Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
File: d84b5798-b167-465e-8272-054986363200.roa (raw, json)
Hash identifier: lA+If67AGanyjykv/QGHWKSsAPfaslDmfOtVpD5VJf4=
Subject key identifier: E1:62:ED:D7:F4:41:87:7D:E1:AE:55:85:54:A0:0B:FE:7D:C5:77:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B17C7F9917D9080F6ECDF94F6701B3D34EC6C6E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
Signing time: Tue 20 May 2025 19:10:23 +0000
ROA not before: Tue 20 May 2025 19:10:23 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:17:c7:f9:91:7d:90:80:f6:ec:df:94:f6:70:1b:3d:34:ec:6c:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:23 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ec0e86fbb749e948d3eaa9f9283acafbc8071b0cf844e3c03963a74d5775c1d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:20:4c:8d:b8:70:8a:02:23:e4:2f:b0:d0:be:
5e:e6:5d:2f:1b:8d:cb:6d:7e:49:ec:80:87:e4:d5:
9d:8f:e7:28:88:12:bb:8e:f1:2c:f7:de:34:3c:67:
27:06:c2:d4:03:ce:d0:c6:04:20:71:e2:49:b9:3a:
8a:69:03:d5:e5:3d:66:ff:4c:b6:e6:0f:9a:ed:1b:
06:07:1b:1f:a5:5e:09:d1:db:72:2b:ad:c8:6d:7d:
87:d5:67:8c:cf:47:a5:f2:95:72:fd:0b:97:94:98:
60:a2:5a:11:b6:b0:cb:62:44:b3:1d:c5:a1:85:41:
3d:5c:4e:64:be:ce:c5:6b:95:2b:77:37:7b:39:77:
58:6f:80:7c:6e:ac:2c:53:3f:cd:81:d3:18:17:26:
1d:df:c3:e5:da:aa:2d:05:f8:29:32:e5:3f:0c:65:
58:5a:11:87:95:20:ac:fe:b5:13:2d:18:4a:31:58:
97:14:8e:3c:73:ae:72:b4:82:d1:94:fc:7c:f0:49:
70:cd:5f:cc:fc:1d:d8:56:6c:5f:11:01:9d:56:69:
4f:92:62:71:cb:89:4b:84:29:44:34:81:63:7c:08:
34:bb:42:a6:00:06:68:33:cf:83:e8:58:ee:c1:6e:
41:4b:48:af:7d:58:6c:5e:c9:33:95:35:95:0f:e1:
b6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:62:ED:D7:F4:41:87:7D:E1:AE:55:85:54:A0:0B:FE:7D:C5:77:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
82:cb:9f:91:29:b1:b3:5c:44:2d:94:36:1c:03:cf:5f:a9:55:
ca:f4:62:b0:e8:a9:e3:f5:2a:d5:e6:ff:53:4c:8b:08:3b:b3:
e3:c3:ac:2a:d3:12:eb:86:3d:23:82:07:27:76:2c:04:0b:e4:
d6:dd:77:c2:13:8a:54:dd:5a:b2:fe:05:15:78:07:70:dc:ce:
91:3e:3b:bd:af:86:10:e6:ed:d0:40:29:89:52:c9:29:46:e5:
74:59:e2:a1:7e:ca:11:cd:3b:db:8f:23:76:30:e7:58:fb:d5:
98:97:76:90:df:b3:43:a1:7f:84:88:2e:dd:7f:e1:79:c6:29:
ac:a9:6d:96:1b:d8:41:d0:80:93:75:20:9d:39:39:72:bf:63:
4e:79:b4:e4:16:a6:86:bc:84:6d:60:a9:c3:04:cd:8a:ba:a1:
12:75:e6:7b:96:8f:c4:bf:4c:c6:57:55:42:4e:ea:2c:4e:da:
39:4b:9e:a2:ce:14:70:5f:5e:44:40:b9:83:3f:80:7b:3c:5b:
6e:f2:73:61:6d:1f:39:0e:bb:0b:76:b2:7f:84:f0:aa:9f:df:
b8:42:b3:0a:fc:95:e2:52:2b:17:1b:a9:5c:6a:55:84:d1:c1:
33:03:89:be:c7:e6:87:f9:4c:00:95:ae:c7:98:62:f2:7f:bb:
db:47:93:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKxfH+ZF9kID27N+U9nAbPTTsbG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMjNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjMGU4NmZiYjc0OWU5NDhkM2VhYTlmOTI4M2FjYWZiYzgwNzFiMGNmODQ0
ZTNjMDM5NjNhNzRkNTc3NWMxZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0gTI24cIoCI+QvsNC+XuZdLxuNy21+SeyAh+TVnY/nKIgSu47xLPfeNDxn
JwbC1APO0MYEIHHiSbk6imkD1eU9Zv9MtuYPmu0bBgcbH6VeCdHbciutyG19h9Vn
jM9HpfKVcv0Ll5SYYKJaEbawy2JEsx3FoYVBPVxOZL7OxWuVK3c3ezl3WG+AfG6s
LFM/zYHTGBcmHd/D5dqqLQX4KTLlPwxlWFoRh5UgrP61Ey0YSjFYlxSOPHOucrSC
0ZT8fPBJcM1fzPwd2FZsXxEBnVZpT5JiccuJS4QpRDSBY3wINLtCpgAGaDPPg+hY
7sFuQUtIr31YbF7JM5U1lQ/httkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBThYu3X
9EGHfeGuVYVUoAv+fcV3qjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg0YjU3OTgtYjE2Ny00NjVlLTgyNzItMDU0OTg2MzYzMjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
wDANBgkqhkiG9w0BAQsFAAOCAQEAgsufkSmxs1xELZQ2HAPPX6lVyvRisOip4/Uq
1eb/U0yLCDuz48OsKtMS64Y9I4IHJ3YsBAvk1t13whOKVN1asv4FFXgHcNzOkT47
va+GEObt0EApiVLJKUbldFnioX7KEc07248jdjDnWPvVmJd2kN+zQ6F/hIgu3X/h
ecYprKltlhvYQdCAk3UgnTk5cr9jTnm05BamhryEbWCpwwTNirqhEnXme5aPxL9M
xldVQk7qLE7aOUueos4UcF9eREC5gz+AezxbbvJzYW0fOQ67C3ayf4Twqp/fuEKz
CvyV4lIrFxupXGpVhNHBMwOJvsfmh/lMAJWux5hi8n+720eTuQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:27 2025 by rpki-client