Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa
File: 04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa (raw, json)
Hash identifier: ilWT0JaT0Ql3AzU3aFjHRldWQifjD2clPjMTXCNj8GI=
Subject key identifier: AA:BF:C4:C2:AA:60:DC:38:93:05:EC:80:00:51:B8:B4:D5:52:B0:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 071DDED23D2B870197ACC642CBF57E7719B770DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa
Signing time: Tue 03 Jun 2025 20:53:43 +0000
ROA not before: Tue 03 Jun 2025 20:53:43 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:1d:de:d2:3d:2b:87:01:97:ac:c6:42:cb:f5:7e:77:19:b7:70:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 20:53:43 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=025ad10a8ea5962738cd255007971e44c7eeb4829d4026a523e08d3b732b9943, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:08:f9:fa:5b:27:0c:80:45:2a:fd:54:b0:8b:
73:a2:70:25:23:77:75:0e:b6:0a:86:f7:29:ad:6d:
da:39:73:f1:52:61:cb:b2:a9:c4:19:6d:2f:4d:67:
0b:d6:c3:59:c8:60:c8:56:19:a6:d9:a1:ed:16:33:
df:09:46:22:0a:6b:e1:80:29:35:bc:a6:65:c6:1a:
f2:89:4e:3f:bb:59:b3:f3:4b:e4:6a:6b:f6:84:3e:
12:bc:eb:97:c9:70:5a:2b:6e:ba:46:07:9d:f2:cc:
85:3f:ff:e4:5d:f3:af:e6:90:bd:f0:88:ff:ff:93:
80:1b:5e:1e:2a:c7:a9:5c:59:51:e8:28:5c:80:21:
57:a2:6f:1a:30:87:9c:63:ac:7e:b2:73:6d:1d:f4:
71:20:b1:93:a7:03:1c:0c:3b:24:81:10:43:ef:77:
70:ee:63:28:e9:fb:24:c8:3e:d1:5c:2d:e2:07:9e:
26:bc:f2:15:13:57:70:f0:1d:47:d6:64:92:43:58:
b8:71:a4:bc:61:38:b4:16:95:90:2b:cd:80:ed:5b:
33:7b:29:6d:e7:e8:36:ee:be:54:f8:1a:a0:3d:68:
bd:71:58:23:c4:f0:02:16:f7:f0:d7:a7:81:f6:75:
9c:32:ed:5a:b9:77:b1:56:73:bb:71:60:e8:68:78:
6d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:BF:C4:C2:AA:60:DC:38:93:05:EC:80:00:51:B8:B4:D5:52:B0:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:b000::/40
Signature Algorithm: sha256WithRSAEncryption
26:08:80:7f:37:52:b2:da:18:7c:8b:f7:ea:4b:c0:fa:88:f9:
95:67:90:45:4d:19:21:df:e5:ab:48:df:39:c1:a7:12:ef:9f:
c7:2f:20:e4:4a:8e:63:49:08:00:b3:04:7b:db:7c:70:23:8e:
37:50:b7:2c:e3:32:0c:11:c9:7b:80:46:f7:d6:d1:aa:cd:c3:
6d:15:5d:0d:e0:1b:a3:7b:01:f7:3b:d9:f9:b1:0e:19:a8:37:
11:25:50:96:61:52:5f:a5:04:b2:30:e6:e6:09:06:1b:e6:ea:
cd:67:bd:8e:66:c5:6e:68:2a:28:aa:90:b9:54:a6:2c:3b:06:
70:28:cc:6c:a1:95:b5:92:92:4e:1f:ef:ef:cb:75:17:8c:da:
41:fd:63:dd:40:00:8f:71:a9:af:7a:22:14:a1:b3:06:f8:d0:
0e:fc:aa:61:3f:cc:b8:79:61:15:52:e3:64:27:74:42:ee:76:
f7:0a:7f:de:ea:24:b7:1c:9f:d8:a0:6b:f2:ca:ff:7d:b5:44:
28:3a:d8:83:5f:b4:a0:0b:7f:00:5c:ce:04:4c:5f:94:a3:93:
07:63:a8:7a:e3:96:a1:5f:c9:31:ad:a3:87:25:ab:97:1f:49:
4b:a5:71:90:4e:0e:fc:ce:78:99:a9:92:a2:0c:c4:66:3d:4c:
4a:5e:d1:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBx3e0j0rhwGXrMZCy/V+dxm3cNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMyMDUzNDNaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyNWFkMTBhOGVhNTk2MjczOGNkMjU1MDA3OTcxZTQ0YzdlZWI0ODI5ZDQw
MjZhNTIzZTA4ZDNiNzMyYjk5NDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO8I+fpbJwyARSr9VLCLc6JwJSN3dQ62Cob3Ka1t2jlz8VJhy7KpxBltL01n
C9bDWchgyFYZptmh7RYz3wlGIgpr4YApNbymZcYa8olOP7tZs/NL5Gpr9oQ+Erzr
l8lwWituukYHnfLMhT//5F3zr+aQvfCI//+TgBteHirHqVxZUegoXIAhV6JvGjCH
nGOsfrJzbR30cSCxk6cDHAw7JIEQQ+93cO5jKOn7JMg+0Vwt4geeJrzyFRNXcPAd
R9ZkkkNYuHGkvGE4tBaVkCvNgO1bM3spbefoNu6+VPgaoD1ovXFYI8TwAhb38Nen
gfZ1nDLtWrl3sVZzu3Fg6Gh4bcMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqv8TC
qmDcOJMF7IAAUbi01VKw4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQwMzQzMDYtYWFhNC00MGM4LTljMWItYzNmMWNmYzIzZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmw
MA0GCSqGSIb3DQEBCwUAA4IBAQAmCIB/N1Ky2hh8i/fqS8D6iPmVZ5BFTRkh3+Wr
SN85wacS75/HLyDkSo5jSQgAswR723xwI443ULcs4zIMEcl7gEb31tGqzcNtFV0N
4BujewH3O9n5sQ4ZqDcRJVCWYVJfpQSyMObmCQYb5urNZ72OZsVuaCooqpC5VKYs
OwZwKMxsoZW1kpJOH+/vy3UXjNpB/WPdQACPcamveiIUobMG+NAO/KphP8y4eWEV
UuNkJ3RC7nb3Cn/e6iS3HJ/YoGvyyv99tUQoOtiDX7SgC38AXM4ETF+Uo5MHY6h6
45ahX8kxraOHJauXH0lLpXGQTg78zniZqZKiDMRmPUxKXtGd
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:50 2025 by rpki-client