Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
File: decd4459-2e9b-442e-a3bd-6633fdd0250b.roa (raw, json)
Hash identifier: kcHkivWynvpX3fiV53YOKR6eP3F2/OWXt7t2TZaHNSg=
Subject key identifier: 4F:04:2B:C5:31:EA:C7:A9:BE:84:7F:6B:92:54:A8:DB:E5:3C:9B:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6941ABCD626C6147AA65FB009891E899F7AFB630
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
Signing time: Tue 20 May 2025 18:40:19 +0000
ROA not before: Tue 20 May 2025 18:40:19 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:41:ab:cd:62:6c:61:47:aa:65:fb:00:98:91:e8:99:f7:af:b6:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:19 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c41252c52e536ee8ad102b9c6780bb37bd026e335c4ed15537b8ac0b875d8bb1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bd:24:e3:cb:77:a1:ec:70:f9:f4:5b:9b:39:
f2:8f:15:a3:da:23:20:98:a3:c6:93:de:2c:cd:0a:
eb:fd:0c:11:62:6d:90:eb:80:c8:19:1a:82:25:fd:
10:1e:3f:ec:36:60:e5:b7:6b:06:72:0c:f1:45:ba:
7a:6d:31:b0:66:aa:16:85:a3:59:38:26:90:c3:58:
6e:ee:95:39:4a:90:3e:2f:10:31:19:d8:67:1e:13:
35:dc:25:97:6d:61:6a:d3:39:9a:bf:bf:da:f9:0a:
70:87:74:fa:9e:a0:fe:35:89:2d:c5:ea:95:81:eb:
10:cc:87:a2:bb:23:91:8a:d1:b0:50:eb:9b:3b:47:
6b:cc:c1:94:d6:db:36:c3:fa:3f:d8:92:62:b2:dd:
bb:63:d8:eb:30:6f:51:ff:36:df:3c:28:e9:96:92:
ae:d6:df:29:16:bc:29:c6:c4:2f:8a:4f:af:4e:97:
6c:ff:59:11:98:6d:e5:d0:ea:2f:19:10:d1:36:84:
b1:fc:ee:64:24:84:a1:fe:67:ea:b8:8c:c3:c8:e0:
81:a1:c4:23:ba:60:b7:e7:07:94:13:99:88:c3:06:
09:cf:f3:2b:8a:de:d5:ca:29:d8:b9:d2:e6:5a:30:
4c:bb:5c:59:57:13:9e:dd:fa:dc:ab:0e:94:86:1d:
38:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:04:2B:C5:31:EA:C7:A9:BE:84:7F:6B:92:54:A8:DB:E5:3C:9B:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:c3:6d:69:9d:c9:64:06:0b:44:52:f9:73:9d:c4:c3:59:bb:
6f:69:1d:ab:3b:e8:70:f8:a5:8b:36:d5:56:8b:8f:c1:3b:43:
f1:ec:c5:e0:2b:2f:42:be:33:2d:e1:d6:b5:a0:5c:3f:12:1c:
30:e8:d5:95:b5:30:11:81:24:c5:47:47:3d:1c:25:5d:18:ba:
a0:62:0a:5b:5c:e4:31:e7:1f:99:1c:cd:99:cd:f9:c9:aa:f4:
0b:0a:2c:2b:dd:34:38:44:fa:c4:fe:a7:a9:93:53:8a:a8:91:
95:86:11:28:2e:46:fb:97:cf:05:98:32:f2:52:b0:d0:18:20:
0c:46:54:34:0c:33:d7:89:37:b8:70:cd:77:21:b2:a0:c5:d4:
6c:f0:cd:48:f3:34:27:96:87:14:22:15:76:51:c3:78:ab:96:
ba:25:5e:a6:dc:13:dc:17:69:b1:08:11:18:c7:e1:e5:23:4c:
ca:eb:c8:a9:28:f4:c9:82:2d:d9:86:8f:87:f9:3a:72:ce:f4:
38:20:80:d4:38:9b:d0:e9:f8:56:b5:ad:13:e3:fd:82:cb:26:
6a:45:6d:e5:c8:95:8f:4e:aa:6f:ec:13:09:19:aa:21:88:71:
f0:0b:cc:8f:58:36:4d:c9:ef:a5:4b:df:6c:73:78:fe:d1:a3:
fa:9c:7c:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaUGrzWJsYUeqZfsAmJHomfevtjAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwMTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0MTI1MmM1MmU1MzZlZThhZDEwMmI5YzY3ODBiYjM3YmQwMjZlMzM1YzRl
ZDE1NTM3YjhhYzBiODc1ZDhiYjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKS9JOPLd6HscPn0W5s58o8Vo9ojIJijxpPeLM0K6/0MEWJtkOuAyBkagiX9
EB4/7DZg5bdrBnIM8UW6em0xsGaqFoWjWTgmkMNYbu6VOUqQPi8QMRnYZx4TNdwl
l21hatM5mr+/2vkKcId0+p6g/jWJLcXqlYHrEMyHorsjkYrRsFDrmztHa8zBlNbb
NsP6P9iSYrLdu2PY6zBvUf823zwo6ZaSrtbfKRa8KcbEL4pPr06XbP9ZEZht5dDq
LxkQ0TaEsfzuZCSEof5n6riMw8jggaHEI7pgt+cHlBOZiMMGCc/zK4re1cop2LnS
5lowTLtcWVcTnt363KsOlIYdOIcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRPBCvF
MerHqb6Ef2uSVKjb5Tyb+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjZDQ0NTktMmU5Yi00NDJlLWEzYmQtNjYzM2ZkZDAyNTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKg
MA0GCSqGSIb3DQEBCwUAA4IBAQBrw21pnclkBgtEUvlzncTDWbtvaR2rO+hw+KWL
NtVWi4/BO0Px7MXgKy9CvjMt4da1oFw/Ehww6NWVtTARgSTFR0c9HCVdGLqgYgpb
XOQx5x+ZHM2ZzfnJqvQLCiwr3TQ4RPrE/qepk1OKqJGVhhEoLkb7l88FmDLyUrDQ
GCAMRlQ0DDPXiTe4cM13IbKgxdRs8M1I8zQnlocUIhV2UcN4q5a6JV6m3BPcF2mx
CBEYx+HlI0zK68ipKPTJgi3Zho+H+TpyzvQ4IIDUOJvQ6fhWta0T4/2CyyZqRW3l
yJWPTqpv7BMJGaohiHHwC8yPWDZNye+lS99sc3j+0aP6nHx1
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:16 2025 by rpki-client