Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
File: 03f51c56-79aa-48ca-895c-790a431bbd73.roa (raw, json)
Hash identifier: ANSWBM20LkA+ia4OV01c/D5zUcgNq9WOcMeYRq2giGc=
Subject key identifier: 3B:30:70:7B:CC:70:D3:93:B5:9F:6A:E3:D0:50:5B:BA:3B:24:6C:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E5C2B73BE3491DDF6D4923445931EDA30B78FB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
Signing time: Fri 16 May 2025 17:40:17 +0000
ROA not before: Fri 16 May 2025 17:40:17 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:5c:2b:73:be:34:91:dd:f6:d4:92:34:45:93:1e:da:30:b7:8f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:17 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=83d5587a57ea530e86960b4f2f7508d06d58e7c888edbe5ca75eb2553c135984, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7c:16:a6:20:7c:8a:9c:c7:2d:82:f8:ca:e6:
95:c0:c6:cf:92:c4:4f:60:dc:a3:ab:cb:80:05:da:
5d:35:57:f2:b3:a6:9d:c6:91:d5:71:80:76:55:bd:
61:ca:a8:33:e6:04:dc:d1:32:ce:89:b7:9e:bb:a7:
ce:10:d8:23:44:85:d6:f9:2c:5a:91:2c:b0:69:b5:
7b:94:f0:e7:9e:2a:a9:d0:e3:7c:aa:98:84:b2:41:
a0:d3:9b:e1:cd:60:9e:5f:d9:74:7c:bc:65:69:1d:
f8:9c:58:63:b9:d5:b6:c7:2e:31:64:af:04:3a:7f:
23:08:94:57:9d:73:ac:63:77:7d:95:69:c0:8f:46:
fb:02:9d:bd:52:0c:09:9e:d1:1d:2a:ce:f2:e7:24:
e4:96:2a:01:62:72:f0:01:42:fc:2b:8a:24:68:a8:
ff:69:38:0d:85:41:2f:75:24:6c:88:1a:a7:b7:93:
4d:fa:70:88:93:45:6e:90:0f:2e:6a:58:77:8b:4b:
99:c3:ee:b4:a3:b8:33:49:03:8a:1f:5d:f2:7e:65:
9d:ee:b8:16:27:3e:0c:2e:ca:42:bf:65:5e:97:d2:
82:92:e3:7d:21:0e:7a:e7:a2:93:7f:44:87:53:bb:
0d:97:dc:29:6d:53:e9:cc:40:00:1b:eb:51:bd:81:
c2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:30:70:7B:CC:70:D3:93:B5:9F:6A:E3:D0:50:5B:BA:3B:24:6C:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:800::/40
Signature Algorithm: sha256WithRSAEncryption
5d:dd:48:8b:77:3e:cf:5c:bb:76:96:70:9e:86:e6:f1:93:07:
74:1b:ca:e9:6c:f2:f2:93:0e:52:41:68:d1:96:38:09:49:6c:
3e:e4:18:b6:c8:91:38:43:16:a2:5a:e1:45:79:29:eb:ae:08:
c8:74:b7:fc:07:6e:2c:e2:42:7e:39:9c:ad:d2:f2:38:96:d0:
cf:10:8e:a6:53:72:3f:d9:28:b1:c8:08:29:0f:39:0f:ad:4f:
6b:b0:de:08:ce:e6:9d:2f:eb:1d:e1:5d:19:a7:c5:9a:2c:07:
fa:c0:4a:90:51:5e:3e:20:2a:de:ea:47:73:da:10:2b:94:ac:
cd:84:49:5f:eb:c2:05:c0:11:0a:4c:8d:bd:86:65:a6:58:8d:
a7:2d:c1:2c:ab:bc:d6:60:64:ab:6e:44:27:27:ef:29:97:b3:
c7:e1:ef:14:b9:6f:0a:ac:a6:8e:ea:19:e2:69:85:31:39:8c:
98:76:e9:90:28:c4:54:80:19:67:3b:90:08:8e:04:3e:c7:17:
28:8b:b6:e6:6f:a4:45:f1:b2:fd:75:e1:e9:91:5d:0c:36:34:
f6:c1:3e:a6:85:8b:a5:d7:2a:27:48:59:82:3e:a0:4f:07:25:
d9:8c:c3:b6:8b:44:fc:ee:80:cc:b7:4a:4e:49:3b:10:fb:5b:
e3:a6:17:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTlwrc740kd321JI0RZMe2jC3j7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwMTdaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzZDU1ODdhNTdlYTUzMGU4Njk2MGI0ZjJmNzUwOGQwNmQ1OGU3Yzg4OGVk
YmU1Y2E3NWViMjU1M2MxMzU5ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKV8FqYgfIqcxy2C+MrmlcDGz5LET2Dco6vLgAXaXTVX8rOmncaR1XGAdlW9
YcqoM+YE3NEyzom3nrunzhDYI0SF1vksWpEssGm1e5Tw554qqdDjfKqYhLJBoNOb
4c1gnl/ZdHy8ZWkd+JxYY7nVtscuMWSvBDp/IwiUV51zrGN3fZVpwI9G+wKdvVIM
CZ7RHSrO8uck5JYqAWJy8AFC/CuKJGio/2k4DYVBL3UkbIgap7eTTfpwiJNFbpAP
LmpYd4tLmcPutKO4M0kDih9d8n5lne64Fic+DC7KQr9lXpfSgpLjfSEOeueik39E
h1O7DZfcKW1T6cxAABvrUb2Bwl8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ7MHB7
zHDTk7WfauPQUFu6OyRsODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNmNTFjNTYtNzlhYS00OGNhLTg5NWMtNzkwYTQzMWJiZDczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUI
MA0GCSqGSIb3DQEBCwUAA4IBAQBd3UiLdz7PXLt2lnCehubxkwd0G8rpbPLykw5S
QWjRljgJSWw+5Bi2yJE4QxaiWuFFeSnrrgjIdLf8B24s4kJ+OZyt0vI4ltDPEI6m
U3I/2SixyAgpDzkPrU9rsN4IzuadL+sd4V0Zp8WaLAf6wEqQUV4+ICre6kdz2hAr
lKzNhElf68IFwBEKTI29hmWmWI2nLcEsq7zWYGSrbkQnJ+8pl7PH4e8UuW8KrKaO
6hniaYUxOYyYdumQKMRUgBlnO5AIjgQ+xxcoi7bmb6RF8bL9deHpkV0MNjT2wT6m
hYul1yonSFmCPqBPByXZjMO2i0T87oDMt0pOSTsQ+1vjphem
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:29:46 2025 by rpki-client