Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
File: ddbb8798-3423-4d98-a384-58621b010556.roa (raw, json)
Hash identifier: liT3kBwEIzmBolPmx6m7/zc2fR/MBvAlT60nt1AEo2g=
Subject key identifier: 1C:DB:21:EA:76:93:83:FF:8F:34:EB:C7:82:4B:D7:9C:2B:CF:C9:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13B9616800628827D91AF5F436BA137BA78512BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
Signing time: Tue 20 May 2025 20:30:56 +0000
ROA not before: Tue 20 May 2025 20:30:56 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:b9:61:68:00:62:88:27:d9:1a:f5:f4:36:ba:13:7b:a7:85:12:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:56 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f1c5234aedc290a1611bb69ea9d31828f94aafdf0d05a786c098431a9eadf1e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1f:ad:80:b9:01:2e:2b:dc:a3:b1:5f:8b:39:
e0:2b:25:a5:44:c7:1c:44:69:cc:87:8e:25:a4:8d:
f4:1a:d7:2e:52:54:90:63:7a:ae:bb:ba:d7:ba:51:
4b:d2:49:fa:e4:60:24:a4:1a:f1:0a:53:6a:ca:74:
4f:b3:f5:7f:71:bc:c8:1a:45:d4:58:9a:04:49:50:
8b:b0:c2:46:30:c5:4d:77:f9:d7:d3:4b:fa:62:da:
63:76:33:5c:13:81:e7:2a:3f:bc:a1:85:b2:5e:98:
30:71:49:10:52:f4:dc:80:55:35:c1:ce:7b:db:b6:
99:90:b2:97:5a:5d:eb:e1:d4:1e:47:30:4f:a6:81:
82:8f:ec:7a:19:4d:d1:d5:ee:41:98:b8:bd:8c:94:
1c:b0:4c:7f:96:a0:ac:06:f7:72:5b:cd:a3:09:dc:
8a:26:29:9d:d2:10:f8:50:ac:12:3c:ee:80:6f:d4:
86:6a:67:5f:f7:95:e3:07:32:1a:35:30:a8:e1:e8:
a4:6b:dc:c0:a1:0d:49:13:22:09:b5:05:6b:1f:79:
94:b7:ae:0a:86:f8:19:45:8f:f2:1a:21:d6:1d:74:
fd:67:3a:50:0e:64:59:59:10:9d:97:a1:43:90:ec:
73:54:48:8f:1a:84:a2:9b:82:c2:5d:91:ac:87:74:
9a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DB:21:EA:76:93:83:FF:8F:34:EB:C7:82:4B:D7:9C:2B:CF:C9:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:c00::/38
Signature Algorithm: sha256WithRSAEncryption
40:40:9c:ab:7d:e3:0a:61:6f:9c:4d:81:24:f9:0a:4a:33:fc:
58:82:ff:60:2d:cb:b5:ef:51:77:f3:2a:ca:dd:94:02:70:64:
19:20:28:3e:a6:40:a0:5b:d5:c2:2f:50:f7:7d:81:87:63:79:
b8:84:ca:fc:d8:49:f3:64:a3:4a:0f:33:3d:71:b9:83:39:c5:
f8:db:83:40:0b:ef:46:e6:77:d7:9f:01:14:7a:7b:ed:b1:cf:
d0:a3:20:fe:70:49:6f:e4:e5:73:77:b0:e0:df:f8:fe:ea:ec:
c1:03:dc:8b:0e:b1:6a:af:3a:f5:28:31:c7:c6:cc:88:15:ce:
72:f8:ae:12:48:fc:6f:13:4d:a1:c7:56:78:94:01:8a:43:a3:
ab:71:4a:68:aa:97:c6:9f:11:e8:9d:a4:3d:4b:12:ed:e1:c0:
eb:63:9e:20:78:77:f0:c4:94:a3:11:20:f5:46:35:24:54:18:
dd:01:18:e2:e8:fd:38:85:bd:7f:2e:eb:d0:53:09:38:6c:a4:
74:be:69:b7:91:12:6b:ec:46:9b:20:a5:da:c2:77:7a:f6:44:
5f:fc:09:c5:7a:3f:d0:1b:3e:c3:fa:54:d4:05:73:57:90:d3:
f4:f4:24:1f:93:94:fe:46:b5:fe:c6:fa:84:23:32:3e:b4:ef:
b3:c8:2a:e9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE7lhaABiiCfZGvX0NroTe6eFErswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwNTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxYzUyMzRhZWRjMjkwYTE2MTFiYjY5ZWE5ZDMxODI4Zjk0YWFmZGYwZDA1
YTc4NmMwOTg0MzFhOWVhZGYxZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8frYC5AS4r3KOxX4s54CslpUTHHERpzIeOJaSN9BrXLlJUkGN6rru617pR
S9JJ+uRgJKQa8QpTasp0T7P1f3G8yBpF1FiaBElQi7DCRjDFTXf519NL+mLaY3Yz
XBOB5yo/vKGFsl6YMHFJEFL03IBVNcHOe9u2mZCyl1pd6+HUHkcwT6aBgo/sehlN
0dXuQZi4vYyUHLBMf5agrAb3clvNownciiYpndIQ+FCsEjzugG/UhmpnX/eV4wcy
GjUwqOHopGvcwKENSRMiCbUFax95lLeuCob4GUWP8hoh1h10/Wc6UA5kWVkQnZeh
Q5Dsc1RIjxqEopuCwl2RrId0mjMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQc2yHq
dpOD/48068eCS9ecK8/JZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGRiYjg3OTgtMzQyMy00ZDk4LWEzODQtNTg2MjFiMDEwNTU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkM
MA0GCSqGSIb3DQEBCwUAA4IBAQBAQJyrfeMKYW+cTYEk+QpKM/xYgv9gLcu171F3
8yrK3ZQCcGQZICg+pkCgW9XCL1D3fYGHY3m4hMr82EnzZKNKDzM9cbmDOcX424NA
C+9G5nfXnwEUenvtsc/QoyD+cElv5OVzd7Dg3/j+6uzBA9yLDrFqrzr1KDHHxsyI
Fc5y+K4SSPxvE02hx1Z4lAGKQ6OrcUpoqpfGnxHonaQ9SxLt4cDrY54geHfwxJSj
ESD1RjUkVBjdARji6P04hb1/LuvQUwk4bKR0vmm3kRJr7EabIKXawnd69kRf/AnF
ej/QGz7D+lTUBXNXkNP09CQfk5T+RrX+xvqEIzI+tO+zyCrp
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:35 2025 by rpki-client