Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
File: fc40321f-72c2-43a4-8c42-0e935f8f1943.roa (raw, json)
Hash identifier: sYKJ5vvVnsbbWRkDwBme4iLw04xrRrXYCa9Fs3PzxR4=
Subject key identifier: 85:9C:13:D3:E9:90:68:EF:D5:87:83:40:EB:6F:06:71:42:EB:3C:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 124EE78200BB3BD9D6EF01F28D98119ABAA70482
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
Signing time: Tue 20 May 2025 18:51:15 +0000
ROA not before: Tue 20 May 2025 18:51:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:4e:e7:82:00:bb:3b:d9:d6:ef:01:f2:8d:98:11:9a:ba:a7:04:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:51:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=63cb2d0a52d61c583cec56f710da21cea753f315aaf334eb47d4d3c83787363f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ae:e2:8b:58:80:cc:00:ce:62:6b:84:a3:8b:
c0:53:e4:ee:b0:05:f6:b3:05:9a:e0:cc:c0:08:16:
4d:f7:20:f7:66:bd:38:16:4b:48:bb:24:94:d0:1e:
5a:7b:62:e3:ef:cd:54:c5:37:8e:23:4c:80:ac:f4:
57:a5:69:3c:2c:99:46:40:19:1f:3a:72:f4:12:70:
d1:95:c3:ac:88:b2:ec:3d:e0:38:c6:fb:a5:29:fd:
ff:3b:d6:84:19:a8:d0:5c:71:48:45:c5:23:58:61:
d4:47:a9:94:62:d1:6d:0d:9b:de:a1:0b:3a:23:38:
98:bc:e4:98:19:fb:a0:8a:e4:0c:db:ac:88:cd:3f:
77:ab:de:95:e3:7f:34:74:bb:4b:63:26:57:d9:e2:
77:a6:d0:3f:99:b2:79:68:bd:17:9f:e9:7c:a4:47:
86:cc:c4:46:2f:a8:21:72:b4:0f:f9:1a:c6:49:3b:
d2:35:e7:a5:c2:d7:64:bf:0d:c8:a0:a6:c9:a6:ae:
0a:71:3c:11:4f:27:4c:d3:74:e8:47:2b:63:aa:87:
8d:36:68:f9:83:52:e7:38:ed:05:06:ee:0d:ee:c1:
c3:b9:59:f9:b2:89:c2:02:89:ac:83:00:a3:50:75:
62:37:f8:66:94:db:bb:ed:ca:e8:6b:76:d4:11:e5:
92:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9C:13:D3:E9:90:68:EF:D5:87:83:40:EB:6F:06:71:42:EB:3C:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
09:62:4e:c7:98:d5:f4:75:88:8d:20:70:58:e7:91:21:74:8f:
3d:b2:b4:42:f0:c9:90:44:2c:72:49:c2:3e:4e:3b:2a:fb:ca:
90:59:f3:aa:ed:64:b8:66:5f:a4:98:59:16:ee:5d:75:b7:ad:
66:ca:e2:f6:6f:3c:1d:95:cf:14:b1:dd:61:33:75:b3:1b:6e:
4c:bb:a5:af:07:10:56:b1:37:d8:0a:97:32:26:7e:37:3a:5d:
3c:78:ba:fb:57:fc:9f:17:26:e4:93:f1:6a:34:bf:2d:a0:09:
15:5d:70:79:71:d8:7f:bb:a1:b7:9a:e8:98:e4:c3:02:79:73:
46:c3:5e:ac:a8:42:6f:89:8a:57:7d:22:2e:b0:3f:1c:7c:c5:
b5:69:e2:0b:69:3b:8b:83:51:42:50:3f:cb:fa:51:2f:b9:90:
f8:dc:46:18:94:3a:1a:ce:35:66:5c:4b:8f:fc:be:95:e8:34:
ae:65:c8:4c:b2:eb:7b:23:73:b2:c3:c6:04:80:4d:94:2d:a3:
3b:58:d2:18:2f:8e:ab:29:2d:15:2b:9e:78:56:c8:44:d2:02:
3a:8b:98:21:00:5a:4d:c8:9e:d4:fc:0e:2b:cf:43:58:c5:97:
b7:30:0c:81:69:ab:a6:ae:b1:c5:95:62:cf:39:93:23:48:7d:
91:20:b7:9c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEk7nggC7O9nW7wHyjZgRmrqnBIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUxMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzY2IyZDBhNTJkNjFjNTgzY2VjNTZmNzEwZGEyMWNlYTc1M2YzMTVhYWYz
MzRlYjQ3ZDRkM2M4Mzc4NzM2M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmu4otYgMwAzmJrhKOLwFPk7rAF9rMFmuDMwAgWTfcg92a9OBZLSLsklNAe
Wnti4+/NVMU3jiNMgKz0V6VpPCyZRkAZHzpy9BJw0ZXDrIiy7D3gOMb7pSn9/zvW
hBmo0FxxSEXFI1hh1EeplGLRbQ2b3qELOiM4mLzkmBn7oIrkDNusiM0/d6veleN/
NHS7S2MmV9nid6bQP5myeWi9F5/pfKRHhszERi+oIXK0D/kaxkk70jXnpcLXZL8N
yKCmyaauCnE8EU8nTNN06EcrY6qHjTZo+YNS5zjtBQbuDe7Bw7lZ+bKJwgKJrIMA
o1B1Yjf4ZpTbu+3K6Gt21BHlksUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSFnBPT
6ZBo79WHg0DrbwZxQus8ZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0MDMyMWYtNzJjMi00M2E0LThjNDItMGU5MzVmOGYxOTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
wDANBgkqhkiG9w0BAQsFAAOCAQEACWJOx5jV9HWIjSBwWOeRIXSPPbK0QvDJkEQs
cknCPk47KvvKkFnzqu1kuGZfpJhZFu5ddbetZsri9m88HZXPFLHdYTN1sxtuTLul
rwcQVrE32AqXMiZ+NzpdPHi6+1f8nxcm5JPxajS/LaAJFV1weXHYf7uht5romOTD
AnlzRsNerKhCb4mKV30iLrA/HHzFtWniC2k7i4NRQlA/y/pRL7mQ+NxGGJQ6Gs41
ZlxLj/y+leg0rmXITLLreyNzssPGBIBNlC2jO1jSGC+OqyktFSueeFbIRNICOouY
IQBaTcie1PwOK89DWMWXtzAMgWmrpq6xxZVizzmTI0h9kSC3nA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:46 2025 by rpki-client