Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
File: d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa (raw, json)
Hash identifier: UKfZZw4EL/QnIQ4s0mrm0m6zeCmSpPcZiw60U7esO/Q=
Subject key identifier: A3:11:C5:60:FA:F0:54:5E:2A:D1:D3:E4:F7:5E:FE:F9:7A:8D:0F:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2603CA70B4E5C1A647967644C073CFF1E04BFB08
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
Signing time: Mon 26 May 2025 15:10:44 +0000
ROA not before: Mon 26 May 2025 15:10:44 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:03:ca:70:b4:e5:c1:a6:47:96:76:44:c0:73:cf:f1:e0:4b:fb:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 26 15:10:44 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=a07bcccfe858e62dd36cc2566e3d4b97ed8d7136f50044d60305e6d3675b118f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:80:f5:da:dc:9c:18:0c:e0:b3:a3:50:4b:c9:
2f:e1:ad:bf:80:44:12:77:b2:b3:2b:a7:1b:d5:4e:
a6:0f:9d:54:f4:cc:2a:6a:92:aa:b3:1a:9a:fb:8f:
f0:52:ec:e9:9f:2d:7f:b0:26:7d:31:3c:cb:70:84:
60:a2:e1:ad:46:a6:d1:b4:ab:0b:48:95:d9:01:72:
ff:2c:a1:1f:04:d8:ac:7f:0b:22:b7:19:be:89:cd:
59:4c:5a:cc:f0:63:88:75:fd:12:46:59:45:84:0e:
44:cf:7e:d0:7d:2f:4e:51:c2:da:47:aa:c8:5f:fa:
e0:db:98:69:c6:f6:91:c6:f1:27:19:1a:80:26:2c:
f2:e5:66:1d:34:13:a2:ef:0b:a9:ce:d1:b2:8b:e4:
b4:9e:0a:89:2b:a9:83:71:83:20:bc:ae:5a:b9:01:
16:c1:27:59:f8:86:43:ed:05:e6:03:68:3e:05:96:
59:14:75:7b:72:60:c5:e5:eb:c7:41:1b:d3:12:45:
61:c3:c9:27:7b:fc:83:33:da:be:23:5e:eb:28:51:
98:ad:2d:24:bb:87:e2:fc:b7:e2:a7:37:32:61:b3:
b9:be:71:05:60:f5:cf:27:61:63:52:64:fd:57:61:
24:d8:df:f5:8d:ff:6c:c1:52:23:0c:e0:74:27:62:
11:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:11:C5:60:FA:F0:54:5E:2A:D1:D3:E4:F7:5E:FE:F9:7A:8D:0F:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/37
Signature Algorithm: sha256WithRSAEncryption
ba:40:2f:82:9b:fd:ce:21:f7:6a:06:dd:67:c8:fe:2a:f0:4e:
0f:18:a6:57:c3:74:e5:7d:c4:7e:4b:b4:e1:75:bc:97:d2:99:
85:44:2c:cc:d3:66:80:53:94:d1:13:7b:a7:7a:53:5a:12:95:
67:69:15:04:63:23:57:29:f1:54:82:6d:bb:4e:ef:b0:2a:1c:
4f:46:87:bd:83:4e:32:31:0f:06:27:6d:c6:ef:e4:5a:63:1b:
56:b2:e6:2a:f9:a4:02:50:5e:6c:49:77:74:39:fd:74:d5:50:
a1:74:13:fb:a2:65:c8:13:fd:ad:ad:02:ea:2f:ec:b4:a4:1c:
2f:90:88:27:f2:4f:7d:4a:74:77:0d:e3:41:81:03:a0:d0:a2:
b1:e3:9d:65:45:ad:29:1c:8b:6b:2f:7b:68:92:08:2c:c3:1c:
11:61:0e:5d:63:34:2f:b6:1b:c8:45:3b:e3:36:ea:ad:d7:d2:
b9:5d:64:8a:dd:c7:4f:8b:4b:49:15:91:01:3e:65:c8:13:39:
34:33:05:23:0a:04:5d:0f:0f:9f:a0:7d:7a:2f:c7:38:b7:2c:
82:86:9b:2d:03:e4:2f:95:b2:bf:3d:82:f0:c4:d2:c1:ec:7f:
34:2a:d8:35:c5:8e:5b:01:af:e9:06:02:04:44:97:11:95:9b:
dc:06:7e:fb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJgPKcLTlwaZHlnZEwHPP8eBL+wgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjYxNTEwNDRaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwN2JjY2NmZTg1OGU2MmRkMzZjYzI1NjZlM2Q0Yjk3ZWQ4ZDcxMzZmNTAw
NDRkNjAzMDVlNmQzNjc1YjExOGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCA9drcnBgM4LOjUEvJL+Gtv4BEEneysyunG9VOpg+dVPTMKmqSqrMamvuP
8FLs6Z8tf7AmfTE8y3CEYKLhrUam0bSrC0iV2QFy/yyhHwTYrH8LIrcZvonNWUxa
zPBjiHX9EkZZRYQORM9+0H0vTlHC2keqyF/64NuYacb2kcbxJxkagCYs8uVmHTQT
ou8Lqc7RsovktJ4KiSupg3GDILyuWrkBFsEnWfiGQ+0F5gNoPgWWWRR1e3JgxeXr
x0Eb0xJFYcPJJ3v8gzPaviNe6yhRmK0tJLuH4vy34qc3MmGzub5xBWD1zydhY1Jk
/VdhJNjf9Y3/bMFSIwzgdCdiEX8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjEcVg
+vBUXirR0+T3Xv75eo0P1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJjZjQ3NmMtOWYzOS00ZWE4LWE2ZDUtNzlhODJjNGE0ZGZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQC6QC+Cm/3OIfdqBt1nyP4q8E4PGKZXw3TlfcR+
S7ThdbyX0pmFRCzM02aAU5TRE3unelNaEpVnaRUEYyNXKfFUgm27Tu+wKhxPRoe9
g04yMQ8GJ23G7+RaYxtWsuYq+aQCUF5sSXd0Of101VChdBP7omXIE/2trQLqL+y0
pBwvkIgn8k99SnR3DeNBgQOg0KKx451lRa0pHItrL3tokggswxwRYQ5dYzQvthvI
RTvjNuqt19K5XWSK3cdPi0tJFZEBPmXIEzk0MwUjCgRdDw+foH16L8c4tyyChpst
A+QvlbK/PYLwxNLB7H80Ktg1xY5bAa/pBgIERJcRlZvcBn77
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:32 2025 by rpki-client