Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json)
Hash identifier: 2klBnPZqMNC42TPtCVpdWly70XUNwhw5K+5017qf/r0=
Subject key identifier: C0:B5:C7:09:93:CC:D1:55:34:9A:6B:4F:51:94:B6:14:BA:EA:F9:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F7A00CC5587095D20C874C8D56306B68E4330CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
Signing time: Tue 20 May 2025 19:00:16 +0000
ROA not before: Tue 20 May 2025 19:00:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:7a:00:cc:55:87:09:5d:20:c8:74:c8:d5:63:06:b6:8e:43:30:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c8c505acd90903a6fefabaf94ad105d6742f1cc883be4019ab726969a26115b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e3:21:0b:f4:00:96:41:2b:db:38:17:2c:25:
08:06:23:e3:01:2a:b3:65:34:63:ef:6d:82:13:6f:
7d:b3:95:0e:54:6c:06:3f:b2:cc:8d:e3:20:12:71:
ad:35:25:d3:50:c9:98:d5:22:2a:1a:5e:e9:ce:0e:
f6:da:73:05:ac:65:53:97:ae:1e:11:39:3f:6b:78:
a4:ba:d6:dc:73:24:5c:56:0f:ec:ed:58:c5:9f:b1:
78:59:ea:89:8c:67:22:f0:b7:ed:a4:ad:5d:43:0f:
94:77:5c:c1:70:63:cc:11:dc:ea:8e:d3:a9:c5:1e:
f6:57:72:81:5b:dd:1c:e4:8f:13:66:df:3c:9c:a0:
97:1f:c1:ac:1c:c8:cc:33:10:3c:8a:0a:fc:57:40:
fe:0d:40:3a:df:c6:d2:12:59:cb:60:c4:c9:bb:79:
db:3d:64:3d:d4:c6:8e:c8:0a:06:89:f5:4a:3a:36:
0d:08:9f:e1:76:5c:ca:c9:09:46:10:e5:30:ef:2f:
4f:04:a8:42:75:22:4b:1b:4d:8c:25:04:5d:33:6f:
81:4b:47:b0:68:e2:c7:ac:ad:6a:06:99:24:f3:2b:
c9:ae:88:98:65:a9:5d:ee:73:67:94:20:fa:d4:34:
10:bc:5b:55:31:fa:50:6e:a4:90:18:8d:cb:da:28:
01:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B5:C7:09:93:CC:D1:55:34:9A:6B:4F:51:94:B6:14:BA:EA:F9:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
0e:91:61:e8:e3:71:b9:08:2a:60:db:55:e0:34:05:2d:ec:da:
87:63:aa:ea:ba:37:9f:55:48:2c:86:13:5d:2a:c2:8a:fb:39:
25:95:71:f8:dc:74:0f:ed:44:08:44:d3:57:f5:e0:b1:65:46:
78:76:b1:c3:70:b6:37:72:ef:7d:34:4e:46:53:2d:e0:b5:f7:
31:27:ee:74:3f:b9:d5:31:89:ec:1a:db:7f:52:df:6d:ad:fa:
af:b0:32:23:7e:22:e3:b8:3d:70:ce:27:cd:90:e8:14:b3:dd:
5e:37:6b:f7:bf:ec:29:36:5c:d9:78:82:59:46:61:15:f5:65:
55:0e:c1:3e:27:ec:67:31:de:25:64:0c:b7:82:b3:75:61:77:
b7:2e:20:2a:14:03:1e:d8:16:ff:05:8e:b2:f2:50:c4:29:76:
d9:3c:d0:07:88:e0:2c:5a:10:3a:a3:b5:20:fa:ae:07:2c:63:
59:6e:5d:8e:77:f7:1a:92:b5:4f:eb:04:08:41:38:de:d0:82:
d2:de:fb:8f:6a:34:d9:fd:16:55:06:80:0f:24:34:dc:7b:f8:
2e:81:c0:cf:94:33:2f:49:50:1c:05:e7:a0:8b:bd:c9:77:03:
e0:3e:63:2c:e7:56:35:05:e4:ab:c6:97:29:8e:94:c1:80:76:
04:c0:6e:21
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUH3oAzFWHCV0gyHTI1WMGto5DMMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4YzUwNWFjZDkwOTAzYTZmZWZhYmFmOTRhZDEwNWQ2NzQyZjFjYzg4M2Jl
NDAxOWFiNzI2OTY5YTI2MTE1YjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDjIQv0AJZBK9s4FywlCAYj4wEqs2U0Y+9tghNvfbOVDlRsBj+yzI3jIBJx
rTUl01DJmNUiKhpe6c4O9tpzBaxlU5euHhE5P2t4pLrW3HMkXFYP7O1YxZ+xeFnq
iYxnIvC37aStXUMPlHdcwXBjzBHc6o7TqcUe9ldygVvdHOSPE2bfPJyglx/BrBzI
zDMQPIoK/FdA/g1AOt/G0hJZy2DEybt52z1kPdTGjsgKBon1Sjo2DQif4XZcyskJ
RhDlMO8vTwSoQnUiSxtNjCUEXTNvgUtHsGjix6ytagaZJPMrya6ImGWpXe5zZ5Qg
+tQ0ELxbVTH6UG6kkBiNy9ooAS0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTAtccJ
k8zRVTSaa09RlLYUuur5mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
wDANBgkqhkiG9w0BAQsFAAOCAQEADpFh6ONxuQgqYNtV4DQFLezah2Oq6ro3n1VI
LIYTXSrCivs5JZVx+Nx0D+1ECETTV/XgsWVGeHaxw3C2N3LvfTRORlMt4LX3MSfu
dD+51TGJ7Brbf1Lfba36r7AyI34i47g9cM4nzZDoFLPdXjdr97/sKTZc2XiCWUZh
FfVlVQ7BPifsZzHeJWQMt4KzdWF3ty4gKhQDHtgW/wWOsvJQxCl22TzQB4jgLFoQ
OqO1IPquByxjWW5djnf3GpK1T+sECEE43tCC0t77j2o02f0WVQaADyQ03Hv4LoHA
z5QzL0lQHAXnoIu9yXcD4D5jLOdWNQXkq8aXKY6UwYB2BMBuIQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:13 2025 by rpki-client