Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
File: e279c5e7-6144-440a-9f1d-2013fb96d06a.roa (raw, json)
Hash identifier: UGzQ/fabwt+tEIRq/4DILIJEmvXGwSTcpmr753t30U0=
Subject key identifier: 49:4F:F9:B3:F4:07:79:6A:D7:2F:2E:1B:D5:4F:FC:48:AF:AA:64:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12F765639A138E21452B7FCE4334EA9170F341CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
Signing time: Tue 20 May 2025 20:01:06 +0000
ROA not before: Tue 20 May 2025 20:01:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:f7:65:63:9a:13:8e:21:45:2b:7f:ce:43:34:ea:91:70:f3:41:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=57cd7529fd1bfd74efe37a2f9bee1274c5b5adc43d49c2e806e1a86e53a9930a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6f:12:c8:57:ee:ad:5c:b7:fb:fe:78:08:da:
51:68:65:09:14:d0:85:b0:0d:2b:9f:9a:67:57:65:
8d:ac:52:fc:59:9b:cb:1f:95:d8:09:ef:90:b8:6e:
09:71:62:d5:db:ab:58:db:d9:db:be:d0:aa:35:30:
23:ca:36:30:89:ba:ca:08:66:f2:8e:13:e5:62:13:
ea:dd:0a:46:e8:4a:df:cd:2d:aa:b4:2f:32:cd:31:
e0:d7:34:f6:e2:00:1a:3c:8b:e0:34:88:f6:82:97:
52:d8:04:ac:0f:38:44:55:1c:ea:64:20:15:6d:c0:
8f:3e:e3:2a:77:23:c4:cb:69:a0:65:72:cb:53:b8:
c1:36:cf:2f:05:cd:06:04:a1:2b:ea:03:e4:cb:1b:
ed:44:68:78:2d:cf:64:65:7c:c8:9e:23:b0:71:65:
b0:db:5c:cd:f8:c5:fa:a9:17:1c:1d:e0:e2:23:6d:
f2:c4:e8:63:cc:85:13:d1:49:23:66:56:77:fb:e3:
ff:d7:98:e7:40:66:93:bf:5b:8f:7f:1a:1f:e0:0a:
e1:89:b6:4d:ba:29:ff:b5:7b:11:84:b6:03:22:24:
5e:14:a4:ec:08:f5:33:03:e4:21:c8:7d:e5:fd:78:
24:0d:57:03:fe:65:a3:21:b5:33:21:7c:91:73:91:
4d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:4F:F9:B3:F4:07:79:6A:D7:2F:2E:1B:D5:4F:FC:48:AF:AA:64:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:7d:45:f0:a1:dc:1e:40:b6:47:69:12:2f:37:99:8f:86:52:
9e:23:da:67:c5:ed:b4:fc:2a:0f:16:d2:9d:bf:35:db:9b:27:
ef:ce:20:96:87:5d:bc:de:f7:70:4b:7d:a6:a6:69:37:3d:b0:
34:fc:4d:6e:59:4f:98:ec:1b:88:5d:38:29:cc:de:8e:25:ae:
f1:37:72:c4:de:14:5a:44:15:89:ba:ba:e2:ec:35:a6:1c:b0:
59:49:f7:df:cd:14:fa:87:c5:a3:c8:1e:32:89:f0:c1:01:bb:
5e:c7:a7:ef:83:9e:8e:77:4e:47:6c:7b:90:24:94:f4:b7:e9:
a6:02:f4:45:5e:02:6a:38:8c:9c:49:eb:19:08:82:9b:af:38:
ff:18:2a:49:09:93:e9:46:8e:f9:8d:c5:f4:02:5f:de:43:c1:
ec:6f:45:4a:39:98:c6:0b:3a:ba:c5:17:c8:4b:04:6f:ac:31:
ce:88:d6:d7:be:af:a2:8c:78:7d:2f:1d:e4:8a:44:7c:3a:2b:
87:f4:f5:b4:68:77:12:53:52:bf:c7:a2:67:e1:32:2a:27:7e:
3e:a8:4e:76:51:de:17:0a:5b:f2:c8:b2:e3:f8:3d:5f:72:18:
e1:94:3e:5d:e3:de:2c:e2:f9:88:13:e0:53:f3:e5:67:e7:11:
c6:7e:29:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEvdlY5oTjiFFK3/OQzTqkXDzQcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3Y2Q3NTI5ZmQxYmZkNzRlZmUzN2EyZjliZWUxMjc0YzViNWFkYzQzZDQ5
YzJlODA2ZTFhODZlNTNhOTkzMGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFvEshX7q1ct/v+eAjaUWhlCRTQhbANK5+aZ1dljaxS/Fmbyx+V2AnvkLhu
CXFi1durWNvZ277QqjUwI8o2MIm6yghm8o4T5WIT6t0KRuhK380tqrQvMs0x4Nc0
9uIAGjyL4DSI9oKXUtgErA84RFUc6mQgFW3Ajz7jKncjxMtpoGVyy1O4wTbPLwXN
BgShK+oD5Msb7URoeC3PZGV8yJ4jsHFlsNtczfjF+qkXHB3g4iNt8sToY8yFE9FJ
I2ZWd/vj/9eY50Bmk79bj38aH+AK4Ym2Tbop/7V7EYS2AyIkXhSk7Aj1MwPkIch9
5f14JA1XA/5loyG1MyF8kXORTQ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJT/mz
9Ad5atcvLhvVT/xIr6pknTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTI3OWM1ZTctNjE0NC00NDBhLTlmMWQtMjAxM2ZiOTZkMDZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIg
MA0GCSqGSIb3DQEBCwUAA4IBAQB9fUXwodweQLZHaRIvN5mPhlKeI9pnxe20/CoP
FtKdvzXbmyfvziCWh1283vdwS32mpmk3PbA0/E1uWU+Y7BuIXTgpzN6OJa7xN3LE
3hRaRBWJurri7DWmHLBZSfffzRT6h8WjyB4yifDBAbtex6fvg56Od05HbHuQJJT0
t+mmAvRFXgJqOIycSesZCIKbrzj/GCpJCZPpRo75jcX0Al/eQ8Hsb0VKOZjGCzq6
xRfISwRvrDHOiNbXvq+ijHh9Lx3kikR8OiuH9PW0aHcSU1K/x6Jn4TIqJ34+qE52
Ud4XClvyyLLj+D1fchjhlD5d494s4vmIE+BT8+Vn5xHGfinS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:29 2025 by rpki-client