Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
File: e234d9fb-5639-4264-99c1-35b39c1e56b5.roa (raw, json)
Hash identifier: ytWpR6v8Nr0ZUMF1h6OYdTYzfsMvaQ3qx6XkXKvp5Q4=
Subject key identifier: 06:FB:56:86:88:01:7C:04:51:B0:24:FD:D2:41:A5:F9:94:3B:7F:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E90D863823F4061C25777E3B877A0F261F03FF2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
Signing time: Fri 23 May 2025 00:40:38 +0000
ROA not before: Fri 23 May 2025 00:40:38 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:90:d8:63:82:3f:40:61:c2:57:77:e3:b8:77:a0:f2:61:f0:3f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:38 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=905505b49049323c5d7a7fa3994ea1267664ce74064c1af0e4bb529eae87041f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f8:4d:c7:d3:4d:cd:59:4d:c1:b9:15:e3:1f:
5f:af:c9:36:6a:2b:c9:d1:93:6b:39:1c:ce:b0:35:
73:17:4e:7b:09:c0:bd:c5:e0:03:b6:93:f5:87:ce:
e9:42:45:45:80:93:5f:f1:fd:77:0b:af:86:4d:3b:
65:43:64:b2:92:59:88:fb:1e:32:21:b4:2c:44:00:
f6:55:ed:44:07:a1:de:a4:05:d7:37:fe:e0:87:2d:
3b:64:a2:60:51:0e:7d:77:e1:fa:e8:b7:4c:d7:2d:
c8:2d:4c:84:a5:66:12:03:4f:87:fa:a0:77:5b:43:
32:25:54:b5:ea:26:74:6a:eb:9e:fb:ce:8d:4f:21:
01:c5:75:9a:d9:8a:2c:41:23:e6:6e:2c:c9:3b:2e:
5f:0a:6f:7b:bf:4d:c3:ab:17:bf:02:59:0e:93:09:
c3:ad:8b:85:e2:45:76:49:1e:b5:09:cc:c8:df:08:
29:70:95:b8:9f:eb:79:40:3e:e7:a8:97:42:95:89:
2a:e6:ba:98:ef:03:6c:63:04:ba:54:4d:17:0c:41:
b9:38:e5:f9:dc:68:5f:8b:71:0f:b4:04:dd:26:ff:
65:3b:df:47:67:b0:d2:31:8e:89:2c:31:5d:df:4c:
61:0a:9b:8d:9a:2a:e7:45:75:0f:62:9f:6a:f0:74:
31:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FB:56:86:88:01:7C:04:51:B0:24:FD:D2:41:A5:F9:94:3B:7F:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:52:1a:9e:2c:89:63:ff:02:9c:e1:ea:31:59:e0:6b:83:af:
cb:02:ec:c9:ae:5f:7c:91:d6:eb:10:ae:bf:aa:3b:89:91:dd:
46:3c:4a:ae:f4:04:d9:6e:31:35:79:12:34:8f:1d:25:e7:6f:
b7:d6:ff:a5:19:b6:60:ad:33:8f:14:4b:3e:61:09:42:74:e1:
d3:20:2c:90:e1:f9:3b:30:76:37:85:9d:3c:f3:46:80:40:aa:
2e:b9:56:9f:50:d4:30:82:07:84:9d:bf:cb:c9:25:66:d0:41:
b0:83:ec:77:b3:ff:ba:89:90:cf:83:a0:ca:97:fc:5f:2c:fd:
26:9a:e0:da:35:65:4d:a9:fe:81:cd:e8:96:30:f6:8a:d4:18:
94:d3:99:ec:59:ff:e4:e9:f9:31:2a:45:f7:18:55:b4:9e:fe:
fa:e9:50:51:3a:2d:f8:b5:6f:4f:72:16:d7:fe:9d:17:95:81:
57:53:98:1a:df:51:86:20:06:2e:82:e8:9a:61:0f:3f:e3:b5:
e3:b8:a7:a9:1e:47:f4:55:2d:98:b7:53:ed:9b:8f:39:ad:df:
98:6a:39:67:4c:1a:a5:2d:72:cf:2a:8a:88:af:05:bc:5c:d9:
91:a8:93:69:e0:e3:5c:d0:8a:bf:be:d4:38:cc:71:0a:02:2a:
8a:07:44:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXpDYY4I/QGHCV3fjuHeg8mHwP/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMzhaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwNTUwNWI0OTA0OTMyM2M1ZDdhN2ZhMzk5NGVhMTI2NzY2NGNlNzQwNjRj
MWFmMGU0YmI1MjllYWU4NzA0MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJf4TcfTTc1ZTcG5FeMfX6/JNmorydGTazkczrA1cxdOewnAvcXgA7aT9YfO
6UJFRYCTX/H9dwuvhk07ZUNkspJZiPseMiG0LEQA9lXtRAeh3qQF1zf+4IctO2Si
YFEOfXfh+ui3TNctyC1MhKVmEgNPh/qgd1tDMiVUteomdGrrnvvOjU8hAcV1mtmK
LEEj5m4syTsuXwpve79Nw6sXvwJZDpMJw62LheJFdkketQnMyN8IKXCVuJ/reUA+
56iXQpWJKua6mO8DbGMEulRNFwxBuTjl+dxoX4txD7QE3Sb/ZTvfR2ew0jGOiSwx
Xd9MYQqbjZoq50V1D2KfavB0MfcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQG+1aG
iAF8BFGwJP3SQaX5lDt/DTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIzNGQ5ZmItNTYzOS00MjY0LTk5YzEtMzViMzljMWU1NmI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQCsUhqeLIlj/wKc4eoxWeBrg6/LAuzJrl98kdbr
EK6/qjuJkd1GPEqu9ATZbjE1eRI0jx0l52+31v+lGbZgrTOPFEs+YQlCdOHTICyQ
4fk7MHY3hZ0880aAQKouuVafUNQwggeEnb/LySVm0EGwg+x3s/+6iZDPg6DKl/xf
LP0mmuDaNWVNqf6BzeiWMPaK1BiU05nsWf/k6fkxKkX3GFW0nv766VBROi34tW9P
chbX/p0XlYFXU5ga31GGIAYuguiaYQ8/47XjuKepHkf0VS2Yt1Ptm485rd+Yajln
TBqlLXLPKoqIrwW8XNmRqJNp4ONc0Iq/vtQ4zHEKAiqKB0Tu
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:03 2025 by rpki-client