Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
File: cfca2455-b58e-43e0-a15f-276f8a5b527f.roa (raw, json)
Hash identifier: F6/Hw/eYFleNpU+ckVmP4pwd+RHwoVu4syBhhfTOVdU=
Subject key identifier: 89:A0:FC:39:7C:27:4F:1A:F9:13:0D:20:5E:F3:FB:39:2C:F1:9C:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F2769E2436DBA5081FDADECD889F5BE24FBA702
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
Signing time: Tue 20 May 2025 18:50:09 +0000
ROA not before: Tue 20 May 2025 18:50:09 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:27:69:e2:43:6d:ba:50:81:fd:ad:ec:d8:89:f5:be:24:fb:a7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:09 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b391176ec95329277ce642400189a02c58b85c68c3653cc254ba48ac4f88e4f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:fb:ed:99:51:1a:61:3b:be:45:29:13:27:84:
10:98:a2:68:37:fe:09:80:bc:ad:cb:61:88:fd:ac:
02:d4:71:e4:67:bb:b9:e6:49:45:17:05:cd:0a:ce:
0c:23:50:cd:3a:e9:75:13:66:f3:45:0d:91:5e:00:
8c:1d:3a:25:35:5d:e9:57:fa:b8:6e:07:9f:85:a5:
d8:55:11:76:28:72:93:8c:19:cd:2a:d1:6d:10:53:
75:e8:67:55:80:8d:8c:4a:8c:d9:e2:36:33:ad:10:
97:5f:a3:dd:d5:e4:aa:a5:51:cd:a5:3b:c2:c2:51:
07:af:43:38:71:42:1f:47:a0:a1:c7:1e:fe:81:00:
67:e7:f8:4c:b0:1f:60:c4:60:74:ed:65:70:7a:75:
b7:5b:81:5d:11:cb:94:55:62:03:48:42:81:d4:2f:
5f:b2:f0:f5:b8:f3:fb:55:32:3e:36:ec:b5:cc:bf:
e2:40:44:d7:8d:be:d9:4c:b5:30:88:c8:a4:5e:ab:
33:e3:6f:4f:f9:0e:55:43:c4:ce:e3:d1:a1:77:de:
a3:46:af:6b:51:41:07:13:49:d9:cf:d2:80:ae:a3:
21:40:09:20:d1:8e:96:d0:68:96:83:1d:3e:3d:51:
60:98:e2:37:00:4f:fc:85:b0:0d:88:8b:2d:bb:80:
61:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A0:FC:39:7C:27:4F:1A:F9:13:0D:20:5E:F3:FB:39:2C:F1:9C:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e040::/48
Signature Algorithm: sha256WithRSAEncryption
8b:e2:db:1b:f6:28:16:95:22:9c:a5:c4:c4:f0:8a:1b:7c:a4:
b9:58:99:d4:40:fb:09:86:97:4d:86:14:2d:a5:42:95:d1:0d:
88:b1:5b:f8:d4:f8:e9:2b:47:7b:cf:b4:0c:8e:1c:c1:22:ba:
8e:35:65:58:1e:91:97:95:44:43:89:dd:d3:eb:8e:16:49:d5:
13:f3:57:62:53:25:c9:5b:7f:d6:47:93:4f:09:9f:f5:47:3c:
45:ef:41:d4:ff:bb:92:2a:01:5a:a3:87:19:db:44:1c:ce:c8:
34:b5:b4:b4:83:8c:00:06:60:3f:c2:40:3e:e2:4f:23:9f:c1:
38:e7:ec:46:3c:55:44:71:87:39:7d:42:8a:4c:04:27:3f:bc:
70:98:c3:5a:51:aa:48:d0:e9:63:27:e1:2d:af:46:4f:b1:5e:
32:08:6e:86:25:8d:fc:0f:d5:40:3f:b6:1a:d0:ca:b2:b1:ea:
3d:c2:b0:d6:2c:dc:de:9f:90:dd:f4:00:51:14:e4:74:b2:40:
43:35:51:cc:32:07:99:ba:6d:aa:5a:e2:87:43:11:7b:89:e5:
6a:58:d6:d6:5c:59:8f:a7:3b:d0:61:19:36:c1:88:28:c1:7e:
4d:4a:73:a0:46:72:2d:09:50:9d:b1:04:95:e5:57:e6:55:86:
2d:de:ae:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULydp4kNtulCB/a3s2In1viT7pwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwMDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzOTExNzZlYzk1MzI5Mjc3Y2U2NDI0MDAxODlhMDJjNThiODVjNjhjMzY1
M2NjMjU0YmE0OGFjNGY4OGU0ZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANn77ZlRGmE7vkUpEyeEEJiiaDf+CYC8rcthiP2sAtRx5Ge7ueZJRRcFzQrO
DCNQzTrpdRNm80UNkV4AjB06JTVd6Vf6uG4Hn4Wl2FURdihyk4wZzSrRbRBTdehn
VYCNjEqM2eI2M60Ql1+j3dXkqqVRzaU7wsJRB69DOHFCH0egocce/oEAZ+f4TLAf
YMRgdO1lcHp1t1uBXRHLlFViA0hCgdQvX7Lw9bjz+1UyPjbstcy/4kBE142+2Uy1
MIjIpF6rM+NvT/kOVUPEzuPRoXfeo0ava1FBBxNJ2c/SgK6jIUAJINGOltBoloMd
Pj1RYJjiNwBP/IWwDYiLLbuAYb0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSJoPw5
fCdPGvkTDSBe8/s5LPGcrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZjYTI0NTUtYjU4ZS00M2UwLWExNWYtMjc2ZjhhNWI1MjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
QDANBgkqhkiG9w0BAQsFAAOCAQEAi+LbG/YoFpUinKXExPCKG3ykuViZ1ED7CYaX
TYYULaVCldENiLFb+NT46StHe8+0DI4cwSK6jjVlWB6Rl5VEQ4nd0+uOFknVE/NX
YlMlyVt/1keTTwmf9Uc8Re9B1P+7kioBWqOHGdtEHM7INLW0tIOMAAZgP8JAPuJP
I5/BOOfsRjxVRHGHOX1CikwEJz+8cJjDWlGqSNDpYyfhLa9GT7FeMghuhiWN/A/V
QD+2GtDKsrHqPcKw1izc3p+Q3fQAURTkdLJAQzVRzDIHmbptqlrih0MRe4nlaljW
1lxZj6c70GEZNsGIKMF+TUpzoEZyLQlQnbEEleVX5lWGLd6upA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:58 2025 by rpki-client