Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
File: d62aaac2-f54a-4bc2-8155-22367e855165.roa (raw, json)
Hash identifier: 1SSuZSrzFJISQW5usGzLuSZgpym6x+44DhDKADSFZMo=
Subject key identifier: F8:27:DD:42:CE:D9:24:0B:E8:89:93:F0:3D:69:F2:62:21:32:1D:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5453DE22E6BD92FE729773F07B06E763671525EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
Signing time: Tue 20 May 2025 20:11:38 +0000
ROA not before: Tue 20 May 2025 20:11:38 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:53:de:22:e6:bd:92:fe:72:97:73:f0:7b:06:e7:63:67:15:25:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:38 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=77a8970e2132d8f80ead4347dc22ec358830b181229c571bd2ea87df5cedc079, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:49:e6:f5:25:5b:e0:a1:a9:3e:1d:64:d2:b0:
51:62:93:f1:17:22:8b:5d:4c:54:8a:a3:87:6c:2f:
b1:1a:02:3c:ca:88:08:b7:c9:bd:4f:a7:64:c4:72:
01:21:93:1c:4b:5c:33:86:aa:7f:63:10:98:b3:85:
96:a6:d0:61:ea:2b:cf:f3:0c:2d:f3:0d:0e:14:2d:
35:92:5f:88:bd:b3:23:d4:db:a2:67:99:81:58:b9:
35:1c:48:32:25:6c:67:9a:d7:b0:5d:3b:8c:98:27:
84:36:4e:13:bf:d7:0b:4e:1d:92:5f:bb:95:7f:02:
92:0e:18:34:93:de:6c:1c:07:72:64:df:14:54:75:
78:b7:c3:ce:f1:9c:19:0a:fc:77:62:47:35:b5:f9:
bb:7a:e2:0d:45:c7:2f:21:37:ce:90:07:2a:5c:3b:
75:fc:92:f6:fc:c7:0d:ac:01:5d:19:62:e6:93:61:
55:71:ef:c5:ac:67:32:98:ec:3f:2a:73:d8:d1:d9:
25:f4:2a:eb:ae:01:67:96:96:2c:83:18:cd:d0:80:
89:4d:e6:af:46:8e:bf:fb:4b:2d:39:01:36:a3:24:
d8:99:12:b6:aa:30:65:1e:ce:d0:65:1c:b8:66:50:
3b:19:41:55:00:80:bb:a5:8b:f8:89:d7:54:58:6c:
1b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:27:DD:42:CE:D9:24:0B:E8:89:93:F0:3D:69:F2:62:21:32:1D:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:b000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:ef:0a:38:2b:68:ef:b4:09:02:12:d8:14:6c:5a:9a:bf:61:
70:e7:f1:49:04:9f:a5:e6:84:ad:ce:fd:96:b5:21:56:a5:c0:
fd:5b:fd:e3:c0:31:ea:ee:0d:49:77:2f:53:86:12:44:52:d9:
20:22:fc:6d:2e:42:c8:b3:d7:21:39:cb:fd:48:91:94:68:73:
ab:f1:3f:c4:f0:5b:43:e2:a7:d4:80:16:f6:d6:d1:c9:56:cd:
39:a5:76:8d:72:63:14:2e:d2:41:03:5c:f3:ad:ec:85:04:dc:
4b:86:2b:dc:3e:0f:37:6d:9c:9d:8b:29:7f:57:82:9c:33:94:
fe:8a:2c:d9:83:ff:d9:3e:df:90:47:44:dd:7e:44:7f:3c:a6:
5a:8d:7c:a8:70:8d:02:ac:f7:ad:d9:c4:7b:ef:07:de:a4:e7:
67:ff:0a:e9:00:71:16:4a:00:95:d9:41:2f:e7:fe:7f:fa:1d:
37:05:32:f9:38:16:5a:8e:d1:4d:1d:3a:72:19:e6:c1:b5:11:
9e:7d:10:89:10:51:59:dc:5b:86:f1:ed:f1:f5:ed:c7:14:39:
26:dd:2d:2b:3d:54:b4:15:50:c0:bd:dd:a5:20:dd:1d:50:27:
b7:3c:89:94:24:8e:d5:2b:d7:c9:14:f6:7b:5e:64:40:fc:1e:
f4:de:be:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVFPeIua9kv5yl3PwewbnY2cVJeowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMzhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3YTg5NzBlMjEzMmQ4ZjgwZWFkNDM0N2RjMjJlYzM1ODgzMGIxODEyMjlj
NTcxYmQyZWE4N2RmNWNlZGMwNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1J5vUlW+ChqT4dZNKwUWKT8Rcii11MVIqjh2wvsRoCPMqICLfJvU+nZMRy
ASGTHEtcM4aqf2MQmLOFlqbQYeorz/MMLfMNDhQtNZJfiL2zI9TbomeZgVi5NRxI
MiVsZ5rXsF07jJgnhDZOE7/XC04dkl+7lX8Ckg4YNJPebBwHcmTfFFR1eLfDzvGc
GQr8d2JHNbX5u3riDUXHLyE3zpAHKlw7dfyS9vzHDawBXRli5pNhVXHvxaxnMpjs
Pypz2NHZJfQq664BZ5aWLIMYzdCAiU3mr0aOv/tLLTkBNqMk2JkStqowZR7O0GUc
uGZQOxlBVQCAu6WL+InXVFhsGxECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4J91C
ztkkC+iJk/A9afJiITIdtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDYyYWFhYzItZjU0YS00YmMyLTgxNTUtMjIzNjdlODU1MTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKw
MA0GCSqGSIb3DQEBCwUAA4IBAQB77wo4K2jvtAkCEtgUbFqav2Fw5/FJBJ+l5oSt
zv2WtSFWpcD9W/3jwDHq7g1Jdy9ThhJEUtkgIvxtLkLIs9chOcv9SJGUaHOr8T/E
8FtD4qfUgBb21tHJVs05pXaNcmMULtJBA1zzreyFBNxLhivcPg83bZydiyl/V4Kc
M5T+iizZg//ZPt+QR0TdfkR/PKZajXyocI0CrPet2cR77wfepOdn/wrpAHEWSgCV
2UEv5/5/+h03BTL5OBZajtFNHTpyGebBtRGefRCJEFFZ3FuG8e3x9e3HFDkm3S0r
PVS0FVDAvd2lIN0dUCe3PImUJI7VK9fJFPZ7XmRA/B703r4H
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:26 2025 by rpki-client