Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
File: ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa (raw, json)
Hash identifier: fR3YwG3pfcU3Z/h3Dwm0FESXgQXb4eognGNW0cLbCvo=
Subject key identifier: FD:17:CB:88:45:46:8C:B9:7B:D8:AD:C4:88:78:3A:81:DF:ED:66:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A2E9E4032CBC08A471CAA6C03ECE6A1DA62B6EE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
Signing time: Sat 31 May 2025 00:50:04 +0000
ROA not before: Sat 31 May 2025 00:50:04 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:2e:9e:40:32:cb:c0:8a:47:1c:aa:6c:03:ec:e6:a1:da:62:b6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 00:50:04 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=e4d40e3c5d6562d7b059dfa4151193131af24df8d3c6c52f8adcd3292e1e94de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bf:4a:38:48:b8:e1:2a:04:10:26:2b:03:b2:
bf:8b:4c:62:48:fc:82:a9:48:86:58:89:e0:82:05:
e3:09:b5:ae:da:3f:9e:3c:5c:ab:de:b7:84:3a:fd:
c6:1f:65:a3:fb:27:f6:7c:54:22:77:9b:9c:5e:99:
2b:a5:08:28:67:9e:ac:8f:91:c9:ca:d8:6c:ca:8b:
2d:36:37:a2:59:ce:db:d9:d5:16:15:18:47:42:71:
8e:49:d5:81:ae:6c:1d:05:06:a7:98:55:57:c9:c6:
2b:9f:85:5a:ee:f0:1a:01:74:97:e3:ec:46:3f:f3:
42:1f:37:92:7f:b2:4e:75:c2:f0:07:51:51:e1:0f:
c7:cf:f3:2d:8c:39:df:33:19:c0:ed:6e:dd:eb:79:
56:28:d2:d1:0b:39:2c:3f:4b:b3:f8:5a:6f:77:2a:
e0:09:9f:df:ab:2f:7c:ac:be:46:61:71:99:e6:f2:
8e:e0:f7:07:1c:dd:b2:d6:04:fb:c9:17:18:4c:ac:
63:4d:00:bc:fb:5e:b2:dc:b7:6c:59:62:1e:2b:bb:
69:7b:42:c5:db:e0:eb:f8:dd:56:4c:f2:a8:15:8a:
f2:e1:5c:7f:a3:fa:ef:90:ea:aa:56:06:59:80:65:
1c:44:17:31:4f:74:a9:e0:1c:f1:cb:65:88:a5:19:
d1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:17:CB:88:45:46:8C:B9:7B:D8:AD:C4:88:78:3A:81:DF:ED:66:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:4000::/40
Signature Algorithm: sha256WithRSAEncryption
64:ee:39:c4:6e:de:63:81:0c:a5:66:ed:56:26:a5:b6:9c:1e:
6d:f0:47:58:29:cb:db:94:4e:16:cd:60:1e:04:8a:cd:3a:7d:
45:17:f0:d6:51:12:e2:2c:59:bf:97:36:74:c2:17:b6:1f:28:
a3:e3:51:06:5a:bd:ef:0d:8c:80:11:90:ff:29:09:05:e9:ec:
88:1d:e5:8b:62:fb:90:23:f0:f1:14:11:13:8d:1d:e7:29:1c:
fc:da:02:f7:98:f6:23:34:90:1f:79:fc:9f:b6:05:d4:2d:df:
37:cf:86:49:0f:04:11:6e:87:c9:2c:a0:c8:35:33:33:67:00:
38:7c:1b:62:2b:5c:b2:8e:34:02:ba:44:52:9b:f8:17:7a:fe:
6c:69:bb:f3:c7:ce:cf:4d:76:8c:d4:d6:f8:80:07:b1:18:71:
23:9d:ff:fa:0a:07:7d:54:1f:bf:f1:3a:f2:b9:49:07:79:4d:
9c:df:8c:8d:72:f5:5d:0b:7d:8f:d7:a4:0d:92:68:72:f3:aa:
aa:e0:4b:7c:d4:8a:51:f5:5b:39:e8:a2:12:e6:a4:83:fc:dc:
7d:16:51:94:ac:7a:6c:04:a2:c4:a5:3e:0f:7b:b3:36:bd:15:
c9:e1:5b:9b:c7:0f:ef:5e:32:1f:0d:40:e9:b1:d6:a6:c7:2a:
67:25:20:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKi6eQDLLwIpHHKpsA+zmodpitu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MzEwMDUwMDRaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0ZDQwZTNjNWQ2NTYyZDdiMDU5ZGZhNDE1MTE5MzEzMWFmMjRkZjhkM2M2
YzUyZjhhZGNkMzI5MmUxZTk0ZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKW/SjhIuOEqBBAmKwOyv4tMYkj8gqlIhliJ4IIF4wm1rto/njxcq963hDr9
xh9lo/sn9nxUInebnF6ZK6UIKGeerI+RycrYbMqLLTY3olnO29nVFhUYR0JxjknV
ga5sHQUGp5hVV8nGK5+FWu7wGgF0l+PsRj/zQh83kn+yTnXC8AdRUeEPx8/zLYw5
3zMZwO1u3et5VijS0Qs5LD9Ls/hab3cq4Amf36svfKy+RmFxmebyjuD3BxzdstYE
+8kXGEysY00AvPtesty3bFliHiu7aXtCxdvg6/jdVkzyqBWK8uFcf6P675DqqlYG
WYBlHEQXMU90qeAc8ctliKUZ0UcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9F8uI
RUaMuXvYrcSIeDqB3+1mADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRlNTIwMGUtNTVjOC00YTg5LTljY2YtY2Y0NjVjNmRkYjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJA
MA0GCSqGSIb3DQEBCwUAA4IBAQBk7jnEbt5jgQylZu1WJqW2nB5t8EdYKcvblE4W
zWAeBIrNOn1FF/DWURLiLFm/lzZ0whe2Hyij41EGWr3vDYyAEZD/KQkF6eyIHeWL
YvuQI/DxFBETjR3nKRz82gL3mPYjNJAfefyftgXULd83z4ZJDwQRbofJLKDINTMz
ZwA4fBtiK1yyjjQCukRSm/gXev5sabvzx87PTXaM1Nb4gAexGHEjnf/6Cgd9VB+/
8TryuUkHeU2c34yNcvVdC32P16QNkmhy86qq4Et81IpR9Vs56KIS5qSD/Nx9FlGU
rHpsBKLEpT4Pe7M2vRXJ4Vubxw/vXjIfDUDpsdamxypnJSBp
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:57 2025 by rpki-client