Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
File: fbd3a3af-f307-4148-9e34-70199540a838.roa (raw, json)
Hash identifier: 8VGaH5E2lSWKzuyF3ulbGtHb7d1qYJlfWYmLile7UTk=
Subject key identifier: CC:1E:0E:6A:C5:4A:E6:10:F4:2A:D5:CE:1C:4F:2C:9F:4A:A2:CD:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FBB256BC7398E4AC7404CEE3C231C149E92015F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
Signing time: Tue 20 May 2025 19:00:12 +0000
ROA not before: Tue 20 May 2025 19:00:12 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:bb:25:6b:c7:39:8e:4a:c7:40:4c:ee:3c:23:1c:14:9e:92:01:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:12 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=7e195d7fd8fb23600a5f24a813ba9bbe40805f6a7d49ba6b94495510ba6ce474, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2f:8a:73:77:43:76:9a:35:3c:85:8d:10:70:
b0:7f:4d:06:6f:0b:c3:51:91:ec:77:51:74:db:a8:
2b:ae:ec:9e:dd:20:3d:89:ff:60:f0:d6:ce:64:0a:
24:eb:31:9a:3f:f1:06:85:ab:19:49:2f:85:78:c5:
22:59:27:35:e2:3d:c7:ae:9b:48:94:41:54:09:c8:
07:68:e8:f3:d2:28:51:b9:69:7d:3a:45:95:ea:b2:
a2:75:70:d8:b2:6a:c2:ed:75:b5:9d:53:dc:74:a7:
e7:bc:53:d6:02:f5:a0:ca:02:b9:3c:1a:c0:6d:35:
a5:e6:83:17:6b:56:c9:5f:08:32:80:40:d3:af:4b:
ec:5a:f5:57:d2:e3:15:f6:9c:5c:8e:58:f6:fa:2a:
1e:2e:e1:cf:83:9a:ac:29:46:8a:72:2e:9c:c4:2b:
04:bc:1e:00:a0:d8:95:79:83:83:56:0c:02:93:9f:
6b:0a:69:77:b7:2e:6e:ae:4f:b7:fe:b0:2f:92:55:
b3:15:26:e6:2e:6a:2f:f7:f0:fc:53:76:74:9f:d3:
39:dd:81:04:c2:e7:6c:de:84:7f:d5:e0:94:4e:46:
f4:34:d4:ca:3e:31:7f:68:61:b0:10:3f:ec:eb:ea:
f4:bd:cc:98:75:fd:cc:ba:c5:6b:aa:96:7f:d8:a8:
06:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1E:0E:6A:C5:4A:E6:10:F4:2A:D5:CE:1C:4F:2C:9F:4A:A2:CD:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b000::/40
Signature Algorithm: sha256WithRSAEncryption
97:6d:8e:48:6d:e7:a7:8e:dc:39:c9:6c:d9:0b:b9:d8:a4:0d:
0d:09:6a:64:eb:59:e5:c5:89:b6:98:7c:64:39:2c:3d:ac:cb:
1c:ca:eb:81:3f:99:01:ad:58:f9:90:3c:fc:8d:af:58:d2:a6:
47:f8:41:8b:40:6d:fb:a7:2a:59:e7:1b:17:19:56:a6:26:c0:
d9:d1:47:74:42:13:c3:dd:75:13:77:56:13:bb:de:31:6b:6d:
6e:88:b2:5c:60:77:28:6d:10:be:eb:55:8c:a3:4f:cd:ce:69:
f9:31:36:fa:dc:f8:e5:e6:e4:f9:0a:17:db:6b:53:44:a9:35:
7f:ec:99:55:7a:8e:1d:76:75:d9:1f:ae:6d:90:58:91:b9:f9:
d5:58:41:8b:5b:5c:ed:fb:14:0e:af:75:27:12:bf:24:9c:08:
cd:d8:c5:94:75:c4:22:4a:8d:3d:89:c1:2a:40:05:95:9b:27:
7c:38:d0:74:24:3b:92:35:6e:b6:0a:33:6e:ac:c1:e2:bd:d4:
76:85:a1:ca:2b:78:81:4f:0d:8c:98:11:91:74:35:15:2e:2f:
d2:cb:67:ae:2c:d3:fc:9b:94:2c:20:82:7a:b9:6f:85:5c:96:
fb:6f:32:ec:1f:b5:03:5b:76:2b:69:67:15:ca:29:1d:24:81:
7c:c8:01:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH7sla8c5jkrHQEzuPCMcFJ6SAV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlMTk1ZDdmZDhmYjIzNjAwYTVmMjRhODEzYmE5YmJlNDA4MDVmNmE3ZDQ5
YmE2Yjk0NDk1NTEwYmE2Y2U0NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUvinN3Q3aaNTyFjRBwsH9NBm8Lw1GR7HdRdNuoK67snt0gPYn/YPDWzmQK
JOsxmj/xBoWrGUkvhXjFIlknNeI9x66bSJRBVAnIB2jo89IoUblpfTpFleqyonVw
2LJqwu11tZ1T3HSn57xT1gL1oMoCuTwawG01peaDF2tWyV8IMoBA069L7Fr1V9Lj
FfacXI5Y9voqHi7hz4OarClGinIunMQrBLweAKDYlXmDg1YMApOfawppd7cubq5P
t/6wL5JVsxUm5i5qL/fw/FN2dJ/TOd2BBMLnbN6Ef9XglE5G9DTUyj4xf2hhsBA/
7Ovq9L3MmHX9zLrFa6qWf9ioBu0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTMHg5q
xUrmEPQq1c4cTyyfSqLNiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmJkM2EzYWYtZjMwNy00MTQ4LTllMzQtNzAxOTk1NDBhODM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Diw
MA0GCSqGSIb3DQEBCwUAA4IBAQCXbY5Ibeenjtw5yWzZC7nYpA0NCWpk61nlxYm2
mHxkOSw9rMscyuuBP5kBrVj5kDz8ja9Y0qZH+EGLQG37pypZ5xsXGVamJsDZ0Ud0
QhPD3XUTd1YTu94xa21uiLJcYHcobRC+61WMo0/Nzmn5MTb63Pjl5uT5Chfba1NE
qTV/7JlVeo4ddnXZH65tkFiRufnVWEGLW1zt+xQOr3UnEr8knAjN2MWUdcQiSo09
icEqQAWVmyd8ONB0JDuSNW62CjNurMHivdR2haHKK3iBTw2MmBGRdDUVLi/Sy2eu
LNP8m5QsIIJ6uW+FXJb7bzLsH7UDW3YraWcVyikdJIF8yAGn
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:31 2025 by rpki-client