Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: fKIOZKkyaKBaNso4c6NV9WF1ImcA9ZFDHnCgmQoTmGU=
Subject key identifier: CF:64:99:9E:09:51:77:C5:5B:04:11:AC:FE:1B:56:4C:FF:67:2B:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DF2B713D80203BDDFC1438924F659C8D7E60D44
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Tue 20 May 2025 20:11:00 +0000
ROA not before: Tue 20 May 2025 20:11:00 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:f2:b7:13:d8:02:03:bd:df:c1:43:89:24:f6:59:c8:d7:e6:0d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:00 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4be1576728c5de217a030afe47e75fa9977e7acae7b24b423d10a6fc56aadea3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:03:f1:ca:1f:18:0b:58:bc:53:0e:26:04:88:
c2:84:31:5b:1f:2d:1c:cb:50:d2:34:51:ae:77:0f:
0e:14:29:ca:59:65:d1:64:0e:cc:91:bf:b1:3c:61:
d4:0c:74:67:74:a1:16:4a:fa:d9:be:60:f2:00:de:
c7:e4:12:3b:dd:56:f9:60:56:44:06:f4:b0:c0:c5:
f8:02:43:56:d6:b3:76:96:40:d2:71:71:bd:24:e2:
de:d4:1c:75:20:51:6d:72:9c:79:11:fe:90:8f:21:
e5:39:ae:b9:cf:73:6a:a2:d7:70:21:40:64:a5:fe:
5c:4b:9e:75:e1:b3:f6:6e:27:ab:45:6b:18:02:ab:
64:70:cb:d9:cc:f3:16:3e:44:da:cf:f8:aa:b6:ed:
83:90:24:60:d9:f0:a7:6a:3e:37:ac:97:b3:22:b7:
95:dd:6f:17:fe:bd:12:08:a8:06:7f:63:63:bf:19:
3f:4a:19:f4:28:24:09:7b:59:50:a8:33:ee:ce:51:
42:c4:85:62:17:9a:53:01:9f:e0:db:c0:43:85:f3:
9d:57:73:c6:cd:cf:5a:1d:e1:be:29:01:b7:3b:f8:
40:bc:a4:71:8d:d1:07:7d:f5:a8:cc:d5:11:e5:60:
15:f9:3a:17:44:08:20:86:3b:bb:b0:1c:41:c2:16:
03:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:64:99:9E:09:51:77:C5:5B:04:11:AC:FE:1B:56:4C:FF:67:2B:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:c2:2b:7c:5d:86:0a:78:07:79:f0:38:d7:4c:41:ef:62:47:
09:2b:c2:76:28:d2:c6:2f:18:77:95:99:31:01:dd:58:50:4a:
fb:35:43:6c:59:8f:f4:51:2d:3c:0a:fc:5c:b0:4c:b0:30:75:
ba:82:0f:d3:12:2f:31:cc:7c:a9:45:fc:53:a5:22:15:fa:91:
3e:b5:e6:f7:9d:6a:a4:e6:7e:dd:29:73:6f:1d:69:c6:8b:0f:
3a:f3:fc:c7:25:a1:1e:69:95:71:86:57:09:21:c5:d0:e4:5a:
56:96:1a:e2:44:fe:ae:c8:02:ca:19:23:f6:35:2f:02:f5:36:
8f:1d:3d:a6:f9:e9:d2:85:57:e5:be:e2:a8:06:6f:d9:7e:7b:
cc:b4:53:72:63:db:b4:26:0b:e3:d6:96:f3:ab:53:c3:2d:a4:
b9:c9:4d:f1:68:26:19:88:05:ef:4e:80:0a:d9:dd:c1:e4:e2:
c5:ea:56:ce:27:68:e0:63:a6:9f:db:f8:be:84:10:97:58:2e:
14:e2:24:17:84:b5:c4:39:06:1d:c9:c8:75:b2:26:48:25:d2:
a1:f5:e3:df:a0:22:77:89:cf:b2:36:c6:3f:d9:c0:23:28:3b:
b9:6f:21:75:7e:24:3c:54:1e:18:1b:85:ee:d2:84:13:5d:be:
16:b7:06:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULfK3E9gCA73fwUOJJPZZyNfmDUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMDBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiZTE1NzY3MjhjNWRlMjE3YTAzMGFmZTQ3ZTc1ZmE5OTc3ZTdhY2FlN2Iy
NGI0MjNkMTBhNmZjNTZhYWRlYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUD8cofGAtYvFMOJgSIwoQxWx8tHMtQ0jRRrncPDhQpylll0WQOzJG/sTxh
1Ax0Z3ShFkr62b5g8gDex+QSO91W+WBWRAb0sMDF+AJDVtazdpZA0nFxvSTi3tQc
dSBRbXKceRH+kI8h5Tmuuc9zaqLXcCFAZKX+XEuedeGz9m4nq0VrGAKrZHDL2czz
Fj5E2s/4qrbtg5AkYNnwp2o+N6yXsyK3ld1vF/69EgioBn9jY78ZP0oZ9CgkCXtZ
UKgz7s5RQsSFYheaUwGf4NvAQ4XznVdzxs3PWh3hvikBtzv4QLykcY3RB331qMzV
EeVgFfk6F0QIIIY7u7AcQcIWAyMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPZJme
CVF3xVsEEaz+G1ZM/2crnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQC7wit8XYYKeAd58DjXTEHvYkcJK8J2KNLGLxh3
lZkxAd1YUEr7NUNsWY/0US08CvxcsEywMHW6gg/TEi8xzHypRfxTpSIV+pE+teb3
nWqk5n7dKXNvHWnGiw868/zHJaEeaZVxhlcJIcXQ5FpWlhriRP6uyALKGSP2NS8C
9TaPHT2m+enShVflvuKoBm/ZfnvMtFNyY9u0Jgvj1pbzq1PDLaS5yU3xaCYZiAXv
ToAK2d3B5OLF6lbOJ2jgY6af2/i+hBCXWC4U4iQXhLXEOQYdych1siZIJdKh9ePf
oCJ3ic+yNsY/2cAjKDu5byF1fiQ8VB4YG4Xu0oQTXb4WtwbU
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:31 2025 by rpki-client