Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json)
Hash identifier: HafawJoQTkmNrdLFB6/fjQMzpPLOxa4oKnoeIYx0pk4=
Subject key identifier: C9:23:3B:E4:7F:08:A2:A5:35:66:39:81:C7:90:25:D4:45:8F:EB:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 066660CD95F66981FC5306F581DC0EDA2DF53E80
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
Signing time: Tue 20 May 2025 20:30:21 +0000
ROA not before: Tue 20 May 2025 20:30:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:66:60:cd:95:f6:69:81:fc:53:06:f5:81:dc:0e:da:2d:f5:3e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c1eafca4e820689f198e9cd689157a795aefb2e4f4d5fbd851f87f7c8557a247, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9d:6d:57:90:58:d5:f5:6d:ab:f9:eb:42:ce:
72:ea:32:46:87:25:f9:16:6f:a7:9a:ad:36:97:30:
05:9a:bb:3d:7c:26:65:b0:4a:46:4e:9f:6c:fa:83:
f6:70:ba:5f:86:71:e9:8c:0a:9e:d7:55:07:b5:10:
f2:c7:ef:3d:2f:3d:0e:8f:90:6c:76:16:f5:15:9d:
9c:80:3e:39:41:05:77:13:d6:29:1c:e7:d5:83:84:
00:89:48:3a:60:33:72:06:29:67:cf:b0:f8:7a:63:
11:52:57:da:0e:4d:c4:27:36:a7:85:15:3a:49:c7:
a3:b3:df:3c:c6:6c:6c:b3:4b:91:d3:d9:18:07:fc:
11:68:a1:71:82:ab:3b:73:fe:aa:7e:4a:ad:a7:eb:
a5:37:4e:f9:54:92:a8:1c:cb:99:0c:92:81:97:be:
60:d1:0e:d4:84:ea:b5:ce:7f:89:03:f4:15:7a:96:
8c:23:3f:dc:66:14:67:f7:4b:e4:17:0c:65:8a:4d:
9c:17:60:2d:7b:53:39:10:4e:7c:ce:bd:ad:66:96:
71:71:ff:8a:83:a8:42:42:f9:e7:ea:33:d8:f6:e1:
ef:e7:f7:0e:06:c9:a7:6e:8b:a8:63:8e:54:f8:df:
d4:04:15:0a:29:cc:d5:70:a9:93:8d:4f:78:8f:9f:
cd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:23:3B:E4:7F:08:A2:A5:35:66:39:81:C7:90:25:D4:45:8F:EB:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
42:33:ea:c9:51:19:5d:ac:9a:74:a8:0d:38:57:80:36:c0:32:
38:ff:06:ff:60:08:f0:96:1f:c1:67:0d:b9:cb:06:e7:fa:9f:
d5:73:44:13:33:5e:2c:60:85:ae:21:90:3b:38:e2:cc:9a:3d:
7f:1a:a2:f4:ef:d3:ed:4a:7f:d8:78:30:e2:e8:7c:28:f5:29:
61:a4:f3:8e:15:b6:08:b4:be:b8:58:9b:a3:ed:80:1d:1b:a2:
63:9a:77:a7:63:87:39:ca:6b:7c:0f:61:e5:56:6e:27:92:b8:
23:54:80:1d:ed:72:11:56:a9:7e:63:c0:49:ab:20:0d:56:5f:
df:d1:fb:3a:c8:51:1b:85:49:4c:cf:06:bf:6a:cd:4b:31:b0:
ae:2c:c6:90:da:05:f7:82:5c:d4:73:71:9c:1b:97:37:4f:80:
17:24:d0:62:5b:59:50:d4:c4:81:ed:5f:21:49:79:c3:3e:ac:
89:0a:2c:40:6c:e4:75:e8:e6:4b:ee:63:56:2c:b9:cd:33:34:
c1:af:48:7f:a7:75:a9:47:9f:7b:0e:0e:c1:88:72:d9:07:1a:
5f:30:25:d4:81:2a:db:aa:84:d1:db:a3:ff:bb:7e:c4:9e:84:
54:24:d3:36:5c:be:b7:86:1b:4b:b7:48:12:52:ed:b4:bc:db:
0e:1f:11:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBmZgzZX2aYH8Uwb1gdwO2i31PoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxZWFmY2E0ZTgyMDY4OWYxOThlOWNkNjg5MTU3YTc5NWFlZmIyZTRmNGQ1
ZmJkODUxZjg3ZjdjODU1N2EyNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWdbVeQWNX1bav560LOcuoyRocl+RZvp5qtNpcwBZq7PXwmZbBKRk6fbPqD
9nC6X4Zx6YwKntdVB7UQ8sfvPS89Do+QbHYW9RWdnIA+OUEFdxPWKRzn1YOEAIlI
OmAzcgYpZ8+w+HpjEVJX2g5NxCc2p4UVOknHo7PfPMZsbLNLkdPZGAf8EWihcYKr
O3P+qn5KrafrpTdO+VSSqBzLmQySgZe+YNEO1ITqtc5/iQP0FXqWjCM/3GYUZ/dL
5BcMZYpNnBdgLXtTORBOfM69rWaWcXH/ioOoQkL55+oz2Pbh7+f3DgbJp26LqGOO
VPjf1AQVCinM1XCpk41PeI+fzY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJIzvk
fwiipTVmOYHHkCXURY/rQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBCM+rJURldrJp0qA04V4A2wDI4/wb/YAjwlh/B
Zw25ywbn+p/Vc0QTM14sYIWuIZA7OOLMmj1/GqL079PtSn/YeDDi6Hwo9SlhpPOO
FbYItL64WJuj7YAdG6JjmnenY4c5ymt8D2HlVm4nkrgjVIAd7XIRVql+Y8BJqyAN
Vl/f0fs6yFEbhUlMzwa/as1LMbCuLMaQ2gX3glzUc3GcG5c3T4AXJNBiW1lQ1MSB
7V8hSXnDPqyJCixAbOR16OZL7mNWLLnNMzTBr0h/p3WpR597Dg7BiHLZBxpfMCXU
gSrbqoTR26P/u37EnoRUJNM2XL63hhtLt0gSUu20vNsOHxFh
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:22 2025 by rpki-client