Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
File: f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa (raw, json)
Hash identifier: 5ie3KhsyQ9xgUVN/5UUO4SNeJdEW7acgdec3h15UidU=
Subject key identifier: 1A:F0:F8:35:D6:C8:70:53:FE:34:5D:19:01:E5:08:C6:DD:1D:B2:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 795CE94A2FCA1EC8DEA4E99A78CE06E66F170D1D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
Signing time: Tue 20 May 2025 18:21:21 +0000
ROA not before: Tue 20 May 2025 18:21:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:5c:e9:4a:2f:ca:1e:c8:de:a4:e9:9a:78:ce:06:e6:6f:17:0d:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:21:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=111bd255f00cf823ee2061486e4bc7bd0598d1b59e9bfbbbb054f14e4ff6a88e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b3:d7:8a:77:79:f9:b4:28:cb:0f:7f:12:8a:
3f:3f:ff:27:67:2f:25:4f:e8:63:c4:54:06:0d:f4:
07:31:7e:e9:c2:cc:2b:9a:3d:7a:71:67:b5:c1:c4:
d0:82:c7:c7:ab:3b:6b:48:32:44:a1:b8:10:04:87:
2c:f4:58:6d:b0:d1:ac:c9:99:4c:da:21:47:33:17:
94:a1:90:3c:21:7d:df:8b:10:bb:a2:ec:82:1b:ff:
28:b2:b4:df:cc:f2:3c:d6:f7:6a:b0:10:a2:b5:44:
7a:ca:ec:76:19:e0:44:aa:8b:b2:09:32:48:53:f7:
c4:1e:df:e7:45:db:cc:50:a4:95:d4:23:c0:5b:69:
19:dd:70:47:4e:14:b1:81:f2:30:ab:40:fa:dd:b1:
9b:48:f8:f9:5e:f3:bf:dd:68:b6:a9:d7:19:90:eb:
ea:17:e2:4c:15:94:82:3f:db:f9:6f:7d:9d:70:c1:
75:ed:9d:74:1b:da:20:c8:d2:48:35:4d:3f:24:91:
99:38:77:6d:a0:73:e5:59:2a:02:d8:a2:16:8d:7d:
3c:b1:46:a9:83:36:06:31:24:d3:63:17:e1:59:61:
d5:ca:94:0c:86:79:66:fd:65:9a:d3:09:f7:4b:3f:
fa:3a:dd:f4:f1:d9:4b:05:2f:2d:ea:ee:91:9a:35:
17:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F0:F8:35:D6:C8:70:53:FE:34:5D:19:01:E5:08:C6:DD:1D:B2:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6040::/48
Signature Algorithm: sha256WithRSAEncryption
71:1f:68:8c:aa:4b:2e:8f:06:66:5d:f5:28:f9:52:d1:74:00:
5d:d9:d2:7e:27:fe:63:f8:6f:af:4a:f8:16:ba:a5:a0:0b:a0:
6a:e2:f3:a5:b8:8c:f8:c4:9e:92:a3:e8:a2:c2:e8:9f:fe:1d:
67:27:0a:8b:f1:e2:0c:ef:ba:f2:c8:db:cc:75:7f:c3:4d:7d:
aa:e4:9d:ad:b6:bd:c7:d8:e4:18:73:f1:72:a9:57:4c:d0:bf:
22:24:dd:71:98:26:08:65:b1:92:ff:6d:8d:4c:a3:6a:c7:8c:
93:ca:15:19:be:53:d5:a9:7c:8f:35:ba:ab:c2:47:62:f8:1a:
ee:48:78:64:eb:d5:b7:6d:dd:72:f7:70:9b:ba:30:d0:6c:0b:
e0:89:24:bd:d1:35:5b:0e:3c:85:5d:5f:16:2f:36:d0:8a:ba:
3a:20:08:f9:92:00:d8:8f:96:71:f4:8e:15:c7:e5:12:05:2e:
69:e7:d4:01:23:79:20:68:ca:93:c6:56:06:bd:ba:5e:61:76:
8c:19:09:83:75:10:83:89:58:3f:00:8c:8c:a0:84:09:49:b5:
ae:b4:99:b9:c4:c0:01:67:93:0b:c2:02:04:f6:c1:bd:37:e2:
95:f1:87:29:bd:90:e3:35:7c:4b:3d:96:47:85:c8:b2:06:93:
a8:ae:2c:a3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeVzpSi/KHsjepOmaeM4G5m8XDR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIxMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDExMWJkMjU1ZjAwY2Y4MjNlZTIwNjE0ODZlNGJjN2JkMDU5OGQxYjU5ZTli
ZmJiYmIwNTRmMTRlNGZmNmE4OGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPGz14p3efm0KMsPfxKKPz//J2cvJU/oY8RUBg30BzF+6cLMK5o9enFntcHE
0ILHx6s7a0gyRKG4EASHLPRYbbDRrMmZTNohRzMXlKGQPCF934sQu6Lsghv/KLK0
38zyPNb3arAQorVEesrsdhngRKqLsgkySFP3xB7f50XbzFCkldQjwFtpGd1wR04U
sYHyMKtA+t2xm0j4+V7zv91otqnXGZDr6hfiTBWUgj/b+W99nXDBde2ddBvaIMjS
SDVNPySRmTh3baBz5VkqAtiiFo19PLFGqYM2BjEk02MX4Vlh1cqUDIZ5Zv1lmtMJ
90s/+jrd9PHZSwUvLerukZo1F/0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQa8Pg1
1shwU/40XRkB5QjG3R2ycTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVlNjQ5MzgtZmMyZC00OTcxLWIyZGEtYWFiYzlmZTU1NmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
QDANBgkqhkiG9w0BAQsFAAOCAQEAcR9ojKpLLo8GZl31KPlS0XQAXdnSfif+Y/hv
r0r4FrqloAugauLzpbiM+MSekqPoosLon/4dZycKi/HiDO+68sjbzHV/w019quSd
rba9x9jkGHPxcqlXTNC/IiTdcZgmCGWxkv9tjUyjaseMk8oVGb5T1al8jzW6q8JH
Yvga7kh4ZOvVt23dcvdwm7ow0GwL4IkkvdE1Ww48hV1fFi820Iq6OiAI+ZIA2I+W
cfSOFcflEgUuaefUASN5IGjKk8ZWBr26XmF2jBkJg3UQg4lYPwCMjKCECUm1rrSZ
ucTAAWeTC8ICBPbBvTfilfGHKb2Q4zV8Sz2WR4XIsgaTqK4sow==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:30 2025 by rpki-client