Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
File: e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa (raw, json)
Hash identifier: hM8GIzH5US1KNb5masnoeMnJo/voNalYywM3MGe0Zso=
Subject key identifier: F0:8F:90:E1:BD:D9:E9:4D:C6:DD:7E:02:E5:B1:24:B0:50:01:5A:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E301F19AF81A97A972E2D56F33BFCC1087E0DFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
Signing time: Tue 20 May 2025 18:30:13 +0000
ROA not before: Tue 20 May 2025 18:30:13 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:30:1f:19:af:81:a9:7a:97:2e:2d:56:f3:3b:fc:c1:08:7e:0d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:13 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=38e670ca5e0413148be32791570b83183c07691ddd54176f570468dd12690f75, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f8:06:dd:92:b5:95:e6:bb:df:d9:4a:67:aa:
ae:00:18:8d:a8:7c:52:d0:8d:ae:3e:a8:cd:df:42:
06:6f:b5:ee:4b:b1:f6:6c:98:58:fe:b0:7d:3f:0a:
53:e5:4f:da:09:34:b5:32:d6:4e:dd:44:25:f5:b7:
ba:a0:78:c6:4a:d4:6a:3f:6f:56:1a:a3:89:51:f4:
88:f8:dd:1d:71:fd:66:2d:4c:84:8f:2b:11:c9:8a:
c3:49:73:4b:35:39:0f:2f:ca:f1:67:6d:3c:50:14:
12:9c:43:c8:bc:e2:41:47:50:71:66:9f:45:cc:42:
c2:de:b8:c3:22:e4:51:88:13:7d:ef:7d:40:bd:67:
08:fe:9d:4e:dc:99:c0:27:f1:48:78:06:e8:8d:01:
54:55:42:d7:cf:9b:8d:61:9b:c4:cd:1f:19:5a:4c:
15:96:62:49:02:0f:98:22:f1:85:d9:f7:dc:dd:d3:
63:60:64:15:75:72:14:2d:23:ad:77:bd:36:53:10:
30:2d:2d:87:82:1c:a8:a2:5b:7d:95:76:76:f3:77:
38:3f:14:fd:db:4e:24:2c:28:c8:39:21:af:36:eb:
a9:e7:07:d3:1c:82:1a:3b:ea:1a:6b:1b:5f:d5:61:
41:ef:cf:b6:77:f2:ec:9c:3c:7f:41:02:aa:8b:7a:
8a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8F:90:E1:BD:D9:E9:4D:C6:DD:7E:02:E5:B1:24:B0:50:01:5A:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
ad:31:92:8c:9c:0c:fd:08:a7:27:7b:b9:52:8f:ae:a7:1d:49:
e7:ba:2a:a5:5d:06:7f:3e:be:64:97:ce:e8:54:5c:84:31:04:
d8:f1:5d:5e:8f:39:bc:ff:cf:c4:e3:bc:4b:c1:52:6e:df:31:
48:83:79:f3:a8:e5:69:14:0e:cc:88:6e:26:20:51:5f:eb:cc:
c4:a5:6a:81:95:34:02:9c:13:15:1e:65:42:85:dc:ce:f6:49:
f4:3a:08:e9:b9:58:3e:41:15:12:b2:d2:90:22:20:9d:20:a6:
d7:83:a4:28:02:2f:39:2d:16:26:d3:e5:e1:a5:9e:d4:ff:c5:
97:9d:74:6d:91:2b:78:79:a4:d3:33:f0:3f:d9:13:9c:79:9a:
68:65:9a:2b:7b:86:5a:82:1f:6b:17:95:02:fc:e6:d0:46:35:
54:18:53:9b:68:e6:5f:53:69:92:d5:a8:ce:8a:51:f3:2e:82:
1e:bb:aa:56:90:b0:77:1f:60:4c:53:52:72:ed:4c:82:5a:d8:
2a:86:00:2e:c2:b9:82:c8:ff:6f:a1:94:65:f4:09:f6:42:78:
e6:d1:96:08:9a:b9:a8:aa:d4:70:39:5e:be:6f:89:8f:db:53:
6a:fc:91:30:a3:2d:56:26:43:57:e0:8d:4e:0b:8b:ec:76:77:
66:d1:3a:98
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPjAfGa+BqXqXLi1W8zv8wQh+DfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwMTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4ZTY3MGNhNWUwNDEzMTQ4YmUzMjc5MTU3MGI4MzE4M2MwNzY5MWRkZDU0
MTc2ZjU3MDQ2OGRkMTI2OTBmNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKv4Bt2StZXmu9/ZSmeqrgAYjah8UtCNrj6ozd9CBm+17kux9myYWP6wfT8K
U+VP2gk0tTLWTt1EJfW3uqB4xkrUaj9vVhqjiVH0iPjdHXH9Zi1MhI8rEcmKw0lz
SzU5Dy/K8WdtPFAUEpxDyLziQUdQcWafRcxCwt64wyLkUYgTfe99QL1nCP6dTtyZ
wCfxSHgG6I0BVFVC18+bjWGbxM0fGVpMFZZiSQIPmCLxhdn33N3TY2BkFXVyFC0j
rXe9NlMQMC0th4IcqKJbfZV2dvN3OD8U/dtOJCwoyDkhrzbrqecH0xyCGjvqGmsb
X9VhQe/Ptnfy7Jw8f0ECqot6ilECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTwj5Dh
vdnpTcbdfgLlsSSwUAFaLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3YTk3MWMtOWJhZC00NGQ0LWJhNjMtOWMwOWYwMjk5ZmEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
wDANBgkqhkiG9w0BAQsFAAOCAQEArTGSjJwM/QinJ3u5Uo+upx1J57oqpV0Gfz6+
ZJfO6FRchDEE2PFdXo85vP/PxOO8S8FSbt8xSIN586jlaRQOzIhuJiBRX+vMxKVq
gZU0ApwTFR5lQoXczvZJ9DoI6blYPkEVErLSkCIgnSCm14OkKAIvOS0WJtPl4aWe
1P/Fl510bZEreHmk0zPwP9kTnHmaaGWaK3uGWoIfaxeVAvzm0EY1VBhTm2jmX1Np
ktWozopR8y6CHruqVpCwdx9gTFNScu1MglrYKoYALsK5gsj/b6GUZfQJ9kJ45tGW
CJq5qKrUcDlevm+Jj9tTavyRMKMtViZDV+CNTguL7HZ3ZtE6mA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:16 2025 by rpki-client