Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
File: fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa (raw, json)
Hash identifier: CDDqA+Tx4ToJWwnlRJCzOmZLGvKKeAky1/7WVUIEzJ4=
Subject key identifier: EA:95:CF:79:3E:8E:76:0D:C6:6D:5F:BE:4B:05:51:9F:58:58:14:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55F9F09EB09A344EA0AC099F98D1BB46306C70CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
Signing time: Tue 20 May 2025 18:50:21 +0000
ROA not before: Tue 20 May 2025 18:50:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:f9:f0:9e:b0:9a:34:4e:a0:ac:09:9f:98:d1:bb:46:30:6c:70:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=248c3ecfb2a7154c652839ca9e8a9f6facbb7452fc0e0bf02a5eeef2baa81bb2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:52:9e:02:43:7d:b4:c2:8d:a0:ca:ec:a7:32:
e7:79:e7:f1:96:b0:77:95:4e:17:7a:d2:ff:b8:57:
5e:e5:06:c4:3c:aa:a3:e9:39:2a:e3:29:cc:90:2f:
f3:df:bb:ea:5a:8b:1c:ca:f1:a0:e1:14:df:c3:e8:
7c:20:21:e8:31:0f:6e:bd:2a:35:00:03:a4:68:76:
08:99:4a:cd:c7:3b:2d:bd:f4:18:eb:2f:86:25:80:
b6:eb:33:21:6b:3d:73:15:fe:d4:7a:6d:6b:52:09:
52:ee:25:cc:0f:bc:e4:eb:bd:34:d7:3b:63:85:a1:
97:30:27:25:ac:11:e1:8c:bb:52:52:d5:01:0e:d8:
a0:6c:8a:6e:fd:2e:c3:2c:22:8f:22:4f:f2:5a:5f:
2f:0c:98:6d:45:58:a3:6b:1a:27:47:87:99:5a:3f:
69:e5:a9:c4:16:ff:bb:71:18:35:86:c7:f1:b3:de:
05:3e:9c:fa:fc:4b:16:49:ce:e9:ca:5a:ca:37:89:
e8:6f:c6:e7:62:cb:64:1c:19:94:6e:7c:37:09:4a:
40:1c:80:d7:ed:a0:db:46:34:21:1d:e7:16:30:e5:
9a:8d:f1:f1:81:71:73:42:71:15:a6:37:f5:31:a8:
ff:5c:c4:87:81:be:52:da:8b:09:8a:15:12:4e:ce:
b4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:95:CF:79:3E:8E:76:0D:C6:6D:5F:BE:4B:05:51:9F:58:58:14:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:b2:d7:99:96:17:cd:d0:6b:eb:4c:e3:b4:d2:63:64:94:8d:
ca:02:85:70:ea:25:97:b8:c2:7f:55:23:ed:47:14:e7:0c:cc:
ed:95:c4:d1:74:f5:90:af:2c:40:2d:2c:85:34:82:54:32:1d:
a6:35:2f:a8:5b:52:82:2f:74:97:c7:e4:13:a4:9c:d8:a5:33:
df:9b:9d:95:3a:d0:c7:64:47:77:6b:8a:7f:00:bd:a7:95:4d:
c1:65:f9:1b:b7:d1:4e:a9:08:45:ff:6f:73:f9:b5:6e:7a:5e:
7d:cf:e4:8a:8d:e7:a1:cc:2f:a7:ed:b8:4e:89:eb:c3:21:c6:
56:f9:3d:7c:9c:2d:61:f0:f6:1d:8d:f3:04:ef:c9:f4:18:d2:
b1:8f:dc:84:18:f9:73:bb:2f:ed:24:73:90:be:dc:1a:38:20:
9d:e8:97:ee:0b:74:3b:86:74:85:dc:78:86:34:c6:49:7c:01:
a8:2a:92:7b:0d:63:01:13:29:c3:f6:f7:5f:7d:8e:af:6a:5b:
b0:5d:a6:87:2a:39:2f:58:49:56:3f:49:57:ff:a9:af:d0:ad:
a8:25:33:c4:6d:f7:37:c6:e5:86:b3:66:15:1f:d9:79:53:9b:
b8:0e:1a:f0:3b:04:9b:bb:2a:c8:90:6a:ef:39:31:7e:19:4a:
5b:a4:0d:cf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVfnwnrCaNE6grAmfmNG7RjBscM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0OGMzZWNmYjJhNzE1NGM2NTI4MzljYTllOGE5ZjZmYWNiYjc0NTJmYzBl
MGJmMDJhNWVlZWYyYmFhODFiYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1SngJDfbTCjaDK7Kcy53nn8Zawd5VOF3rS/7hXXuUGxDyqo+k5KuMpzJAv
89+76lqLHMrxoOEU38PofCAh6DEPbr0qNQADpGh2CJlKzcc7Lb30GOsvhiWAtusz
IWs9cxX+1Hpta1IJUu4lzA+85Ou9NNc7Y4WhlzAnJawR4Yy7UlLVAQ7YoGyKbv0u
wywijyJP8lpfLwyYbUVYo2saJ0eHmVo/aeWpxBb/u3EYNYbH8bPeBT6c+vxLFknO
6cpayjeJ6G/G52LLZBwZlG58NwlKQByA1+2g20Y0IR3nFjDlmo3x8YFxc0JxFaY3
9TGo/1zEh4G+UtqLCYoVEk7OtF8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqlc95
Po52DcZtX75LBVGfWFgUgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmMzY2YxZmYtMjA5ZC00NmY2LWE3ZGQtYTdiYTVkNWJmYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiA
MA0GCSqGSIb3DQEBCwUAA4IBAQBasteZlhfN0GvrTOO00mNklI3KAoVw6iWXuMJ/
VSPtRxTnDMztlcTRdPWQryxALSyFNIJUMh2mNS+oW1KCL3SXx+QTpJzYpTPfm52V
OtDHZEd3a4p/AL2nlU3BZfkbt9FOqQhF/29z+bVuel59z+SKjeehzC+n7bhOievD
IcZW+T18nC1h8PYdjfME78n0GNKxj9yEGPlzuy/tJHOQvtwaOCCd6JfuC3Q7hnSF
3HiGNMZJfAGoKpJ7DWMBEynD9vdffY6valuwXaaHKjkvWElWP0lX/6mv0K2oJTPE
bfc3xuWGs2YVH9l5U5u4DhrwOwSbuyrIkGrvOTF+GUpbpA3P
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:59 2025 by rpki-client