Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
File: e5179068-cbcf-4f9a-864d-3c97430c84f4.roa (raw, json)
Hash identifier: Ie1xBDZxv7pyORpSMg9vC2WBVp01W8eaNp02jCKlJ6w=
Subject key identifier: 0C:C6:F4:B7:5B:01:A9:EF:D9:16:B1:62:67:1C:36:A8:9E:A5:2F:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38E6FB2B13FE3DCDE639191435CD7D7C6716E32B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
Signing time: Tue 20 May 2025 20:31:21 +0000
ROA not before: Tue 20 May 2025 20:31:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e6:fb:2b:13:fe:3d:cd:e6:39:19:14:35:cd:7d:7c:67:16:e3:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:31:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b7e4be9b7bc527f42ac2611d52c975bebbdd7636781efc05559189062add238c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:47:76:f6:41:a7:7d:e8:ac:37:13:56:1f:23:
d1:c5:d1:ff:da:8e:ac:25:cc:ac:b7:3b:fb:31:d0:
c1:90:a9:e0:dc:4f:49:1b:ad:85:44:36:3e:2b:eb:
6a:c4:54:15:51:60:05:d4:4f:b2:46:40:6e:f0:a3:
19:7b:ae:d1:04:95:a0:9c:ab:c0:96:c5:71:19:f7:
41:5a:f1:28:c1:9c:40:81:34:54:4b:a4:17:9d:01:
58:bd:fa:1d:d8:a6:08:7c:91:d1:6c:f2:4c:57:bc:
10:e9:58:b8:62:b5:af:26:21:bb:be:36:f5:b8:de:
68:b5:34:b8:ea:80:78:c5:47:1b:99:ef:d4:47:05:
fc:0a:15:09:01:99:c9:37:7e:1e:0f:3b:61:06:fe:
f0:60:40:a7:9d:51:79:bf:f5:11:79:fc:79:4b:ff:
68:ed:6a:b8:16:01:b8:cc:ea:9f:0b:b5:5a:ec:45:
6c:23:9c:4b:68:4f:3b:05:50:d4:85:89:83:9d:cb:
7e:6e:ce:e1:53:c4:60:e7:9c:a8:e4:5e:43:de:e8:
54:73:70:1b:d5:6b:7e:52:fd:4d:8b:2f:e9:5e:be:
20:e7:fe:e7:a1:33:90:e4:e7:5f:7a:f0:5f:bf:d0:
95:33:52:de:4e:df:db:5b:46:40:9c:a0:dc:25:05:
9c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C6:F4:B7:5B:01:A9:EF:D9:16:B1:62:67:1C:36:A8:9E:A5:2F:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/38
Signature Algorithm: sha256WithRSAEncryption
3c:75:53:83:d7:3a:8f:99:cb:be:2e:be:75:f0:7a:8e:d3:dd:
ff:d9:87:35:d7:e1:8a:b2:a5:db:fa:2f:1b:58:e3:a0:99:cc:
9c:32:fc:e9:9b:74:e1:d2:b4:7a:17:99:30:f8:bf:3e:55:94:
25:63:32:c0:cb:4b:bc:cd:af:4b:7d:04:be:86:66:e0:e7:ff:
26:1d:08:8b:3b:34:a3:d9:ab:21:01:79:38:69:4e:20:9c:0a:
99:2f:1b:26:64:8f:2a:8f:3e:5d:e6:10:3d:11:15:17:63:31:
cb:94:69:31:fd:59:64:33:e8:e3:7d:db:db:94:b5:a3:35:43:
80:02:1a:bf:36:08:90:67:46:aa:a5:e9:64:12:ce:90:ea:41:
1a:4a:57:8e:45:72:20:40:8c:34:4c:60:c1:84:da:fb:d1:50:
4f:a5:4a:80:88:02:a1:d0:d4:e9:89:d1:06:b4:ed:06:8e:92:
33:50:51:69:b4:e9:e9:6b:fb:54:bb:d4:31:28:dc:eb:58:9a:
37:38:5c:48:0d:bb:65:4b:ec:27:7b:3f:14:ab:3d:bd:e4:9b:
2d:9f:2b:c5:d1:fa:73:04:2d:65:e5:fe:ac:7c:b1:46:a9:a2:
15:e2:5b:a4:c6:40:64:72:04:f0:7a:41:13:be:9f:99:cb:5f:
85:48:24:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOOb7KxP+Pc3mORkUNc19fGcW4yswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMxMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3ZTRiZTliN2JjNTI3ZjQyYWMyNjExZDUyYzk3NWJlYmJkZDc2MzY3ODFl
ZmMwNTU1OTE4OTA2MmFkZDIzOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFHdvZBp33orDcTVh8j0cXR/9qOrCXMrLc7+zHQwZCp4NxPSRuthUQ2Pivr
asRUFVFgBdRPskZAbvCjGXuu0QSVoJyrwJbFcRn3QVrxKMGcQIE0VEukF50BWL36
HdimCHyR0WzyTFe8EOlYuGK1ryYhu7429bjeaLU0uOqAeMVHG5nv1EcF/AoVCQGZ
yTd+Hg87YQb+8GBAp51Reb/1EXn8eUv/aO1quBYBuMzqnwu1WuxFbCOcS2hPOwVQ
1IWJg53Lfm7O4VPEYOecqOReQ97oVHNwG9VrflL9TYsv6V6+IOf+56EzkOTnX3rw
X7/QlTNS3k7f21tGQJyg3CUFnPUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQMxvS3
WwGp79kWsWJnHDaonqUvPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUxNzkwNjgtY2JjZi00ZjlhLTg2NGQtM2M5NzQzMGM4NGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQA8dVOD1zqPmcu+Lr518HqO093/2Yc11+GKsqXb
+i8bWOOgmcycMvzpm3Th0rR6F5kw+L8+VZQlYzLAy0u8za9LfQS+hmbg5/8mHQiL
OzSj2ashAXk4aU4gnAqZLxsmZI8qjz5d5hA9ERUXYzHLlGkx/VlkM+jjfdvblLWj
NUOAAhq/NgiQZ0aqpelkEs6Q6kEaSleORXIgQIw0TGDBhNr70VBPpUqAiAKh0NTp
idEGtO0GjpIzUFFptOnpa/tUu9QxKNzrWJo3OFxIDbtlS+wnez8Uqz295JstnyvF
0fpzBC1l5f6sfLFGqaIV4lukxkBkcgTwekETvp+Zy1+FSCQ9
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:29 2025 by rpki-client