Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe68f71c-32d4-46a2-be36-53b6d6e7b801.roa
File: fe68f71c-32d4-46a2-be36-53b6d6e7b801.roa (raw, json)
Hash identifier: /JqFL2r7Ck1GxIIB4EXmGoukwwtx/ejoR3E3Pu+0FPU=
Subject key identifier: B4:50:07:43:EE:8C:B1:31:B0:25:D7:7C:3C:E0:F1:98:29:11:A2:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 940AAB27071634938C9ECEF311BB061EEAAF5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe68f71c-32d4-46a2-be36-53b6d6e7b801.roa
Signing time: Tue 20 May 2025 19:40:08 +0000
ROA not before: Tue 20 May 2025 19:40:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
94:0a:ab:27:07:16:34:93:8c:9e:ce:f3:11:bb:06:1e:ea:af:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5a8cee633d45a4850b3036ee860153a7789cbd6405aae4a558a6087771e0c9eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ad:f9:5c:66:60:40:12:41:c3:8a:58:2a:0a:
38:75:59:d4:84:3d:3b:06:a7:ef:a6:22:20:21:64:
6f:e6:a2:ed:af:4a:d0:f0:6a:97:7b:7d:5a:d7:a2:
15:8f:89:e1:ba:05:0d:01:36:87:4b:46:e1:50:be:
3e:bb:42:db:9d:8d:f1:88:8d:cd:63:d2:11:2d:1d:
c6:f2:3d:0f:fa:4e:d3:81:e7:77:c6:7b:e0:4f:07:
53:e7:a5:06:fa:34:47:2f:28:e1:f8:95:18:f5:c4:
e1:d0:85:45:64:b4:c8:47:39:06:5c:76:98:17:d3:
db:31:41:6c:fa:e6:04:62:a2:d6:13:a5:bd:a9:06:
55:e5:37:a2:04:43:94:04:dc:28:b4:f7:77:d1:e0:
96:fe:0e:8b:d7:e0:76:d3:08:c5:ea:34:84:bd:0e:
eb:e4:a1:c6:64:5c:9f:bd:bc:91:b0:39:01:da:93:
51:09:ee:2d:5d:07:6d:01:52:17:c5:28:61:76:b9:
f8:60:12:ef:6e:a2:de:9c:a9:96:9f:a2:99:41:42:
82:0e:54:e2:b0:20:c9:f6:44:1b:d7:3c:c3:08:32:
e3:96:ea:f5:dd:69:c7:33:ef:0a:37:1d:d6:45:1e:
3f:25:9a:63:a6:53:57:49:34:78:9d:63:96:28:31:
6e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:50:07:43:EE:8C:B1:31:B0:25:D7:7C:3C:E0:F1:98:29:11:A2:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe68f71c-32d4-46a2-be36-53b6d6e7b801.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2080::/46
Signature Algorithm: sha256WithRSAEncryption
a3:5a:db:ff:24:1b:e1:4f:93:33:48:ce:00:ab:a7:5a:b8:de:
d7:27:fd:44:21:48:ce:7e:27:64:73:a3:19:2f:55:98:86:7c:
4f:1d:70:c7:72:68:ed:33:43:4d:43:b4:bb:ec:30:4e:1e:0e:
dc:69:00:df:1a:f1:9b:a9:25:ed:99:14:5b:5e:45:13:68:6a:
b8:b2:5f:a7:05:ce:fb:37:3c:3a:08:1e:54:d9:1e:bd:54:98:
f0:3c:ea:16:9d:1b:99:68:19:d5:50:85:1a:06:cc:d3:2f:e7:
d2:97:5e:6a:f8:66:27:eb:25:08:ea:92:08:71:74:ef:e1:cb:
ac:94:99:5b:a2:f6:3e:19:40:f2:6d:9e:51:0a:0d:9d:96:cb:
d2:50:53:3f:03:09:29:f3:4a:ca:0e:7f:a0:cb:36:f7:fd:fb:
94:56:f1:4e:36:2f:69:22:8e:83:ca:10:93:a0:59:19:b4:b5:
c5:28:f3:52:df:aa:9a:11:19:02:b8:d8:db:4f:53:d0:b1:5d:
33:3d:b2:b0:65:bf:53:49:f5:be:40:90:d9:b1:55:47:70:31:
d3:21:94:60:f9:8b:a6:ee:09:b2:e1:5b:11:c7:4e:b8:e1:0e:
8e:9e:37:f3:9c:72:7f:a0:41:37:28:94:9f:38:b5:64:53:77:
05:bb:cc:dd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAJQKqycHFjSTjJ7O8xG7Bh7qr1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhOGNlZTYzM2Q0NWE0ODUwYjMwMzZlZTg2MDE1M2E3Nzg5Y2JkNjQwNWFh
ZTRhNTU4YTYwODc3NzFlMGM5ZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWt+VxmYEASQcOKWCoKOHVZ1IQ9Owan76YiICFkb+ai7a9K0PBql3t9Wtei
FY+J4boFDQE2h0tG4VC+PrtC252N8YiNzWPSES0dxvI9D/pO04Hnd8Z74E8HU+el
Bvo0Ry8o4fiVGPXE4dCFRWS0yEc5Blx2mBfT2zFBbPrmBGKi1hOlvakGVeU3ogRD
lATcKLT3d9Hglv4Oi9fgdtMIxeo0hL0O6+ShxmRcn728kbA5AdqTUQnuLV0HbQFS
F8UoYXa5+GAS726i3pyplp+imUFCgg5U4rAgyfZEG9c8wwgy45bq9d1pxzPvCjcd
1kUePyWaY6ZTV0k0eJ1jligxbh0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS0UAdD
7oyxMbAl13w84PGYKRGiXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmU2OGY3MWMtMzJkNC00NmEyLWJlMzYtNTNiNmQ2ZTdiODAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hcg
gDANBgkqhkiG9w0BAQsFAAOCAQEAo1rb/yQb4U+TM0jOAKunWrje1yf9RCFIzn4n
ZHOjGS9VmIZ8Tx1wx3Jo7TNDTUO0u+wwTh4O3GkA3xrxm6kl7ZkUW15FE2hquLJf
pwXO+zc8OggeVNkevVSY8DzqFp0bmWgZ1VCFGgbM0y/n0pdeavhmJ+slCOqSCHF0
7+HLrJSZW6L2PhlA8m2eUQoNnZbL0lBTPwMJKfNKyg5/oMs29/37lFbxTjYvaSKO
g8oQk6BZGbS1xSjzUt+qmhEZArjY209T0LFdMz2ysGW/U0n1vkCQ2bFVR3Ax0yGU
YPmLpu4JsuFbEcdOuOEOjp4385xyf6BBNyiUnzi1ZFN3BbvM3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:26 2025 by rpki-client