Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json)
Hash identifier: c3xRkDURk3ls5580VayeKRAOmmAKQT5i1NS5PBaw/mU=
Subject key identifier: 67:60:45:69:B9:9F:0F:F7:D5:8F:EF:4B:11:ED:8D:34:C5:68:88:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E9084E35B93F8EB873929B57CDC6C96AC56865D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
Signing time: Tue 20 May 2025 20:30:52 +0000
ROA not before: Tue 20 May 2025 20:30:52 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:90:84:e3:5b:93:f8:eb:87:39:29:b5:7c:dc:6c:96:ac:56:86:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:52 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=581bd460c871f535ea0835ae0a69d47c2b708d1345ad88f660f84447eccf781f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:4f:57:aa:3f:6e:bd:1f:9d:cd:de:4a:46:9e:
24:78:45:5a:cb:4d:9d:0d:de:2b:fe:ed:61:ac:26:
7f:46:ed:6f:7d:b9:98:cc:31:e1:cc:a4:02:b2:0c:
7c:8a:38:58:26:53:aa:3c:ab:ad:ea:c2:56:5f:f5:
26:76:7f:94:f5:33:3d:f0:52:11:77:89:68:43:8f:
b5:80:ae:cd:81:90:e9:5f:14:e8:a8:7a:05:93:f1:
7c:bd:89:6c:f4:9c:0c:27:b2:cf:3c:9e:b3:a5:dd:
97:cf:1d:34:7f:fc:61:4a:e1:c8:27:1c:45:99:31:
8d:42:2e:ed:4e:cc:97:28:26:da:9b:22:5e:bb:03:
8f:74:89:a5:17:72:e7:40:d1:4a:88:78:ea:93:8c:
21:3b:e1:71:ff:31:af:0d:7f:56:60:1a:c1:71:02:
46:f8:e8:86:df:05:79:97:57:73:ba:f0:c4:c8:bc:
d2:26:a0:0a:4f:90:56:50:73:bb:ff:f1:00:85:27:
0f:0c:f4:f6:47:a2:b2:84:19:d3:49:40:1e:9a:4a:
e6:e2:82:c5:42:6d:4c:89:67:32:6d:e3:d6:b7:a3:
c0:f2:63:5b:45:fd:97:62:b5:40:04:ec:30:06:09:
66:20:df:21:a8:62:0f:45:7a:5e:96:3c:3a:91:ba:
53:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:60:45:69:B9:9F:0F:F7:D5:8F:EF:4B:11:ED:8D:34:C5:68:88:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/38
Signature Algorithm: sha256WithRSAEncryption
51:ca:eb:91:d2:da:25:2a:5a:d8:b4:a0:c2:ca:55:56:2b:ec:
cd:f7:6f:0a:af:ac:dd:8b:ee:7b:8e:a7:c2:cc:fe:a0:68:45:
15:94:e1:5c:46:d0:d6:db:53:e9:db:39:41:7a:32:08:e2:5a:
21:ee:ec:cf:b1:aa:f8:fa:fc:64:f4:39:b2:06:d3:7b:33:75:
ec:46:d8:08:0a:22:99:47:1a:eb:f0:ca:92:75:3a:34:a1:2e:
aa:b4:1d:88:78:53:1e:6a:f2:48:cd:46:6c:c9:96:07:b0:d4:
bd:5f:fe:78:3b:61:1a:cd:2b:f2:d1:92:dd:26:7e:47:51:fd:
15:d8:ce:a2:0d:f5:b3:4e:9e:53:42:3b:33:d4:ec:9e:cb:fd:
4b:1a:9a:fa:b1:23:1a:1f:ef:6f:6c:ff:ff:ea:5f:7e:41:45:
cb:34:f6:9f:fc:c7:e9:ff:36:26:ed:ec:e3:d2:5e:6f:1f:08:
5f:d7:af:31:25:2b:e5:5f:a3:7b:49:49:f1:4e:22:79:1c:38:
68:a9:07:70:34:07:96:36:81:be:90:33:f9:3c:eb:af:2f:ee:
d5:2d:c3:5b:62:81:05:04:ef:8c:2b:ac:25:d8:f4:51:06:2f:
68:e3:b6:d4:2d:e9:7d:0b:20:8a:97:f7:ce:2f:c1:ef:37:e7:
60:93:d2:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDpCE41uT+OuHOSm1fNxslqxWhl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwNTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4MWJkNDYwYzg3MWY1MzVlYTA4MzVhZTBhNjlkNDdjMmI3MDhkMTM0NWFk
ODhmNjYwZjg0NDQ3ZWNjZjc4MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPhPV6o/br0fnc3eSkaeJHhFWstNnQ3eK/7tYawmf0btb325mMwx4cykArIM
fIo4WCZTqjyrrerCVl/1JnZ/lPUzPfBSEXeJaEOPtYCuzYGQ6V8U6Kh6BZPxfL2J
bPScDCeyzzyes6Xdl88dNH/8YUrhyCccRZkxjUIu7U7Mlygm2psiXrsDj3SJpRdy
50DRSoh46pOMITvhcf8xrw1/VmAawXECRvjoht8FeZdXc7rwxMi80iagCk+QVlBz
u//xAIUnDwz09keisoQZ00lAHppK5uKCxUJtTIlnMm3j1rejwPJjW0X9l2K1QATs
MAYJZiDfIahiD0V6XpY8OpG6UykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnYEVp
uZ8P99WP70sR7Y00xWiIszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBRyuuR0tolKlrYtKDCylVWK+zN928Kr6zdi+57
jqfCzP6gaEUVlOFcRtDW21Pp2zlBejII4loh7uzPsar4+vxk9DmyBtN7M3XsRtgI
CiKZRxrr8MqSdTo0oS6qtB2IeFMeavJIzUZsyZYHsNS9X/54O2EazSvy0ZLdJn5H
Uf0V2M6iDfWzTp5TQjsz1Oyey/1LGpr6sSMaH+9vbP//6l9+QUXLNPaf/Mfp/zYm
7ezj0l5vHwhf168xJSvlX6N7SUnxTiJ5HDhoqQdwNAeWNoG+kDP5POuvL+7VLcNb
YoEFBO+MK6wl2PRRBi9o47bULel9CyCKl/fOL8HvN+dgk9Jw
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:42 2025 by rpki-client