Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
File: de12834a-9370-4c63-969f-bf8eef4cd73b.roa (raw, json)
Hash identifier: C5smw5uu/5f0ekLqBihI51Lm9Vxi6eH9nTYFIwZMVyo=
Subject key identifier: 56:4E:CD:73:C7:79:42:6A:64:F5:7D:57:70:9D:8F:A7:4B:11:F0:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FC85E255335BC6D8195B156865A6CA8A2373406
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
Signing time: Mon 09 Jun 2025 19:20:13 +0000
ROA not before: Mon 09 Jun 2025 19:20:13 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:c8:5e:25:53:35:bc:6d:81:95:b1:56:86:5a:6c:a8:a2:37:34:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:13 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=aa35a7f8e3864717f77b47855ae07efc012846b260940bad0d93febbfafd7b64, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:87:72:2d:be:4d:06:ae:13:a5:fe:4d:85:54:
62:37:fd:94:95:3a:a3:08:dc:c0:bb:e9:2c:32:6b:
69:5a:b0:75:29:34:bf:a5:a9:17:c1:78:ef:9d:b5:
74:fd:c5:6c:c0:ff:19:64:5e:5a:05:36:94:6e:bd:
a7:b4:18:f6:4e:15:d1:ac:03:7a:45:45:2b:ed:56:
41:5c:bd:de:e5:f2:3a:6b:6d:5a:74:31:be:76:50:
75:6c:75:69:bc:58:d2:ec:eb:11:6e:21:c6:16:01:
69:7c:c2:7f:3a:9b:12:ba:f2:cb:d1:e6:64:e5:9e:
dd:7d:9d:a8:af:74:bb:97:cf:a4:b2:e8:39:97:05:
cf:ef:de:7f:e8:3a:63:11:8f:5b:05:7c:a5:74:99:
44:1c:77:25:25:8e:a6:39:a4:82:32:aa:76:6c:c9:
97:d5:59:91:5c:86:69:f6:9c:59:67:06:8f:2c:e1:
14:ce:9e:e8:ed:2c:72:e3:a5:7b:31:53:95:2f:63:
68:68:1e:9c:d2:37:7b:20:6f:9a:d3:e7:ae:45:e8:
c0:03:42:1e:ec:18:7b:0e:f9:b2:79:c4:68:49:ee:
b8:2f:78:a9:17:cd:97:da:9a:40:a0:50:5d:c7:42:
ae:85:73:2d:59:ff:a3:fc:87:dd:02:91:53:39:a7:
5b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:4E:CD:73:C7:79:42:6A:64:F5:7D:57:70:9D:8F:A7:4B:11:F0:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4010::/48
Signature Algorithm: sha256WithRSAEncryption
7e:5e:8d:32:c5:2f:2f:8b:7c:37:4c:c1:8c:a6:48:49:09:3c:
2d:71:39:da:7a:41:47:8b:50:fc:90:ec:2a:1f:57:c8:8d:56:
65:1f:9f:22:f6:42:5a:3f:b2:99:2d:2d:53:58:89:f4:18:5f:
00:4c:a2:a5:db:e6:d7:74:14:2e:4b:1f:b8:33:c3:49:1b:a0:
be:ac:ee:dc:54:cc:07:ed:7c:d0:05:ca:41:00:2a:2a:2b:59:
2e:09:cb:53:45:47:d1:2d:38:e4:c5:8f:a6:5d:79:c0:81:bc:
6b:8a:77:17:77:a0:61:69:2f:82:01:5f:43:f8:ba:e3:82:da:
83:35:d1:4f:91:c0:2e:db:85:fc:41:3e:df:46:21:01:f0:e4:
45:bf:c7:f1:ae:b4:0b:3d:02:bf:3e:00:56:22:89:89:a6:92:
c2:3a:bf:b1:3c:25:e2:d3:61:38:4b:97:ec:8f:35:74:d5:a2:
69:c4:1a:d9:a0:6a:c7:ba:84:9c:34:85:d1:89:79:e2:88:eb:
08:44:a6:6b:34:6f:7f:57:60:9e:cc:69:4f:b8:64:6b:0a:9b:
8c:b2:53:17:d8:fa:09:64:6f:f0:a5:cf:99:3b:0e:46:9f:67:
9c:e3:23:9b:1d:20:18:87:72:e5:37:01:fb:1b:67:5b:4c:4f:
01:06:cd:b7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX8heJVM1vG2BlbFWhlpsqKI3NAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMTNaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMzVhN2Y4ZTM4NjQ3MTdmNzdiNDc4NTVhZTA3ZWZjMDEyODQ2YjI2MDk0
MGJhZDBkOTNmZWJiZmFmZDdiNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2Hci2+TQauE6X+TYVUYjf9lJU6owjcwLvpLDJraVqwdSk0v6WpF8F47521
dP3FbMD/GWReWgU2lG69p7QY9k4V0awDekVFK+1WQVy93uXyOmttWnQxvnZQdWx1
abxY0uzrEW4hxhYBaXzCfzqbErryy9HmZOWe3X2dqK90u5fPpLLoOZcFz+/ef+g6
YxGPWwV8pXSZRBx3JSWOpjmkgjKqdmzJl9VZkVyGafacWWcGjyzhFM6e6O0scuOl
ezFTlS9jaGgenNI3eyBvmtPnrkXowANCHuwYew75snnEaEnuuC94qRfNl9qaQKBQ
XcdCroVzLVn/o/yH3QKRUzmnW1ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRWTs1z
x3lCamT1fVdwnY+nSxHwDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGUxMjgzNGEtOTM3MC00YzYzLTk2OWYtYmY4ZWVmNGNkNzNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
EDANBgkqhkiG9w0BAQsFAAOCAQEAfl6NMsUvL4t8N0zBjKZISQk8LXE52npBR4tQ
/JDsKh9XyI1WZR+fIvZCWj+ymS0tU1iJ9BhfAEyipdvm13QULksfuDPDSRugvqzu
3FTMB+180AXKQQAqKitZLgnLU0VH0S045MWPpl15wIG8a4p3F3egYWkvggFfQ/i6
44LagzXRT5HALtuF/EE+30YhAfDkRb/H8a60Cz0Cvz4AViKJiaaSwjq/sTwl4tNh
OEuX7I81dNWiacQa2aBqx7qEnDSF0Yl54ojrCESmazRvf1dgnsxpT7hkawqbjLJT
F9j6CWRv8KXPmTsORp9nnOMjmx0gGIdy5TcB+xtnW0xPAQbNtw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:24 2025 by rpki-client