Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0de92d9-9b14-4323-b2e0-a464f60f76b6.roa
File: f0de92d9-9b14-4323-b2e0-a464f60f76b6.roa (raw, json)
Hash identifier: sju9Oiil3qtJgnPlhYB2l/VwJRews/C4JpzuPNOFLqk=
Subject key identifier: EF:A6:A2:49:79:40:17:5A:B7:12:B3:AE:8F:61:C4:C4:CF:6F:DA:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A3F726AB0C72A84F7D338B4B05EF41823DDBD31
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0de92d9-9b14-4323-b2e0-a464f60f76b6.roa
Signing time: Tue 20 May 2025 19:41:15 +0000
ROA not before: Tue 20 May 2025 19:41:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:3f:72:6a:b0:c7:2a:84:f7:d3:38:b4:b0:5e:f4:18:23:dd:bd:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:41:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a46b8b325fd32cfdc19b5ff191f4dbe71f1b2fb29265bbf771a6be80183d1dde, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:21:1e:1d:ca:ba:23:58:ac:a6:ef:84:12:92:
08:7a:69:09:1c:0b:d2:2c:0b:47:9d:7b:91:ea:48:
b4:f3:c8:55:87:e0:4e:4c:58:9d:c6:b3:2e:77:55:
da:36:47:eb:93:82:13:b6:8e:05:88:36:d3:1d:ba:
50:32:3e:b7:42:ab:11:5b:4d:60:0e:04:b2:44:1a:
f9:17:05:a9:27:77:b0:cd:80:1d:f6:42:23:18:7a:
36:00:3a:54:05:cd:65:17:43:0d:68:ac:ab:08:a2:
ea:4c:76:f3:d7:c1:83:b4:4d:f2:24:94:e7:1d:24:
28:6f:c3:0c:52:4b:71:23:83:c1:6b:91:6c:42:06:
7a:e7:3d:f4:ce:5e:1b:89:86:0e:0b:f0:2d:95:3f:
f0:b1:09:1d:59:34:f1:ef:21:60:81:bf:29:95:d9:
0b:8f:47:d7:90:40:86:14:9f:d7:0c:79:14:ed:cd:
15:b8:4a:7f:3b:ae:a1:d9:5e:2c:99:d4:04:b4:35:
75:03:ab:b0:e3:dd:e6:ee:4e:4b:41:50:f8:ba:21:
73:83:aa:b7:d8:91:8e:ef:e0:a2:99:30:f7:8a:6d:
31:92:9c:3f:cf:91:46:a7:c8:e0:86:72:e4:fb:2c:
9e:b4:47:a7:cb:70:05:35:43:11:b8:ca:14:bb:b6:
68:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:A6:A2:49:79:40:17:5A:B7:12:B3:AE:8F:61:C4:C4:CF:6F:DA:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0de92d9-9b14-4323-b2e0-a464f60f76b6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1000::/40
Signature Algorithm: sha256WithRSAEncryption
78:57:d7:15:e4:0d:37:07:05:7f:53:8f:fd:a2:a6:2f:d3:6d:
9c:02:12:4f:38:fb:0f:a5:2e:b7:8e:8c:20:75:ce:95:9a:cf:
74:c2:3c:dc:c8:2a:5f:42:2f:45:da:1f:9a:28:eb:5c:20:b2:
63:0a:36:d2:53:82:d2:df:5d:96:c3:9c:7e:ff:a6:81:ff:4d:
df:f7:9a:6d:ba:ea:b3:9e:6c:b9:46:e2:c7:36:61:86:a4:37:
f4:c1:1f:06:5e:97:b9:ad:d1:77:c2:6d:9d:f1:f1:b1:5f:80:
6d:d8:7d:af:d1:85:90:48:eb:c9:98:52:e2:5e:a1:0c:b3:eb:
c0:2e:ce:58:8a:e3:e0:1f:eb:bb:46:d9:bf:1a:88:3e:26:51:
69:40:64:cf:8c:3f:70:91:b4:d6:62:89:d9:68:61:f0:7d:14:
70:b4:e0:67:63:d6:0b:6d:bb:7c:3d:b5:69:df:22:90:6f:fc:
7a:39:9d:0b:53:b5:33:50:1a:af:9c:c2:a9:75:fd:53:f9:e2:
6f:f1:fe:c1:4e:ac:b8:40:0f:6f:81:36:a1:5d:08:64:9f:f2:
7b:84:78:4e:4d:70:0d:af:ff:f4:7a:06:b0:d5:aa:f6:ce:61:
36:e9:a8:5e:7b:00:b0:97:7f:3e:d2:ed:24:83:2e:34:e1:fe:
3f:b8:57:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGj9yarDHKoT30zi0sF70GCPdvTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQxMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0NmI4YjMyNWZkMzJjZmRjMTliNWZmMTkxZjRkYmU3MWYxYjJmYjI5MjY1
YmJmNzcxYTZiZTgwMTgzZDFkZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYhHh3KuiNYrKbvhBKSCHppCRwL0iwLR517kepItPPIVYfgTkxYncazLndV
2jZH65OCE7aOBYg20x26UDI+t0KrEVtNYA4EskQa+RcFqSd3sM2AHfZCIxh6NgA6
VAXNZRdDDWisqwii6kx289fBg7RN8iSU5x0kKG/DDFJLcSODwWuRbEIGeuc99M5e
G4mGDgvwLZU/8LEJHVk08e8hYIG/KZXZC49H15BAhhSf1wx5FO3NFbhKfzuuodle
LJnUBLQ1dQOrsOPd5u5OS0FQ+Lohc4Oqt9iRju/gopkw94ptMZKcP8+RRqfI4IZy
5PssnrRHp8twBTVDEbjKFLu2aOMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvpqJJ
eUAXWrcSs66PYcTEz2/aVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjBkZTkyZDktOWIxNC00MzIzLWIyZTAtYTQ2NGY2MGY3NmI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB4V9cV5A03BwV/U4/9oqYv022cAhJPOPsPpS63
jowgdc6Vms90wjzcyCpfQi9F2h+aKOtcILJjCjbSU4LS312Ww5x+/6aB/03f95pt
uuqznmy5RuLHNmGGpDf0wR8GXpe5rdF3wm2d8fGxX4Bt2H2v0YWQSOvJmFLiXqEM
s+vALs5YiuPgH+u7Rtm/Gog+JlFpQGTPjD9wkbTWYonZaGHwfRRwtOBnY9YLbbt8
PbVp3yKQb/x6OZ0LU7UzUBqvnMKpdf1T+eJv8f7BTqy4QA9vgTahXQhkn/J7hHhO
TXANr//0egaw1ar2zmE26aheewCwl38+0u0kgy404f4/uFcp
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:45 2025 by rpki-client