Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
File: e69b1519-f345-43aa-8c6b-cd786ee13404.roa (raw, json)
Hash identifier: RB9yjep0b52UbZwc3Wf+VDDiJZ/eCWJCqgkJnd5JMQc=
Subject key identifier: 71:6F:16:11:E1:AF:DA:88:36:5B:7F:91:52:50:05:44:34:F4:4D:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 791ED0279CCB53B2EBB4212905838800B030B6D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
Signing time: Tue 20 May 2025 20:10:59 +0000
ROA not before: Tue 20 May 2025 20:10:59 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:1e:d0:27:9c:cb:53:b2:eb:b4:21:29:05:83:88:00:b0:30:b6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:59 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a5dd85f7d937dbf44ec3e8313fead90907e6bdb7dd10233f4e0a332887237ceb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9e:e3:e2:e8:fc:58:93:6b:be:ed:f1:83:c1:
a9:ef:fa:d7:03:1b:2a:c3:9d:81:ee:51:7d:93:2e:
c3:54:9a:92:11:eb:b4:a0:50:c3:38:aa:89:0f:f8:
35:ed:b0:fd:88:c8:7b:c0:6d:79:c7:b0:3d:73:e3:
1c:6a:09:c7:7d:a2:5e:28:d4:0d:e2:0a:e9:57:e5:
41:0c:99:d7:3a:74:3b:81:a9:4d:32:0b:91:93:3f:
95:28:89:3d:c5:1c:36:d8:5b:50:b7:e5:53:be:86:
a7:d7:92:d9:6c:e0:48:fa:d4:38:df:97:88:87:76:
f1:90:78:52:66:09:ee:f2:ae:b3:3b:db:d1:7e:83:
d2:75:d3:bb:9f:35:05:a6:e0:74:f2:ff:52:37:24:
f1:a2:70:99:87:4d:1e:48:15:a1:27:7e:1b:24:3e:
59:b6:24:b3:d8:c3:4d:97:c1:31:ee:c1:6e:ff:5d:
10:fd:d5:70:7c:42:c3:ae:3d:87:84:d8:a9:9e:c7:
08:b9:ad:65:a8:1a:ab:69:66:95:ad:25:7a:91:06:
ac:db:12:22:63:03:89:20:d8:b8:9d:87:2c:09:81:
5c:88:6a:ff:8b:bf:f4:42:d9:65:e5:0d:54:fe:ac:
40:2d:7a:75:44:bc:a1:b3:8b:c2:04:fa:61:a3:9b:
f4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6F:16:11:E1:AF:DA:88:36:5B:7F:91:52:50:05:44:34:F4:4D:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:9e:33:79:1c:32:cc:e0:ef:e9:3d:a1:3e:79:fb:d5:c8:8b:
16:bf:5e:69:e4:cf:b8:00:09:71:62:e3:e3:a5:f6:35:35:5e:
6d:09:ff:2a:ca:23:51:2a:bc:27:f5:ca:8f:ee:8e:a1:19:bd:
dc:5e:50:6a:a2:9e:e1:8e:04:f2:38:6b:c4:dd:d7:fd:b3:5c:
1f:15:9e:e4:77:6c:c2:14:50:98:dd:72:e2:12:1f:51:08:96:
62:c8:a6:92:ea:ee:e2:8d:53:44:37:2f:71:ef:77:01:72:b2:
e4:01:68:28:4b:17:6f:87:1c:1a:41:7d:a9:72:f4:fb:f2:48:
56:5f:86:81:49:8b:e5:e1:97:d3:80:10:5c:40:35:cf:75:43:
12:fa:75:d2:7f:7b:07:b3:50:8c:af:51:a4:c3:cc:29:e6:68:
56:7c:db:1a:01:b2:06:29:6a:9e:66:71:22:e7:41:01:0d:a4:
9a:0a:c0:f2:ec:c2:50:5e:8d:75:b1:51:68:06:b8:d1:3b:97:
0f:ab:32:a5:18:ae:ee:e5:cc:42:58:61:5d:6e:6a:09:29:2c:
20:91:07:e4:6a:71:d6:89:6f:11:4f:9f:53:c8:2c:87:4f:a7:
cc:94:16:8f:61:b6:bd:d6:2d:d5:d3:25:f7:b3:c0:21:45:c2:
aa:19:4a:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeR7QJ5zLU7LrtCEpBYOIALAwttIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwNTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1ZGQ4NWY3ZDkzN2RiZjQ0ZWMzZTgzMTNmZWFkOTA5MDdlNmJkYjdkZDEw
MjMzZjRlMGEzMzI4ODcyMzdjZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWe4+Lo/FiTa77t8YPBqe/61wMbKsOdge5RfZMuw1SakhHrtKBQwziqiQ/4
Ne2w/YjIe8BtecewPXPjHGoJx32iXijUDeIK6VflQQyZ1zp0O4GpTTILkZM/lSiJ
PcUcNthbULflU76Gp9eS2WzgSPrUON+XiId28ZB4UmYJ7vKuszvb0X6D0nXTu581
BabgdPL/Ujck8aJwmYdNHkgVoSd+GyQ+WbYks9jDTZfBMe7Bbv9dEP3VcHxCw649
h4TYqZ7HCLmtZagaq2lmla0lepEGrNsSImMDiSDYuJ2HLAmBXIhq/4u/9ELZZeUN
VP6sQC16dUS8obOLwgT6YaOb9AMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxbxYR
4a/aiDZbf5FSUAVENPRNXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTY5YjE1MTktZjM0NS00M2FhLThjNmItY2Q3ODZlZTEzNDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5Q
MA0GCSqGSIb3DQEBCwUAA4IBAQDBnjN5HDLM4O/pPaE+efvVyIsWv15p5M+4AAlx
YuPjpfY1NV5tCf8qyiNRKrwn9cqP7o6hGb3cXlBqop7hjgTyOGvE3df9s1wfFZ7k
d2zCFFCY3XLiEh9RCJZiyKaS6u7ijVNENy9x73cBcrLkAWgoSxdvhxwaQX2pcvT7
8khWX4aBSYvl4ZfTgBBcQDXPdUMS+nXSf3sHs1CMr1Gkw8wp5mhWfNsaAbIGKWqe
ZnEi50EBDaSaCsDy7MJQXo11sVFoBrjRO5cPqzKlGK7u5cxCWGFdbmoJKSwgkQfk
anHWiW8RT59TyCyHT6fMlBaPYba91i3V0yX3s8AhRcKqGUq/
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:42 2025 by rpki-client