Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
File: d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa (raw, json)
Hash identifier: bJEe0nxFxbDYcQ32MbmJShiU+4jbmzAO9RjWIGY5Q8Y=
Subject key identifier: C8:A7:51:C7:7E:E2:72:23:91:1D:DE:F2:D5:3A:9D:58:C4:86:CB:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6368D6D53454C5022B300E13554606B943941838
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
Signing time: Mon 26 May 2025 15:10:43 +0000
ROA not before: Mon 26 May 2025 15:10:43 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:68:d6:d5:34:54:c5:02:2b:30:0e:13:55:46:06:b9:43:94:18:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 26 15:10:43 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=3c95a351bc91c9bcd97359ffc41fe3adb0d0388d4650f0b4c45108fce318f554, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:17:9e:12:bd:b3:a2:01:88:0c:8e:57:f4:81:
bf:09:a1:5f:03:69:70:e2:83:08:30:ad:4a:54:30:
d4:6e:80:af:1c:02:24:b9:4c:10:73:0d:3b:a8:9b:
46:6a:a3:be:f1:3b:c3:cc:db:43:ba:2f:ab:4a:54:
cc:e9:47:e6:3b:91:51:1f:33:30:45:31:de:ef:68:
e0:54:c0:95:d5:2a:24:4f:c1:05:62:24:ec:ca:c5:
bf:0a:aa:53:89:b9:16:9e:cf:19:96:a2:ae:bd:11:
06:a1:31:00:df:8e:82:23:8b:77:92:02:d1:6d:48:
60:94:f8:3e:8c:58:e6:04:8f:37:94:14:49:3d:35:
29:3d:9e:11:07:f4:da:82:01:fe:56:f4:67:7f:48:
6b:6b:f4:07:99:cf:cf:ae:49:85:73:66:6e:f4:1d:
28:4b:66:e2:07:3a:47:32:a6:78:47:9f:4b:a9:f0:
d5:61:9b:1f:89:4a:bc:b9:59:56:b8:15:94:27:ef:
9d:5f:af:f3:a6:31:08:8a:26:05:72:f1:3c:78:09:
1d:50:dc:53:03:95:4c:aa:e1:23:a9:bc:d1:08:7e:
86:9e:4b:ae:2f:18:5c:ad:a5:62:be:2b:59:07:5f:
4e:d0:86:87:b3:e5:83:ae:ff:43:09:1f:fe:53:74:
c1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A7:51:C7:7E:E2:72:23:91:1D:DE:F2:D5:3A:9D:58:C4:86:CB:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f::/37
Signature Algorithm: sha256WithRSAEncryption
34:16:17:d9:42:f7:69:b3:fa:c3:62:a5:b1:63:dd:39:03:41:
b2:d4:5e:18:7c:27:79:b4:c5:35:64:ec:68:94:f3:2b:4b:3f:
cd:81:11:a6:e6:7f:64:49:7c:35:40:d7:f3:cb:7a:b6:4e:40:
bb:f7:dd:71:1c:16:68:74:90:e5:8d:27:17:a5:fa:7c:e0:6c:
db:29:b0:4f:cb:c2:3f:23:bb:1f:1d:a3:06:95:cc:7e:a4:50:
bd:90:ed:2d:2c:1e:52:3b:e9:e7:80:69:f7:65:8f:40:22:61:
18:6a:46:be:7c:8b:cf:d1:c1:5f:5e:6e:e0:dd:90:40:f2:43:
cd:d3:b3:04:8e:c3:18:f9:a0:85:de:a4:f2:9c:6d:d7:d4:1d:
d9:ee:ba:13:15:f9:88:ea:91:bd:80:de:f7:b6:3f:c9:39:a0:
cf:64:65:a2:06:10:70:d4:cb:8d:de:ea:10:20:78:27:a0:17:
65:4e:c7:a8:bf:39:46:25:d2:93:4a:27:fa:7f:53:c4:d6:e0:
1d:4c:b5:7a:3a:2c:5b:22:62:4f:ad:e3:ad:1d:eb:22:3b:06:
76:f4:5f:10:90:1c:cb:d3:c5:01:77:ef:de:2b:82:8d:38:9e:
ee:d9:9d:50:c2:0a:02:61:45:4b:67:d4:c3:51:f9:46:32:b6:
d9:50:ae:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY2jW1TRUxQIrMA4TVUYGuUOUGDgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjYxNTEwNDNaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjOTVhMzUxYmM5MWM5YmNkOTczNTlmZmM0MWZlM2FkYjBkMDM4OGQ0NjUw
ZjBiNGM0NTEwOGZjZTMxOGY1NTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOsXnhK9s6IBiAyOV/SBvwmhXwNpcOKDCDCtSlQw1G6ArxwCJLlMEHMNO6ib
RmqjvvE7w8zbQ7ovq0pUzOlH5juRUR8zMEUx3u9o4FTAldUqJE/BBWIk7MrFvwqq
U4m5Fp7PGZairr0RBqExAN+OgiOLd5IC0W1IYJT4PoxY5gSPN5QUST01KT2eEQf0
2oIB/lb0Z39Ia2v0B5nPz65JhXNmbvQdKEtm4gc6RzKmeEefS6nw1WGbH4lKvLlZ
VrgVlCfvnV+v86YxCIomBXLxPHgJHVDcUwOVTKrhI6m80Qh+hp5Lri8YXK2lYr4r
WQdfTtCGh7Plg67/Qwkf/lN0wecCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTIp1HH
fuJyI5Ed3vLVOp1YxIbL6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJlNWNkMTEtZTMzYi00MDgwLTkxZDUtZjU1MGYxZDdhMGI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8A
MA0GCSqGSIb3DQEBCwUAA4IBAQA0FhfZQvdps/rDYqWxY905A0Gy1F4YfCd5tMU1
ZOxolPMrSz/NgRGm5n9kSXw1QNfzy3q2TkC7991xHBZodJDljScXpfp84GzbKbBP
y8I/I7sfHaMGlcx+pFC9kO0tLB5SO+nngGn3ZY9AImEYaka+fIvP0cFfXm7g3ZBA
8kPN07MEjsMY+aCF3qTynG3X1B3Z7roTFfmI6pG9gN73tj/JOaDPZGWiBhBw1MuN
3uoQIHgnoBdlTseovzlGJdKTSif6f1PE1uAdTLV6OixbImJPreOtHesiOwZ29F8Q
kBzL08UBd+/eK4KNOJ7u2Z1QwgoCYUVLZ9TDUflGMrbZUK68
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:22 2025 by rpki-client