Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json)
Hash identifier: cLjT7k9GJncbC5lNGf0SSch8O00sdkK1L/WdzcGYzKc=
Subject key identifier: 89:2C:6F:5F:29:95:9E:58:1F:CB:D5:2D:EA:79:40:74:E2:94:75:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A7CD9EC7FC9171442A2CB4397F5582B9E526122
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
Signing time: Tue 20 May 2025 20:00:25 +0000
ROA not before: Tue 20 May 2025 20:00:25 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:7c:d9:ec:7f:c9:17:14:42:a2:cb:43:97:f5:58:2b:9e:52:61:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:00:25 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=57e6defb4fc896e2ce98290884e74279befb1a7be85d61839b2b2ffb29e618fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6e:ea:5a:7c:c8:96:d5:f4:91:9a:45:c7:fc:
fa:04:e8:83:b9:b6:1f:e6:b6:51:25:62:64:aa:83:
8a:41:1a:99:a4:87:3b:22:f9:54:88:84:43:8c:44:
86:0d:d2:00:f0:63:e6:a6:e4:ac:14:eb:b4:54:6e:
34:dc:30:69:51:03:76:48:ec:f5:03:66:81:ef:c5:
c2:6f:54:97:33:5c:5d:ff:46:dd:55:65:7e:fe:cb:
05:40:68:4d:04:ce:7b:15:b7:08:0b:4f:75:b9:b3:
bd:4e:47:d0:39:89:00:9e:7a:54:b9:e2:87:3b:bf:
1a:d4:4c:b0:25:ef:f9:64:34:d0:24:9b:2c:fe:d4:
a4:2a:6c:7e:dc:45:b8:91:ac:4f:7f:36:bf:c8:69:
bf:7e:1c:41:48:79:e1:15:17:7e:f5:7e:5e:a4:0e:
d6:86:d9:0c:d1:f8:df:71:d9:fa:2c:9c:92:c9:39:
74:9d:a0:36:2a:1f:bc:4d:89:b7:66:f9:68:b7:e1:
87:ec:3c:c4:3b:ca:1a:3d:21:91:fc:ec:9b:ea:6b:
1f:44:e5:89:0c:ea:7f:f0:85:81:d2:64:c2:ae:59:
d6:f9:91:b2:c9:24:c6:92:ea:8b:f7:10:0f:80:ab:
10:92:65:ca:29:69:42:d3:b0:05:a0:7d:0c:ed:eb:
be:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2C:6F:5F:29:95:9E:58:1F:CB:D5:2D:EA:79:40:74:E2:94:75:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
41:9e:16:aa:fc:b4:62:e7:e7:77:40:7c:46:9e:c9:7c:32:b5:
42:ab:78:c9:ce:41:9f:aa:b5:ae:73:cb:4a:9c:4a:a8:fe:8b:
2f:69:6e:33:62:b5:ce:30:0d:fa:6e:0c:77:ee:22:79:bf:78:
a9:1d:ae:5c:62:9b:c7:41:a7:3b:e9:ec:4f:6b:e8:83:be:2a:
66:1a:13:3d:c1:21:ab:f6:49:60:61:d2:68:ab:b5:0f:fe:ab:
63:88:45:96:03:8e:a7:c4:3c:95:20:df:df:f6:c2:dd:cf:22:
df:3e:89:6c:d1:81:dc:d8:32:94:7f:79:e3:fb:7a:11:56:fe:
31:e6:b4:e8:87:1b:3a:5b:53:1b:83:12:b9:ae:03:2f:13:0b:
9e:ce:47:0d:d8:9f:0b:a0:c8:43:b3:f7:9f:43:d4:4f:88:0c:
bc:3c:8d:03:40:dc:fe:73:44:96:e2:06:47:40:53:c8:b9:64:
89:ee:03:a9:69:a7:3e:05:7c:ac:82:d1:2c:b4:1a:eb:62:aa:
ba:df:10:fe:4f:79:f2:65:95:43:cb:8b:44:35:12:53:6c:50:
8d:61:50:6c:e1:cc:f6:d3:36:30:1a:44:69:0d:f5:57:fd:b7:
6f:4e:8a:78:87:9a:04:87:0e:be:7e:2c:c6:ec:51:7e:9c:a7:
bd:c0:6c:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWnzZ7H/JFxRCostDl/VYK55SYSIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAwMjVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3ZTZkZWZiNGZjODk2ZTJjZTk4MjkwODg0ZTc0Mjc5YmVmYjFhN2JlODVk
NjE4MzliMmIyZmZiMjllNjE4ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhu6lp8yJbV9JGaRcf8+gTog7m2H+a2USViZKqDikEamaSHOyL5VIiEQ4xE
hg3SAPBj5qbkrBTrtFRuNNwwaVEDdkjs9QNmge/Fwm9UlzNcXf9G3VVlfv7LBUBo
TQTOexW3CAtPdbmzvU5H0DmJAJ56VLnihzu/GtRMsCXv+WQ00CSbLP7UpCpsftxF
uJGsT382v8hpv34cQUh54RUXfvV+XqQO1obZDNH433HZ+iycksk5dJ2gNiofvE2J
t2b5aLfhh+w8xDvKGj0hkfzsm+prH0TliQzqf/CFgdJkwq5Z1vmRsskkxpLqi/cQ
D4CrEJJlyilpQtOwBaB9DO3rvjECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJLG9f
KZWeWB/L1S3qeUB04pR1pzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g
MA0GCSqGSIb3DQEBCwUAA4IBAQBBnhaq/LRi5+d3QHxGnsl8MrVCq3jJzkGfqrWu
c8tKnEqo/osvaW4zYrXOMA36bgx37iJ5v3ipHa5cYpvHQac76exPa+iDvipmGhM9
wSGr9klgYdJoq7UP/qtjiEWWA46nxDyVIN/f9sLdzyLfPols0YHc2DKUf3nj+3oR
Vv4x5rTohxs6W1MbgxK5rgMvEwuezkcN2J8LoMhDs/efQ9RPiAy8PI0DQNz+c0SW
4gZHQFPIuWSJ7gOpaac+BXysgtEstBrrYqq63xD+T3nyZZVDy4tENRJTbFCNYVBs
4cz20zYwGkRpDfVX/bdvTop4h5oEhw6+fizG7FF+nKe9wGzw
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:43 2025 by rpki-client