:95:e4:27:6f:
af:7c:ae:d7:c7:0e:fb:30:c6:ea:7c:34:f4:1f:80:9c:d3:f8:
ee:cd:9c:b6:72:26:31:e4:cc:d9:98:1c:67:fe:90:c6:c9:e2:
79:db:19:3f:e2:17:7b:1f:b3:3d:77:9e:1e:97:98:06:80:49:
40:8d:cc:34:ed:58:4c:88:1b:ad:0e:aa:3b:64:95:fe:7c:37:
ef:a7:2f:98:44:8a:ea:09:45:ed:a3:e1:59:ef:6c:ac:6e:a7:
1a:be:de:69:26:38:be:38:6b:ab:3a:a9:aa:e5:1a:54:4c:1a:
19:0f:4b:8a:c8:28:34:59:da:42:97:a3:38:60:f2:6a:30:85:
19:e4:53:cf:a9:61:dd:58:64:45:90:d3:3a:bb:11:1d:fd:fd:
b3:a4:95:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeJjc+vDBhmnM1e1spjs0gWNqj6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMxMjJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1N2U4NmExNmQwZmJjMWFhMmRkZmM5MzRlMWQ1MGNmNWExNWM5MzM5ZWZh
OTE3ZTlhODY0ZThjNWE3ZTM4MWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxQ02O78vI6PKrEsF03XAHL69aBlbCZwYrvJkUj/ATdmckzRJHTgHwehD+P
w9x56X3H8AtynjASP2ZVW2ag2HPZnj/7P2kb+DCfzSefsZive1A2pUung5oTrb6b
oWNQTLUNaylfptF2QrfgMHMkHxwOyPgAFlhNcKxzar0VvcpcsApu2iXa1v3gZrT9
IhQdCzidSa6mLygzNJ8AqKa/UzKdMx5DrMo1IYyFBvtjSqo7NnJZq5EIFP9uz86C
IHLjVHbWmTFIX+5f6f9RsmJuK+r3iHFRulSJ1+eHgzD0/aNnR4zXvmc9/1V+IM22
M4qSM36GxoBvM4MzcD8WHZGjWwUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNVkBj
HCXwxRbu7CJjSJ6nUMyDpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I1ZWU0YzEtZGQzNi00OWE5LThiMDktODlkNThhYTgwMzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEM
MA0GCSqGSIb3DQEBCwUAA4IBAQCIbMEMkAnoUOVSsOTNiyGY4YAGkRMCeoLUEr+v
UTPM+okLQ5Vd3gwHsTVvpNCKW6bAVI+ZHtcgefk42Bz4c0sbIfgp8KMe3sbLhcZ0
A5yvcMRbwtWVd8riy1JhnkOQfQsrbpp326Yy65XkJ2+vfK7Xxw77MMbqfDT0H4Cc
0/juzZy2ciYx5MzZmBxn/pDGyeJ52xk/4hd7H7M9d54el5gGgElAjcw07VhMiBut
Dqo7ZJX+fDfvpy+YRIrqCUXto+FZ72ysbqcavt5pJji+OGurOqmq5RpUTBoZD0uK
yCg0WdpCl6M4YPJqMIUZ5FPPqWHdWGRFkNM6uxEd/f2zpJWi
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:50 2025 by rpki-client