Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
File: ed0f44c7-c286-45c9-9156-5644f580ab41.roa (raw, json)
Hash identifier: GEzjohk+/h4bo3733M5xs7FojpqLTf1EAL76jqQ6ofU=
Subject key identifier: B1:85:45:8E:68:BC:0E:F3:AB:B7:5B:0F:1E:99:87:8B:BF:04:8F:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D58958BE00BF22838578856F4F17D6A36A79DFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
Signing time: Tue 20 May 2025 20:10:55 +0000
ROA not before: Tue 20 May 2025 20:10:55 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:58:95:8b:e0:0b:f2:28:38:57:88:56:f4:f1:7d:6a:36:a7:9d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:55 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cb4c28a54d8adf1fcd86c8d2985cdea83bbd5b8d33adb4c3f37cea148ea39d54, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:83:0a:da:f1:fc:b9:cc:02:0e:8e:b1:9a:53:
4a:c4:61:ab:02:53:c3:13:e9:20:47:50:f2:76:48:
08:e7:82:d7:d8:3c:a6:34:f7:7a:38:80:5f:f7:5f:
5c:4e:3c:94:fc:cf:c7:96:d3:5a:41:27:c6:6b:d6:
e4:0e:11:71:96:43:e0:1d:99:20:e1:a9:52:bc:2d:
de:f5:06:65:f7:6b:35:c1:86:cc:bf:d7:36:6c:45:
ed:56:d6:8c:02:c3:70:1d:0d:d8:c1:23:89:04:2f:
25:03:64:a9:8a:3c:2d:39:cf:4f:a3:8c:08:30:2a:
31:43:6c:19:3e:d4:db:a8:7c:f2:d4:de:a3:59:e8:
86:df:14:1b:17:c3:6e:00:80:66:3d:dd:2b:5d:10:
4e:30:87:1f:2f:d2:f3:42:6c:4c:b2:8a:db:b3:6b:
b8:e4:04:f1:8b:eb:cb:27:8f:10:d0:66:0a:e5:da:
a7:60:26:0e:57:d9:a7:4e:92:fc:f5:2f:75:60:f8:
ab:3a:a9:3c:f3:58:be:8b:36:07:f7:b3:cb:72:f6:
af:6f:ff:13:c2:e8:6c:40:3b:a5:68:5f:cf:60:b6:
10:d0:41:61:71:4c:d7:e7:1e:4a:b7:02:4e:11:8a:
fe:f4:92:44:93:03:e5:34:c0:46:7a:ef:d0:c7:00:
28:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:85:45:8E:68:BC:0E:F3:AB:B7:5B:0F:1E:99:87:8B:BF:04:8F:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:b000::/40
Signature Algorithm: sha256WithRSAEncryption
07:ea:11:74:02:59:d2:64:6a:8b:9e:0d:b9:90:e7:69:ff:c2:
6b:17:92:6f:ea:a2:3d:3d:5c:da:76:51:db:62:64:f9:3e:c8:
b9:f8:d2:d8:54:46:b8:1d:82:2f:b0:75:b9:33:dd:71:a1:1f:
f8:85:2b:e2:44:5f:bb:74:61:c4:9f:23:eb:d1:43:39:32:1d:
bb:64:f4:46:f4:f6:3d:71:c8:46:9b:72:ec:95:ee:ca:2c:76:
05:ff:62:29:45:0f:d6:8d:46:e5:f8:be:61:55:2a:87:dd:5e:
b6:d8:47:87:67:04:4d:8f:62:3b:6a:d8:b0:d4:5a:66:f9:1b:
27:6f:a3:22:90:97:a1:a8:68:66:32:69:d5:69:e1:ee:c5:ee:
ff:36:a8:2e:73:43:58:63:97:ec:3b:ca:99:dd:8e:08:ec:14:
3b:c8:2e:1e:b9:07:a2:30:a8:ff:66:6e:cf:a4:2f:c7:be:56:
ed:40:3b:67:60:cb:97:f1:c1:3b:d2:d5:cb:c5:b0:40:8b:64:
8c:dc:80:f5:6e:85:f3:ec:69:2a:8b:5e:9b:7d:07:bb:6f:65:
b6:1a:72:a5:9c:26:a8:59:63:dc:a1:18:dd:33:44:07:6b:05:
81:e9:66:bc:9b:f6:b9:2b:5f:80:0b:b0:01:ef:7e:37:c0:a6:
b1:63:e3:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTViVi+AL8ig4V4hW9PF9ajannf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwNTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiNGMyOGE1NGQ4YWRmMWZjZDg2YzhkMjk4NWNkZWE4M2JiZDViOGQzM2Fk
YjRjM2YzN2NlYTE0OGVhMzlkNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuDCtrx/LnMAg6OsZpTSsRhqwJTwxPpIEdQ8nZICOeC19g8pjT3ejiAX/df
XE48lPzPx5bTWkEnxmvW5A4RcZZD4B2ZIOGpUrwt3vUGZfdrNcGGzL/XNmxF7VbW
jALDcB0N2MEjiQQvJQNkqYo8LTnPT6OMCDAqMUNsGT7U26h88tTeo1noht8UGxfD
bgCAZj3dK10QTjCHHy/S80JsTLKK27NruOQE8YvryyePENBmCuXap2AmDlfZp06S
/PUvdWD4qzqpPPNYvos2B/ezy3L2r2//E8LobEA7pWhfz2C2ENBBYXFM1+ceSrcC
ThGK/vSSRJMD5TTARnrv0McAKJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSxhUWO
aLwO86u3Ww8emYeLvwSP5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQwZjQ0YzctYzI4Ni00NWM5LTkxNTYtNTY0NGY1ODBhYjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fiw
MA0GCSqGSIb3DQEBCwUAA4IBAQAH6hF0AlnSZGqLng25kOdp/8JrF5Jv6qI9PVza
dlHbYmT5Psi5+NLYVEa4HYIvsHW5M91xoR/4hSviRF+7dGHEnyPr0UM5Mh27ZPRG
9PY9cchGm3Lsle7KLHYF/2IpRQ/WjUbl+L5hVSqH3V622EeHZwRNj2I7atiw1Fpm
+Rsnb6MikJehqGhmMmnVaeHuxe7/Nqguc0NYY5fsO8qZ3Y4I7BQ7yC4euQeiMKj/
Zm7PpC/HvlbtQDtnYMuX8cE70tXLxbBAi2SM3ID1boXz7Gkqi16bfQe7b2W2GnKl
nCaoWWPcoRjdM0QHawWB6Wa8m/a5K1+AC7AB7343wKaxY+ME
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:14 2025 by rpki-client