Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
File: e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa (raw, json)
Hash identifier: wyOytVEcQlvcqj+KGVO0MQc/XcvtDPGFOpSpZAc4kMk=
Subject key identifier: FF:E8:B9:69:AA:2F:91:5E:8F:2A:02:2B:A7:12:F3:A3:74:64:AF:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 081C9E44B5A1609CBB61BD327D924E080815E602
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
Signing time: Tue 20 May 2025 20:40:06 +0000
ROA not before: Tue 20 May 2025 20:40:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:1c:9e:44:b5:a1:60:9c:bb:61:bd:32:7d:92:4e:08:08:15:e6:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:40:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=3f1af180275dacd77a6438e3710f8b3ba1627f1ea2366fc4ccf24d8a8d58e954, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e6:92:6f:c9:e7:e1:09:cf:f6:a3:e7:60:fb:
9f:63:5c:e9:c9:64:cf:74:68:89:30:7a:54:18:d2:
c8:10:91:67:bd:3f:b2:47:2a:75:4b:45:e8:f0:95:
69:0e:5d:b9:86:56:82:32:7f:ec:ac:38:55:97:68:
1b:c8:1b:fe:88:18:4d:5d:a5:9c:17:e7:c6:de:96:
13:1f:a2:cf:49:1f:28:29:b8:bb:55:96:b7:b1:42:
21:5d:b5:85:9f:7c:c4:03:d5:f7:1b:6a:82:29:db:
2a:9c:51:b7:7a:1a:86:49:08:3d:a7:78:99:b5:e5:
24:05:31:fb:b3:e7:75:2d:de:3e:a7:e4:c7:39:ef:
08:4e:6d:c9:fe:b6:de:7b:1f:49:19:4c:17:b6:2f:
56:3a:37:ef:9b:43:45:ab:e5:83:a5:13:5f:e9:f9:
8b:51:72:3f:a0:68:47:86:97:b7:8a:c4:d5:f7:33:
25:a7:8f:57:2c:19:8e:f2:81:bc:c2:ff:ba:91:b5:
06:90:6f:0c:10:e5:3e:63:45:88:72:9b:3a:bd:29:
ba:63:8a:88:21:47:f3:c7:e9:76:4d:ff:8d:cf:8c:
02:4d:51:fc:45:02:8d:55:8f:20:ab:c4:86:6f:c0:
14:03:e1:d4:b7:7d:86:e1:a0:d1:d6:06:a8:b3:5c:
b6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E8:B9:69:AA:2F:91:5E:8F:2A:02:2B:A7:12:F3:A3:74:64:AF:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/35
Signature Algorithm: sha256WithRSAEncryption
9f:a0:fc:8a:08:b6:39:08:b1:41:88:7b:f3:21:94:5e:b2:45:
11:27:81:1d:94:1b:c1:9d:a1:f6:51:3d:19:27:a3:23:d8:66:
57:87:e6:2e:10:8a:f7:57:ed:65:5b:52:f4:ac:27:84:08:03:
cd:f5:5d:d7:82:75:cf:97:e8:02:71:ad:13:14:06:1c:45:57:
2b:b7:22:57:a2:7f:3f:bf:82:b8:32:6e:a9:68:ad:db:b3:41:
1c:e3:99:f0:da:9d:ce:bc:f4:13:4e:d9:ff:04:6b:06:67:b6:
e1:86:ea:a0:f3:06:49:48:94:02:69:e2:2c:02:fc:bd:82:77:
34:50:bd:75:22:aa:36:29:6e:b7:a0:3c:64:fd:bb:c2:a2:61:
d7:f8:6b:41:65:dd:4b:5b:e3:76:9d:62:33:5f:c1:e7:85:7f:
c6:55:7c:a7:0e:c9:62:93:ae:63:0e:5e:72:e3:ac:da:6c:2c:
e7:b5:7e:7a:b2:5d:56:be:b6:1f:f6:88:3b:a4:3c:fe:1f:bd:
61:63:e1:f4:1f:a9:42:8c:00:b6:1a:1d:1f:2b:e1:6d:c5:74:
63:92:50:3c:17:b0:a5:bf:27:39:ce:d9:1b:06:60:b6:91:2d:
20:e3:31:36:6d:7a:22:8a:36:36:59:51:b0:a0:05:91:48:e3:
ff:7b:fc:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCByeRLWhYJy7Yb0yfZJOCAgV5gIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDQwMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMWFmMTgwMjc1ZGFjZDc3YTY0MzhlMzcxMGY4YjNiYTE2MjdmMWVhMjM2
NmZjNGNjZjI0ZDhhOGQ1OGU5NTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrmkm/J5+EJz/aj52D7n2Nc6clkz3RoiTB6VBjSyBCRZ70/skcqdUtF6PCV
aQ5duYZWgjJ/7Kw4VZdoG8gb/ogYTV2lnBfnxt6WEx+iz0kfKCm4u1WWt7FCIV21
hZ98xAPV9xtqginbKpxRt3oahkkIPad4mbXlJAUx+7PndS3ePqfkxznvCE5tyf62
3nsfSRlMF7YvVjo375tDRavlg6UTX+n5i1FyP6BoR4aXt4rE1fczJaePVywZjvKB
vML/upG1BpBvDBDlPmNFiHKbOr0pumOKiCFH88fpdk3/jc+MAk1R/EUCjVWPIKvE
hm/AFAPh1Ld9huGg0dYGqLNctgcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/6Llp
qi+RXo8qAiunEvOjdGSveDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTA1MDQ4YzAtNzc1MS00ZWM0LWI4OTEtYTM1ODNkYmRjOWZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCfoPyKCLY5CLFBiHvzIZReskURJ4EdlBvBnaH2
UT0ZJ6Mj2GZXh+YuEIr3V+1lW1L0rCeECAPN9V3XgnXPl+gCca0TFAYcRVcrtyJX
on8/v4K4Mm6paK3bs0Ec45nw2p3OvPQTTtn/BGsGZ7bhhuqg8wZJSJQCaeIsAvy9
gnc0UL11Iqo2KW63oDxk/bvComHX+GtBZd1LW+N2nWIzX8HnhX/GVXynDslik65j
Dl5y46zabCzntX56sl1WvrYf9og7pDz+H71hY+H0H6lCjAC2Gh0fK+FtxXRjklA8
F7Clvyc5ztkbBmC2kS0g4zE2bXoiijY2WVGwoAWRSOP/e/ww
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:22 2025 by rpki-client