Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
File: da8369e9-0146-44b6-865e-0064a4d1ed72.roa (raw, json)
Hash identifier: GONN08yjpFHyzLkT7e+cM6AqJ+rmM7P4rKCx9yUngNc=
Subject key identifier: 39:F1:53:93:10:D4:59:76:B1:28:7A:E4:AC:B2:36:B9:A6:90:D3:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7106E23EEEA39CDD445C4C57F2E6F8B758D63691
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
Signing time: Tue 20 May 2025 19:00:07 +0000
ROA not before: Tue 20 May 2025 19:00:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:06:e2:3e:ee:a3:9c:dd:44:5c:4c:57:f2:e6:f8:b7:58:d6:36:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c1c455a22fe97e3f3b3242fd69e963a8ff4be536069c7fb31e9ee2c955e446ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5c:2a:93:1c:56:66:a1:7a:04:1b:77:15:ca:
99:1d:c3:c6:37:83:4a:0e:fe:61:8a:27:20:aa:af:
fe:38:bb:a7:8b:52:5a:5a:62:d0:07:d6:70:ce:fc:
5a:72:0f:b6:c3:30:3f:1f:45:be:f3:16:b9:34:ff:
92:cb:ba:ef:f4:5d:ac:b4:9a:5f:97:29:a1:b8:02:
d4:10:d3:e3:4b:89:4f:24:b8:c1:35:88:8c:15:55:
28:41:d4:77:50:15:db:85:dc:2a:d6:64:a0:bb:d1:
f6:5d:df:90:72:56:b1:42:44:a1:20:c5:58:2f:7c:
6c:b0:5a:f9:63:36:c7:53:0b:14:5f:dd:85:81:cc:
8d:c7:46:b5:cf:18:57:43:dd:4c:ef:8d:16:91:3c:
9f:d9:23:60:c7:97:53:65:93:2d:61:cf:ae:d4:c3:
35:2b:dd:14:af:a0:9b:f3:eb:7c:bf:44:0c:7a:ba:
2b:f1:bd:c8:b9:5a:9c:e1:0d:8c:3e:ec:a8:24:42:
67:22:2f:1a:e9:61:4e:fe:ce:1b:75:e1:92:13:5b:
10:85:97:66:8a:0f:31:6d:de:01:d4:46:fe:d2:c7:
17:c6:be:08:c0:e3:9c:c3:d2:28:73:ac:24:11:96:
a3:15:ac:38:2c:c1:32:6e:9e:c5:b5:15:81:0c:e6:
ba:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F1:53:93:10:D4:59:76:B1:28:7A:E4:AC:B2:36:B9:A6:90:D3:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6000::/40
Signature Algorithm: sha256WithRSAEncryption
32:22:0d:06:83:c2:40:b4:e3:49:8d:cd:70:7b:a6:3e:4b:32:
45:ef:b0:d8:b0:47:62:7c:e8:fd:48:39:fb:e6:78:77:90:23:
97:b9:6b:c5:1b:d0:e7:8a:0c:43:db:24:60:c8:40:dd:15:14:
23:b3:f4:50:fb:e0:a5:7a:63:95:60:2f:78:04:ef:f0:4b:81:
55:07:e8:4b:5a:74:e5:9b:b7:a1:43:f7:ea:3e:48:9e:3e:8e:
df:3e:2d:14:c1:a3:eb:92:e7:53:76:e2:da:53:37:9e:f0:5e:
75:1d:41:3e:c1:74:6d:1f:73:10:aa:e7:65:a3:af:16:dc:2a:
17:42:98:97:b9:b4:58:4b:11:4e:87:b5:0d:df:32:77:63:db:
b1:38:7e:f5:b0:c6:4d:86:0c:e2:39:19:dd:5a:f6:e2:3e:07:
f6:1b:98:5d:45:92:fa:a6:d9:38:c4:59:67:69:5d:cf:d5:44:
00:f1:95:9c:aa:a4:f1:b7:4a:db:c3:73:e1:ec:f1:3f:ed:78:
e9:64:a2:59:b7:b0:6e:fb:60:13:40:bb:40:b0:87:71:62:0c:
1a:43:65:7f:a4:27:e2:ae:36:7c:78:a9:0e:ec:87:7e:00:a2:
a3:e9:61:2d:5f:cf:de:b0:b1:81:cc:cb:f9:eb:ad:3e:08:1e:
72:50:64:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcQbiPu6jnN1EXExX8ub4t1jWNpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxYzQ1NWEyMmZlOTdlM2YzYjMyNDJmZDY5ZTk2M2E4ZmY0YmU1MzYwNjlj
N2ZiMzFlOWVlMmM5NTVlNDQ2YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBcKpMcVmahegQbdxXKmR3DxjeDSg7+YYonIKqv/ji7p4tSWlpi0AfWcM78
WnIPtsMwPx9FvvMWuTT/ksu67/RdrLSaX5cpobgC1BDT40uJTyS4wTWIjBVVKEHU
d1AV24XcKtZkoLvR9l3fkHJWsUJEoSDFWC98bLBa+WM2x1MLFF/dhYHMjcdGtc8Y
V0PdTO+NFpE8n9kjYMeXU2WTLWHPrtTDNSvdFK+gm/PrfL9EDHq6K/G9yLlanOEN
jD7sqCRCZyIvGulhTv7OG3XhkhNbEIWXZooPMW3eAdRG/tLHF8a+CMDjnMPSKHOs
JBGWoxWsOCzBMm6exbUVgQzmug8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ58VOT
ENRZdrEoeuSssja5ppDTgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE4MzY5ZTktMDE0Ni00NGI2LTg2NWUtMDA2NGE0ZDFlZDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg
MA0GCSqGSIb3DQEBCwUAA4IBAQAyIg0Gg8JAtONJjc1we6Y+SzJF77DYsEdifOj9
SDn75nh3kCOXuWvFG9DnigxD2yRgyEDdFRQjs/RQ++ClemOVYC94BO/wS4FVB+hL
WnTlm7ehQ/fqPkiePo7fPi0UwaPrkudTduLaUzee8F51HUE+wXRtH3MQqudlo68W
3CoXQpiXubRYSxFOh7UN3zJ3Y9uxOH71sMZNhgziORndWvbiPgf2G5hdRZL6ptk4
xFlnaV3P1UQA8ZWcqqTxt0rbw3Ph7PE/7XjpZKJZt7Bu+2ATQLtAsIdxYgwaQ2V/
pCfirjZ8eKkO7Id+AKKj6WEtX8/esLGBzMv5660+CB5yUGQ/
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:05 2025 by rpki-client