Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
File: cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa (raw, json)
Hash identifier: Gl5KYilyTASr41Ot0jBJfcI/+nIaFvWfH25jrZympfM=
Subject key identifier: 42:15:58:A9:69:A7:D8:BC:42:4A:A4:F8:B1:27:8E:21:FC:AF:B0:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 321886D8137C4F52B7D19488FB1164BCFFC202CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
Signing time: Mon 09 Jun 2025 19:20:11 +0000
ROA not before: Mon 09 Jun 2025 19:20:11 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:18:86:d8:13:7c:4f:52:b7:d1:94:88:fb:11:64:bc:ff:c2:02:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:11 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=215c974efd0df44bec642ddb57475b8e41915d8cf8c21c37b03556360ba095e6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1a:07:16:87:07:19:40:24:ac:58:d5:b8:7b:
08:30:e6:42:49:b9:2c:c1:56:19:a4:f9:16:6f:8a:
af:39:e4:4e:b0:e2:cc:b2:fe:16:30:9c:8c:f8:9d:
95:19:8a:f1:a8:d2:65:83:fa:08:ab:85:6a:fe:2a:
61:6c:ed:ad:4d:d2:4c:de:fe:82:2a:31:09:65:8e:
d9:12:71:bd:b1:40:57:fb:88:19:a3:4c:a9:e7:c2:
22:51:63:87:ec:5c:75:6f:37:93:08:69:3d:1c:aa:
9a:50:cf:6b:30:bf:18:dc:9a:27:f8:99:6b:96:ab:
8c:ed:be:b5:7a:6b:7e:3b:53:c4:e4:c8:d5:5a:35:
54:db:f5:7e:aa:ce:91:76:cd:3d:77:89:32:7c:22:
ee:a9:92:bf:39:b4:4e:e2:df:7e:3c:68:2b:54:dd:
db:bf:dc:24:22:ef:a4:85:90:64:e1:60:c6:f3:40:
84:b8:23:9a:f9:1f:28:b0:e4:68:b0:30:38:37:25:
9c:0d:df:af:3f:8b:31:61:ad:1f:fb:20:60:70:99:
9f:24:1d:c7:b2:2c:d9:6d:5f:b5:fb:65:f6:b6:44:
eb:a4:17:83:19:23:ec:84:d2:55:e2:fa:79:28:a2:
4e:26:3b:b4:eb:cc:15:a7:ef:3f:6c:c7:15:ed:58:
7e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:15:58:A9:69:A7:D8:BC:42:4A:A4:F8:B1:27:8E:21:FC:AF:B0:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/48
Signature Algorithm: sha256WithRSAEncryption
5e:bc:53:83:ff:1c:82:24:3b:58:67:7f:cf:0f:01:f8:c7:8c:
cb:36:49:96:c6:1e:24:18:76:91:e3:9b:6d:a2:05:8c:4f:b0:
88:64:ff:9d:07:ce:06:76:42:fa:ea:2f:a8:21:02:f0:ea:17:
43:e5:7e:ec:0f:7e:b8:a6:d9:04:f4:01:00:4c:dc:51:a1:ff:
bc:8d:54:0c:b9:58:26:f0:be:6a:e2:44:0b:45:41:e1:f8:d2:
2a:7e:90:30:3a:9c:c6:bd:8f:fb:01:d5:c3:68:6f:0d:94:12:
16:e1:1a:6c:a2:29:ec:eb:4a:ec:9e:01:72:bb:e8:1d:e9:08:
d9:70:84:45:e4:3f:b2:f1:be:f0:01:59:b9:2f:85:72:05:03:
72:6d:30:6b:c7:01:12:f3:2a:4f:f0:6e:43:3f:a4:8e:b0:d0:
08:d7:1d:1b:8b:b8:83:48:4e:37:4f:65:b9:d9:e5:b1:17:4a:
e2:cd:02:6c:8b:31:45:fd:fb:23:3f:4b:ea:78:87:06:90:18:
23:73:e6:c0:0e:fc:8f:8b:27:25:ef:8d:01:6f:82:d5:95:a2:
a3:39:86:65:b9:20:bb:a7:24:47:aa:91:0f:ac:e3:28:b8:85:
3c:b4:25:fa:b8:a9:f9:98:53:a4:57:8e:3b:4f:a6:9f:e2:84:
2c:0d:15:d1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMhiG2BN8T1K30ZSI+xFkvP/CAs4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMTFaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxNWM5NzRlZmQwZGY0NGJlYzY0MmRkYjU3NDc1YjhlNDE5MTVkOGNmOGMy
MWMzN2IwMzU1NjM2MGJhMDk1ZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4aBxaHBxlAJKxY1bh7CDDmQkm5LMFWGaT5Fm+KrznkTrDizLL+FjCcjPid
lRmK8ajSZYP6CKuFav4qYWztrU3STN7+gioxCWWO2RJxvbFAV/uIGaNMqefCIlFj
h+xcdW83kwhpPRyqmlDPazC/GNyaJ/iZa5arjO2+tXprfjtTxOTI1Vo1VNv1fqrO
kXbNPXeJMnwi7qmSvzm0TuLffjxoK1Td27/cJCLvpIWQZOFgxvNAhLgjmvkfKLDk
aLAwODclnA3frz+LMWGtH/sgYHCZnyQdx7Is2W1ftftl9rZE66QXgxkj7ITSVeL6
eSiiTiY7tOvMFafvP2zHFe1Yfi0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRCFVip
aafYvEJKpPixJ44h/K+w9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y3OGI3MTQtY2U2Yy00YTlkLWE3MmUtZDMwYTM0NzBmMDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAXrxTg/8cgiQ7WGd/zw8B+MeMyzZJlsYeJBh2
keObbaIFjE+wiGT/nQfOBnZC+uovqCEC8OoXQ+V+7A9+uKbZBPQBAEzcUaH/vI1U
DLlYJvC+auJEC0VB4fjSKn6QMDqcxr2P+wHVw2hvDZQSFuEabKIp7OtK7J4Bcrvo
HekI2XCEReQ/svG+8AFZuS+FcgUDcm0wa8cBEvMqT/BuQz+kjrDQCNcdG4u4g0hO
N09ludnlsRdK4s0CbIsxRf37Iz9L6niHBpAYI3PmwA78j4snJe+NAW+C1ZWiozmG
Zbkgu6ckR6qRD6zjKLiFPLQl+rip+ZhTpFeOO0+mn+KELA0V0Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:30 2025 by rpki-client