Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
File: dd7459b4-43ce-4e19-8904-9681781506ff.roa (raw, json)
Hash identifier: OGfW2tXqLwzw9LnMLSl70aj3NYyG9hULRPLBucpnU4U=
Subject key identifier: 79:85:B3:A6:D0:F2:F4:AF:59:EB:DB:98:C4:F0:15:BA:E1:9F:98:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73F6C723A5F2FBD9F7BFB154C07F03178900B605
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
Signing time: Tue 20 May 2025 19:40:16 +0000
ROA not before: Tue 20 May 2025 19:40:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:f6:c7:23:a5:f2:fb:d9:f7:bf:b1:54:c0:7f:03:17:89:00:b6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d132f1673bea946d566b482cfd85368814bc4d0c120b190b87725d5dc69882ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b9:6b:12:b9:29:47:79:26:e5:48:ad:ba:8b:
a0:5e:58:d0:8a:ac:9c:96:8a:65:fa:47:6e:69:f7:
e1:3c:a0:95:50:37:46:de:7a:f8:1b:22:7b:ee:26:
53:85:40:6d:6c:d7:f9:e1:5d:67:67:27:17:c3:2b:
bb:c8:f3:db:eb:a4:2c:e0:e6:e8:7e:7f:e5:40:5e:
a9:ad:8b:08:16:c6:4b:19:d5:29:32:a7:43:c7:f6:
f2:ff:0d:dd:cb:23:18:13:ce:6a:3e:93:68:c5:7a:
5a:78:ee:4e:bf:d1:37:5a:1a:f0:5b:52:65:f0:2c:
84:b9:3b:10:c9:e4:a2:78:4a:66:67:78:73:3a:da:
33:4e:5f:9e:06:e0:37:b8:bf:20:65:e3:9a:d6:be:
67:3d:5e:c4:3f:ed:f8:3b:10:56:8f:b9:84:00:98:
79:91:64:36:e3:b2:f4:e6:f5:14:65:9b:18:37:f0:
79:9b:5d:96:15:7f:32:cc:cb:0f:d3:1d:44:2b:ee:
72:03:88:06:73:ee:30:7c:cb:c1:fb:e8:35:86:0a:
16:8b:0c:46:e3:57:09:e5:d4:a0:7b:e1:e8:dd:4e:
47:ab:20:85:3e:cc:07:b7:7b:c7:af:47:ce:a3:db:
35:7f:92:f3:d0:b5:89:34:3f:63:70:be:99:c0:56:
49:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:85:B3:A6:D0:F2:F4:AF:59:EB:DB:98:C4:F0:15:BA:E1:9F:98:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5000::/40
Signature Algorithm: sha256WithRSAEncryption
35:0b:ee:0c:72:a6:83:91:72:6f:cd:1f:17:db:e0:d1:e6:29:
e3:7a:68:0e:4a:43:a3:a1:04:3c:b0:da:25:4f:e8:eb:43:f4:
77:95:bc:0a:80:8b:8a:cd:3e:75:5f:d2:b3:f4:b5:9a:ec:52:
2e:8f:69:bf:41:ef:c1:e7:2e:c9:7d:09:2b:cb:8e:a6:3b:da:
07:e8:d5:df:3b:22:3c:f3:0f:95:9f:26:91:7f:3f:87:53:27:
52:ac:f2:5b:1e:ee:2e:f8:27:0a:3a:17:24:82:9c:10:d5:e2:
a8:05:b6:13:4f:97:fd:4b:d4:b7:c5:6b:1b:b3:8f:71:5b:a4:
df:b9:ab:f9:49:88:80:a1:4c:b2:7d:fe:4a:44:7a:ed:8f:ec:
b4:5c:11:a8:76:83:88:d5:0c:1c:a7:de:72:1b:10:dc:7e:89:
d4:be:51:62:fe:cc:50:a7:73:9a:0a:16:c6:fe:a1:67:25:24:
86:d7:44:ee:eb:54:14:e1:9f:f4:ca:13:72:ee:1b:55:8f:da:
11:08:b4:9b:af:27:5b:4a:27:43:57:ca:64:75:ad:a3:96:0b:
83:b1:dd:bd:d8:31:e9:0d:7c:a2:18:94:8e:42:a7:e7:a9:37:
40:7f:43:1d:c6:47:79:96:f4:43:8e:bf:3a:78:18:14:cb:f9:
07:b0:17:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc/bHI6Xy+9n3v7FUwH8DF4kAtgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxMzJmMTY3M2JlYTk0NmQ1NjZiNDgyY2ZkODUzNjg4MTRiYzRkMGMxMjBi
MTkwYjg3NzI1ZDVkYzY5ODgyZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI25axK5KUd5JuVIrbqLoF5Y0IqsnJaKZfpHbmn34TyglVA3Rt56+Bsie+4m
U4VAbWzX+eFdZ2cnF8Mru8jz2+ukLODm6H5/5UBeqa2LCBbGSxnVKTKnQ8f28v8N
3csjGBPOaj6TaMV6WnjuTr/RN1oa8FtSZfAshLk7EMnkonhKZmd4czraM05fngbg
N7i/IGXjmta+Zz1exD/t+DsQVo+5hACYeZFkNuOy9Ob1FGWbGDfweZtdlhV/MszL
D9MdRCvucgOIBnPuMHzLwfvoNYYKFosMRuNXCeXUoHvh6N1OR6sghT7MB7d7x69H
zqPbNX+S89C1iTQ/Y3C+mcBWSf8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5hbOm
0PL0r1nr25jE8BW64Z+Y1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3NDU5YjQtNDNjZS00ZTE5LTg5MDQtOTY4MTc4MTUwNmZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA1C+4McqaDkXJvzR8X2+DR5injemgOSkOjoQQ8
sNolT+jrQ/R3lbwKgIuKzT51X9Kz9LWa7FIuj2m/Qe/B5y7JfQkry46mO9oH6NXf
OyI88w+VnyaRfz+HUydSrPJbHu4u+CcKOhckgpwQ1eKoBbYTT5f9S9S3xWsbs49x
W6Tfuav5SYiAoUyyff5KRHrtj+y0XBGodoOI1Qwcp95yGxDcfonUvlFi/sxQp3Oa
ChbG/qFnJSSG10Tu61QU4Z/0yhNy7htVj9oRCLSbrydbSidDV8pkda2jlguDsd29
2DHpDXyiGJSOQqfnqTdAf0Mdxkd5lvRDjr86eBgUy/kHsBdG
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:29 2025 by rpki-client