Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json)
Hash identifier: tsPsGKr6eaJue1LWHqr1dXimrnl5hdVJjpCKhmxstE4=
Subject key identifier: 4C:E4:E6:AA:ED:89:0C:D5:05:C2:06:47:4F:2A:2A:25:18:7A:C0:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A8C15ABEF0B9CBC730EE9FE3E675AEA4610577E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
Signing time: Tue 20 May 2025 20:11:29 +0000
ROA not before: Tue 20 May 2025 20:11:29 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:8c:15:ab:ef:0b:9c:bc:73:0e:e9:fe:3e:67:5a:ea:46:10:57:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:29 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8e07d92c85c28bb6162705dfc3ab95b5d96af5801f3cb0289de605ff8de39bc3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2e:6f:42:26:62:cd:15:6b:d0:02:e7:69:86:
13:5c:d3:7e:d4:90:85:fc:5f:3d:86:82:8e:74:74:
cc:c4:67:2f:6c:56:af:68:3b:27:e0:b4:3b:6f:7e:
42:cb:00:23:63:64:a3:d3:a1:a0:65:af:90:93:57:
d4:55:83:3c:9b:a2:f4:0c:88:41:81:ee:3c:ed:49:
29:90:4d:c0:83:77:13:4b:1d:b6:16:22:2f:7c:0c:
95:8c:0c:41:9e:f2:8a:09:4e:4f:d5:25:4e:7a:76:
ba:ef:8b:4d:bc:38:72:8b:5a:ad:7a:47:c6:66:99:
c8:c3:3d:6a:f8:b9:90:8e:b3:86:73:6d:81:9f:21:
2c:d9:40:ef:7d:82:18:1f:9f:c1:ef:1c:ec:44:8f:
b1:86:da:61:61:45:f0:62:10:62:aa:a8:fa:23:28:
7a:87:29:ed:e7:fc:6f:8d:c9:57:1f:1b:b1:f1:20:
84:01:c6:b1:84:a7:1b:65:6e:96:e7:bd:ff:5e:c4:
27:34:d4:18:83:8f:bc:5b:a2:5f:ae:9d:94:a5:98:
de:53:ce:e7:48:d4:54:10:b8:42:3b:50:0d:c4:df:
06:71:15:70:2d:68:6c:99:f6:b9:ba:a1:d6:ad:7c:
a3:cf:d2:eb:dc:28:2f:e1:33:db:61:d0:ad:b3:72:
db:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E4:E6:AA:ED:89:0C:D5:05:C2:06:47:4F:2A:2A:25:18:7A:C0:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:5000::/40
Signature Algorithm: sha256WithRSAEncryption
64:6f:03:38:76:13:e2:a4:12:9a:ad:e9:74:49:84:26:9a:0c:
89:91:29:cd:09:15:d5:f5:18:21:f5:af:fb:ac:7a:82:bc:9a:
a4:fa:65:da:fe:5f:70:b3:bc:0b:74:18:c3:05:03:c0:2e:54:
83:ec:4b:8d:09:f2:0c:64:95:61:0b:90:74:ad:e8:4a:0f:ba:
f2:fc:0e:63:84:8b:24:43:5c:79:05:8e:a1:af:3f:2e:ae:57:
c7:eb:ec:e8:a3:be:ce:dc:3c:d7:4a:b1:07:a5:3e:bb:c5:a6:
3e:83:6f:c7:51:dd:94:e1:b7:85:38:c2:f8:8f:cb:42:b5:cb:
a8:13:82:f1:99:cd:c3:79:89:0f:a8:c1:2b:c3:35:1c:43:63:
c4:5c:43:b8:45:d2:0b:89:62:b0:94:58:1d:0a:75:55:a0:7a:
9e:ab:a1:ef:bb:fd:4d:4d:8e:fd:50:c9:26:88:9a:04:57:c3:
6a:4c:5d:62:02:9e:0f:64:e1:57:d9:c1:7d:b8:1f:92:44:e7:
41:7b:14:cc:c7:60:0c:9a:ee:d8:4e:56:b2:03:7c:06:e0:2d:
32:9e:d4:31:78:09:90:99:1a:3f:4a:cf:b2:34:30:aa:e8:25:
5b:32:c5:3b:71:4f:91:71:7e:4c:17:6c:8c:65:fc:b6:0d:66:
95:aa:dd:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaowVq+8LnLxzDun+Pmda6kYQV34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMjlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlMDdkOTJjODVjMjhiYjYxNjI3MDVkZmMzYWI5NWI1ZDk2YWY1ODAxZjNj
YjAyODlkZTYwNWZmOGRlMzliYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYub0ImYs0Va9AC52mGE1zTftSQhfxfPYaCjnR0zMRnL2xWr2g7J+C0O29+
QssAI2Nko9OhoGWvkJNX1FWDPJui9AyIQYHuPO1JKZBNwIN3E0sdthYiL3wMlYwM
QZ7yiglOT9UlTnp2uu+LTbw4cotarXpHxmaZyMM9avi5kI6zhnNtgZ8hLNlA732C
GB+fwe8c7ESPsYbaYWFF8GIQYqqo+iMoeocp7ef8b43JVx8bsfEghAHGsYSnG2Vu
lue9/17EJzTUGIOPvFuiX66dlKWY3lPO50jUVBC4QjtQDcTfBnEVcC1obJn2ubqh
1q18o8/S69woL+Ez22HQrbNy23MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRM5Oaq
7YkM1QXCBkdPKiolGHrAvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBkbwM4dhPipBKarel0SYQmmgyJkSnNCRXV9Rgh
9a/7rHqCvJqk+mXa/l9ws7wLdBjDBQPALlSD7EuNCfIMZJVhC5B0rehKD7ry/A5j
hIskQ1x5BY6hrz8urlfH6+zoo77O3DzXSrEHpT67xaY+g2/HUd2U4beFOML4j8tC
tcuoE4Lxmc3DeYkPqMErwzUcQ2PEXEO4RdILiWKwlFgdCnVVoHqeq6Hvu/1NTY79
UMkmiJoEV8NqTF1iAp4PZOFX2cF9uB+SROdBexTMx2AMmu7YTlayA3wG4C0yntQx
eAmQmRo/Ss+yNDCq6CVbMsU7cU+RcX5MF2yMZfy2DWaVqt23
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:31 2025 by rpki-client