Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de6578a7-816f-468a-acf9-83781a3b3769.roa
File: de6578a7-816f-468a-acf9-83781a3b3769.roa (raw, json)
Hash identifier: pZLfN2oQOsR3/FXhOYdUt74Z3MckqFhiGZ3WTqUBhoo=
Subject key identifier: 0C:65:BD:5F:3A:83:15:B9:BC:9A:AC:6C:E2:52:64:82:08:95:4C:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B38C57A1DA4A63DCA84C39264337A64919AA23A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de6578a7-816f-468a-acf9-83781a3b3769.roa
Signing time: Tue 20 May 2025 19:10:39 +0000
ROA not before: Tue 20 May 2025 19:10:39 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:38:c5:7a:1d:a4:a6:3d:ca:84:c3:92:64:33:7a:64:91:9a:a2:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:39 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d2ec89200b86e84f7089da98eece443a5885b37e9b4078b572342b030a733919, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:92:24:ad:f0:1d:38:d9:02:f5:5d:e5:3f:de:
67:62:8c:a6:48:60:62:19:c6:4c:ab:67:cc:77:4e:
c2:37:85:4f:01:6c:46:41:ed:eb:dc:77:20:ab:b6:
e5:98:b2:6e:db:eb:d7:f9:b9:cf:c9:63:21:09:80:
ea:d9:e1:35:a5:20:5e:ae:ba:b6:ae:94:20:1a:24:
b9:05:b9:3f:fd:6d:87:dc:e0:09:fe:6c:da:8d:8e:
06:8b:63:1e:42:ac:e9:02:67:c4:da:13:2a:dd:81:
a3:15:d7:97:c0:26:13:e4:88:d1:29:4a:44:84:33:
98:22:18:1b:03:05:4a:59:de:e5:96:f5:bd:3e:b8:
d0:2d:ea:75:45:07:2a:0f:86:15:bd:d9:9b:a3:b0:
72:e5:39:9c:d3:a4:7a:42:40:6c:cb:a3:21:01:f5:
ff:61:db:df:08:e1:fd:38:9e:9b:db:77:62:6d:ad:
15:d8:cb:ad:bd:66:37:7b:b3:e0:b9:d0:ce:68:ae:
f6:82:3e:04:13:77:f4:81:a9:86:b7:61:7f:1e:7c:
c8:d8:4b:76:48:0f:86:d8:d8:76:d5:5e:7c:68:c5:
32:c9:c5:1d:04:36:b7:76:66:81:9e:f1:7e:e9:ba:
ba:91:04:76:4a:7f:a7:6c:c8:c4:83:73:0a:f4:b6:
54:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:65:BD:5F:3A:83:15:B9:BC:9A:AC:6C:E2:52:64:82:08:95:4C:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de6578a7-816f-468a-acf9-83781a3b3769.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8000::/40
Signature Algorithm: sha256WithRSAEncryption
44:7c:ec:99:4a:6b:58:c8:0d:89:2f:91:28:52:7f:7f:03:88:
9c:33:00:6f:e0:00:11:70:e4:46:61:c6:b7:19:30:ac:5f:18:
69:a7:91:2b:a1:ad:5e:6f:33:9e:c2:24:02:14:42:3d:29:29:
3e:51:72:6a:eb:1a:20:7e:3d:83:98:61:ee:2d:1f:a4:9f:e4:
30:06:ad:2e:2a:a4:ba:c8:1c:1c:6e:02:8e:ec:ca:75:79:ca:
7c:73:57:b3:8b:f6:0f:4a:76:10:b7:c1:5f:ad:f9:e5:51:31:
24:45:8b:11:3a:ad:57:78:47:fa:4c:01:10:b4:78:74:5f:c7:
21:de:b8:4b:dd:a8:af:30:d0:c9:a7:09:42:10:e5:8b:67:84:
7f:8a:3f:f0:34:27:19:47:df:3e:d7:28:84:d0:c4:89:32:f5:
d9:58:4e:aa:ae:7c:87:21:1d:23:af:b7:90:97:b6:92:03:00:
b8:28:a4:23:77:7a:01:c1:fe:43:de:11:ea:2b:39:4d:05:f3:
d8:3c:c3:70:21:fc:4f:8f:e6:85:62:d6:d8:52:6a:64:aa:a3:
96:5d:5e:62:e7:20:be:0e:b4:06:42:a4:e7:f2:02:4e:04:f3:
88:11:2a:c5:1a:c1:93:fd:26:27:51:35:91:3c:35:78:d7:60:
c9:68:64:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGzjFeh2kpj3KhMOSZDN6ZJGaojowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMzlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyZWM4OTIwMGI4NmU4NGY3MDg5ZGE5OGVlY2U0NDNhNTg4NWIzN2U5YjQw
NzhiNTcyMzQyYjAzMGE3MzM5MTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPaSJK3wHTjZAvVd5T/eZ2KMpkhgYhnGTKtnzHdOwjeFTwFsRkHt69x3IKu2
5Ziybtvr1/m5z8ljIQmA6tnhNaUgXq66tq6UIBokuQW5P/1th9zgCf5s2o2OBotj
HkKs6QJnxNoTKt2BoxXXl8AmE+SI0SlKRIQzmCIYGwMFSlne5Zb1vT640C3qdUUH
Kg+GFb3Zm6OwcuU5nNOkekJAbMujIQH1/2Hb3wjh/Tiem9t3Ym2tFdjLrb1mN3uz
4LnQzmiu9oI+BBN39IGphrdhfx58yNhLdkgPhtjYdtVefGjFMsnFHQQ2t3ZmgZ7x
fum6upEEdkp/p2zIxINzCvS2VKkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQMZb1f
OoMVubyarGziUmSCCJVM0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGU2NTc4YTctODE2Zi00NjhhLWFjZjktODM3ODFhM2IzNzY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBEfOyZSmtYyA2JL5EoUn9/A4icMwBv4AARcORG
Yca3GTCsXxhpp5Eroa1ebzOewiQCFEI9KSk+UXJq6xogfj2DmGHuLR+kn+QwBq0u
KqS6yBwcbgKO7Mp1ecp8c1ezi/YPSnYQt8FfrfnlUTEkRYsROq1XeEf6TAEQtHh0
X8ch3rhL3aivMNDJpwlCEOWLZ4R/ij/wNCcZR98+1yiE0MSJMvXZWE6qrnyHIR0j
r7eQl7aSAwC4KKQjd3oBwf5D3hHqKzlNBfPYPMNwIfxPj+aFYtbYUmpkqqOWXV5i
5yC+DrQGQqTn8gJOBPOIESrFGsGT/SYnUTWRPDV412DJaGRW
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:27 2025 by rpki-client