Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
File: e2212154-4339-4293-b1a8-15f06519a708.roa (raw, json)
Hash identifier: 0HGeLxjSfetIPnl9PNxj0NK89eLcLYDi2wqo7W2I/R8=
Subject key identifier: EA:1B:EB:40:AA:3C:63:3B:81:DE:ED:02:E2:2F:41:68:6C:53:D5:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47E14BB12CECEF93678CD84ECCCA9E35AEA71F3A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
Signing time: Fri 23 May 2025 00:41:11 +0000
ROA not before: Fri 23 May 2025 00:41:11 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:e1:4b:b1:2c:ec:ef:93:67:8c:d8:4e:cc:ca:9e:35:ae:a7:1f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:11 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=576805ae3b7ede863850eebabd7615a78442916f861f5420a39bc55a395e5ce3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7a:e4:4c:66:dc:5a:1e:52:dc:85:22:2c:20:
3d:cc:9b:cc:f1:ec:dd:2f:dd:e3:a6:03:56:06:58:
8a:ec:88:2e:23:e6:56:f4:16:0e:d5:69:fa:c1:3f:
4e:cf:44:7f:ad:38:1c:84:96:c3:90:fa:1f:a1:8e:
09:8b:37:5a:49:e1:e1:a2:c4:22:e2:84:2f:a0:e8:
1e:73:77:67:b0:f2:3d:4b:7b:69:60:ca:1d:64:9b:
3c:4e:41:d3:c0:8a:19:3a:2c:81:03:db:8c:55:b4:
0d:a7:f3:00:8c:60:4d:99:1a:36:3f:bf:79:c6:80:
af:17:f4:08:a6:c2:52:51:e7:53:a8:e9:37:6e:ce:
81:4d:e5:e4:15:b0:8a:01:7b:c2:11:83:11:98:46:
dd:af:c2:56:19:12:2a:9e:84:e8:71:08:10:07:4a:
96:ba:64:f1:14:3d:02:c2:ac:9f:49:81:06:e4:6d:
b4:83:e4:17:02:ff:00:4c:ea:fd:cc:5f:b2:0e:c0:
b2:be:0c:65:d5:a6:0d:4e:31:60:2c:00:1c:93:c3:
24:f6:1f:25:d9:46:e1:92:8e:a2:bd:9b:65:4c:dc:
d3:7c:2b:b9:a3:7f:53:a9:31:5c:86:7e:86:4e:e9:
b2:9e:79:28:a6:3b:9e:0b:90:ad:5a:8c:ca:a4:7a:
e2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:1B:EB:40:AA:3C:63:3B:81:DE:ED:02:E2:2F:41:68:6C:53:D5:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
af:25:25:85:bc:8f:a0:c7:9c:bd:c4:32:0f:39:cb:e6:b3:14:
c2:66:33:33:a4:32:8b:9c:20:d5:a0:31:d8:8b:64:92:9d:5a:
86:b9:68:89:ea:c7:0a:c9:33:f3:18:31:82:1a:0a:3e:0c:e9:
2c:40:e9:d0:d5:16:0c:1d:34:1c:40:6c:4d:5f:d3:40:2d:4f:
33:95:d4:4f:67:cc:7c:93:32:03:d5:2d:c0:7b:49:86:98:e0:
53:51:84:eb:71:f4:8b:99:8e:87:ca:79:e7:df:fc:e9:b0:25:
33:30:00:43:02:4c:94:55:ff:92:37:bb:32:bd:20:d9:0f:da:
0f:a1:17:53:e5:5d:de:96:19:3c:24:d3:55:79:8a:ea:9f:05:
66:bc:0f:e9:88:3a:4d:bd:5c:ae:40:7e:0d:72:11:27:c2:60:
fe:d5:f9:43:4d:f4:46:d3:e2:77:e5:f1:88:25:56:b4:69:e0:
b7:09:dd:57:4a:8c:d6:86:0e:f2:22:25:39:20:46:e8:2c:b1:
51:ab:a4:e7:be:06:9b:30:9c:e1:6e:c9:62:85:11:27:eb:b9:
4b:0a:d0:66:09:fe:02:f2:85:e5:e6:57:c0:7a:a1:50:b7:e7:
84:1a:ce:d7:13:0d:59:7d:9b:1f:20:84:50:ec:9c:28:a4:c5:
90:32:06:18
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR+FLsSzs75NnjNhOzMqeNa6nHzowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMTFaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3NjgwNWFlM2I3ZWRlODYzODUwZWViYWJkNzYxNWE3ODQ0MjkxNmY4NjFm
NTQyMGEzOWJjNTVhMzk1ZTVjZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALd65Exm3FoeUtyFIiwgPcybzPHs3S/d46YDVgZYiuyILiPmVvQWDtVp+sE/
Ts9Ef604HISWw5D6H6GOCYs3Wknh4aLEIuKEL6DoHnN3Z7DyPUt7aWDKHWSbPE5B
08CKGTosgQPbjFW0DafzAIxgTZkaNj+/ecaArxf0CKbCUlHnU6jpN27OgU3l5BWw
igF7whGDEZhG3a/CVhkSKp6E6HEIEAdKlrpk8RQ9AsKsn0mBBuRttIPkFwL/AEzq
/cxfsg7Asr4MZdWmDU4xYCwAHJPDJPYfJdlG4ZKOor2bZUzc03wruaN/U6kxXIZ+
hk7psp55KKY7nguQrVqMyqR64vsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqG+tA
qjxjO4He7QLiL0FobFPVjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIyMTIxNTQtNDMzOS00MjkzLWIxYTgtMTVmMDY1MTlhNzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g
MA0GCSqGSIb3DQEBCwUAA4IBAQCvJSWFvI+gx5y9xDIPOcvmsxTCZjMzpDKLnCDV
oDHYi2SSnVqGuWiJ6scKyTPzGDGCGgo+DOksQOnQ1RYMHTQcQGxNX9NALU8zldRP
Z8x8kzID1S3Ae0mGmOBTUYTrcfSLmY6Hynnn3/zpsCUzMABDAkyUVf+SN7syvSDZ
D9oPoRdT5V3elhk8JNNVeYrqnwVmvA/piDpNvVyuQH4NchEnwmD+1flDTfRG0+J3
5fGIJVa0aeC3Cd1XSozWhg7yIiU5IEboLLFRq6TnvgabMJzhbslihREn67lLCtBm
Cf4C8oXl5lfAeqFQt+eEGs7XEw1ZfZsfIIRQ7JwopMWQMgYY
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:36 2025 by rpki-client