Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
File: e437969a-a36c-4417-88bd-c48ac88d9a5c.roa (raw, json)
Hash identifier: LL8NGWunuOmGcIWOE0KBOjHb6Yleuq9GNiO4pUP88zs=
Subject key identifier: 82:8E:09:8C:04:05:84:44:2F:41:7F:D7:CF:21:0F:E5:9A:A1:87:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E3F70AA69CBD6628F16DC374CF3028B240E59B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
Signing time: Tue 20 May 2025 19:00:10 +0000
ROA not before: Tue 20 May 2025 19:00:10 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:3f:70:aa:69:cb:d6:62:8f:16:dc:37:4c:f3:02:8b:24:0e:59:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:10 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cba540fb03f14508f805bf59ea1a984c587a7614f9ea11a06ecd4429fd81f292, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e2:38:4f:11:da:3a:9c:34:71:49:3e:b8:e6:
e3:54:c4:7d:15:f3:fc:56:73:77:5e:bb:a0:f3:6f:
ae:30:24:f4:75:b7:68:c4:b9:d1:99:b2:f9:02:7d:
a6:51:bc:85:3f:22:2a:76:ad:36:14:f0:79:b8:6b:
0c:e3:f4:4f:4c:be:73:70:81:49:17:a4:aa:83:72:
01:38:22:22:bc:04:57:a0:28:ad:0a:96:65:a3:a4:
67:81:13:c1:9a:a0:59:20:f6:2a:8e:a7:6c:40:89:
6e:16:4f:8f:94:2d:6f:e5:9a:27:c9:89:3d:f6:69:
1f:6f:be:fd:2b:5b:fe:26:c5:01:ab:ab:21:e5:35:
31:1e:ab:1e:64:a0:38:e5:21:df:9e:93:f3:e7:d5:
9f:b9:0d:be:fe:fd:4d:18:bf:fb:a6:2b:12:a6:5a:
60:b1:98:aa:c4:32:bd:35:b9:fb:44:5c:46:0e:14:
21:4c:2a:84:e2:0f:d0:16:e1:ee:27:a6:e9:a2:03:
77:e4:f5:72:c7:f8:08:76:27:57:5b:e6:9b:bc:61:
48:ec:db:62:43:df:f9:2a:d2:20:5e:59:e5:89:04:
56:0a:f0:14:c5:db:78:ff:86:5e:e9:d9:26:55:32:
14:ff:6c:38:75:9e:5b:33:c3:c6:9f:dd:1a:28:39:
71:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:8E:09:8C:04:05:84:44:2F:41:7F:D7:CF:21:0F:E5:9A:A1:87:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b080::/48
Signature Algorithm: sha256WithRSAEncryption
b3:ba:e5:db:88:3d:27:0a:9e:cb:67:9f:fa:a6:03:6b:2a:30:
cd:2e:48:bd:00:d2:cc:c3:70:2d:c9:80:53:86:f6:29:29:26:
42:13:4a:81:87:f6:bb:a4:34:68:09:41:81:49:ad:82:65:f8:
6e:0a:b8:9e:fd:f7:85:62:0c:64:62:f5:da:a3:29:7b:6d:cb:
a1:25:e0:21:eb:7d:b9:33:a5:27:70:bf:d1:09:cc:93:55:db:
70:f4:67:0f:06:44:d3:0a:5b:f0:97:ec:9f:d9:69:a9:fc:88:
fa:08:f7:fb:e5:00:ac:df:5c:2c:ac:a2:77:fc:78:8e:dd:d4:
71:09:99:89:b8:f0:f9:e4:0a:88:43:2e:63:ea:16:03:e4:2c:
37:c0:e6:fe:b0:0d:b7:1e:03:48:9a:04:b7:61:46:e8:a7:5e:
c8:22:69:92:2c:5c:28:fd:1b:25:49:cc:a9:0b:68:21:0e:eb:
90:5e:1b:3d:ca:59:fb:9f:3c:cf:b2:5e:1c:8e:b2:73:05:77:
96:61:b4:72:1f:7f:3e:02:d5:d2:50:a3:68:7c:fe:06:70:3a:
61:64:f2:ae:c8:de:ef:e8:e1:f2:b6:46:d9:ff:18:02:d9:a9:
43:69:0e:79:38:b0:7d:68:ea:4f:6d:f6:39:ec:71:f6:87:05:
9c:bd:4d:f3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfj9wqmnL1mKPFtw3TPMCiyQOWbQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMTBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYTU0MGZiMDNmMTQ1MDhmODA1YmY1OWVhMWE5ODRjNTg3YTc2MTRmOWVh
MTFhMDZlY2Q0NDI5ZmQ4MWYyOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJviOE8R2jqcNHFJPrjm41TEfRXz/FZzd167oPNvrjAk9HW3aMS50Zmy+QJ9
plG8hT8iKnatNhTwebhrDOP0T0y+c3CBSRekqoNyATgiIrwEV6AorQqWZaOkZ4ET
wZqgWSD2Ko6nbECJbhZPj5Qtb+WaJ8mJPfZpH2++/Stb/ibFAaurIeU1MR6rHmSg
OOUh356T8+fVn7kNvv79TRi/+6YrEqZaYLGYqsQyvTW5+0RcRg4UIUwqhOIP0Bbh
7iem6aIDd+T1csf4CHYnV1vmm7xhSOzbYkPf+SrSIF5Z5YkEVgrwFMXbeP+GXunZ
JlUyFP9sOHWeWzPDxp/dGig5cTkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSCjgmM
BAWERC9Bf9fPIQ/lmqGH7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTQzNzk2OWEtYTM2Yy00NDE3LTg4YmQtYzQ4YWM4OGQ5YTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Diw
gDANBgkqhkiG9w0BAQsFAAOCAQEAs7rl24g9Jwqey2ef+qYDayowzS5IvQDSzMNw
LcmAU4b2KSkmQhNKgYf2u6Q0aAlBgUmtgmX4bgq4nv33hWIMZGL12qMpe23LoSXg
Iet9uTOlJ3C/0QnMk1XbcPRnDwZE0wpb8Jfsn9lpqfyI+gj3++UArN9cLKyid/x4
jt3UcQmZibjw+eQKiEMuY+oWA+QsN8Dm/rANtx4DSJoEt2FG6KdeyCJpkixcKP0b
JUnMqQtoIQ7rkF4bPcpZ+588z7JeHI6ycwV3lmG0ch9/PgLV0lCjaHz+BnA6YWTy
rsje7+jh8rZG2f8YAtmpQ2kOeTiwfWjqT232Oexx9ocFnL1N8w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:51 2025 by rpki-client