Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
File: f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa (raw, json)
Hash identifier: ZE5k5X06T2HLt6EHiEmoCcAypiIuMoXnl/i4maDCZfA=
Subject key identifier: C3:C2:E6:37:58:68:4F:8F:FA:C6:5F:22:A7:DF:E2:64:BF:17:51:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20C71652973FC723E5FA6A8E063750C2451DB9D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
Signing time: Fri 30 May 2025 15:00:02 +0000
ROA not before: Fri 30 May 2025 15:00:02 +0000
ROA not after: Fri 04 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:c7:16:52:97:3f:c7:23:e5:fa:6a:8e:06:37:50:c2:45:1d:b9:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 30 15:00:02 2025 GMT
Not After : Jul 4 23:59:59 2025 GMT
Subject: serialNumber=6defe23550737b5730b1186123e2bd7e086b9ba3bc2e3e17551a33c7fabf933c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:90:b3:69:b9:df:20:41:2f:b0:3a:4b:f5:f4:
26:a3:03:96:dd:d5:06:17:7f:ce:ab:74:70:60:13:
e0:68:e0:4c:29:2a:97:b8:00:f3:5d:dd:a1:e3:41:
9e:10:94:07:ae:69:18:b7:a5:b8:e7:80:ca:ff:b7:
ba:f9:e5:2b:79:5e:f4:d1:d8:b2:26:f9:03:15:f9:
63:fb:cc:09:9f:de:38:6a:37:df:1b:ef:b5:2c:40:
85:24:3b:b0:35:1c:05:b0:64:85:c9:57:1c:a3:ff:
52:6b:72:ac:fb:7e:cd:2d:44:0c:fc:c2:be:b4:a9:
9e:4f:73:81:cf:3a:ba:1b:31:a5:e8:b0:45:82:ff:
1b:2d:5f:9f:6c:60:d1:c0:81:e6:b2:22:fe:14:c3:
aa:7a:1d:6d:7d:b0:ad:45:28:20:cc:bc:15:87:fd:
db:52:e3:c4:3c:66:20:36:43:47:39:ae:64:c0:9e:
6f:fb:7b:c4:a6:20:85:32:fd:79:27:ce:73:fa:27:
0b:d2:71:99:6f:fe:c8:7b:ab:4d:90:96:84:33:f7:
14:ca:e7:32:09:88:93:85:c6:71:76:92:9a:9a:d4:
3f:a6:5f:3b:04:2c:81:06:a2:ec:e4:81:ef:7c:11:
e1:ad:51:c6:2b:4d:e9:46:1b:64:9c:c4:78:bc:98:
60:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C2:E6:37:58:68:4F:8F:FA:C6:5F:22:A7:DF:E2:64:BF:17:51:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
9e:a5:c5:60:7b:67:99:37:9a:a6:df:28:98:23:04:25:16:8a:
88:de:af:f4:15:15:88:91:d3:9c:a3:44:24:0f:66:34:e8:4a:
f5:40:74:2a:ac:51:f8:15:fd:a3:b2:79:24:ed:f0:45:55:86:
ae:dc:c9:f2:55:fc:a7:5c:5c:85:fa:74:62:b3:ca:44:5d:f1:
83:0e:66:f5:07:05:ed:d6:2a:1c:59:b0:4a:2a:d4:4e:72:a8:
b9:62:90:d9:f9:da:6a:44:0c:01:1c:6c:76:1d:ee:90:79:f5:
c0:6c:50:70:15:ad:23:66:95:53:c6:a5:e4:c4:2f:33:05:17:
7e:94:a0:56:5d:08:07:3e:eb:14:6b:84:8b:e5:08:ab:bb:62:
e5:99:f3:2e:bd:d2:46:0c:95:d6:02:5a:2f:d5:5e:cc:91:59:
95:9e:a9:89:fa:c0:0e:58:14:a2:74:6c:36:da:68:9a:99:44:
01:d7:2e:2e:58:58:4e:b7:61:b2:e9:95:d3:1e:7d:31:a1:2f:
e1:fb:0a:4e:33:f7:7a:eb:78:20:b6:5e:2f:af:f5:e2:b1:46:
76:22:6d:2f:52:19:78:a3:63:2a:7c:50:0a:da:7b:96:78:a9:
31:83:94:3d:41:5a:2c:18:a9:c7:2f:77:8e:13:be:f2:36:10:
2b:8f:ab:ab
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUIMcWUpc/xyPl+mqOBjdQwkUdudAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MzAxNTAwMDJaFw0yNTA3MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkZWZlMjM1NTA3MzdiNTczMGIxMTg2MTIzZTJiZDdlMDg2YjliYTNiYzJl
M2UxNzU1MWEzM2M3ZmFiZjkzM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2Qs2m53yBBL7A6S/X0JqMDlt3VBhd/zqt0cGAT4GjgTCkql7gA813doeNB
nhCUB65pGLeluOeAyv+3uvnlK3le9NHYsib5AxX5Y/vMCZ/eOGo33xvvtSxAhSQ7
sDUcBbBkhclXHKP/UmtyrPt+zS1EDPzCvrSpnk9zgc86uhsxpeiwRYL/Gy1fn2xg
0cCB5rIi/hTDqnodbX2wrUUoIMy8FYf921LjxDxmIDZDRzmuZMCeb/t7xKYghTL9
eSfOc/onC9JxmW/+yHurTZCWhDP3FMrnMgmIk4XGcXaSmprUP6ZfOwQsgQai7OSB
73wR4a1RxitN6UYbZJzEeLyYYKECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTDwuY3
WGhPj/rGXyKn3+JkvxdRXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEzZjU0NDQtMzc3YS00ZTUxLWExYzctMTBjMmEzYTNkNmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBAJ6lxWB7Z5k3mqbfKJgjBCUWiojer/QVFYiR05yj
RCQPZjToSvVAdCqsUfgV/aOyeSTt8EVVhq7cyfJV/KdcXIX6dGKzykRd8YMOZvUH
Be3WKhxZsEoq1E5yqLlikNn52mpEDAEcbHYd7pB59cBsUHAVrSNmlVPGpeTELzMF
F36UoFZdCAc+6xRrhIvlCKu7YuWZ8y690kYMldYCWi/VXsyRWZWeqYn6wA5YFKJ0
bDbaaJqZRAHXLi5YWE63YbLpldMefTGhL+H7Ck4z93rreCC2Xi+v9eKxRnYibS9S
GXijYyp8UArae5Z4qTGDlD1BWiwYqccvd44TvvI2ECuPq6s=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:33 2025 by rpki-client