Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
File: 1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa (raw, json)
Hash identifier: 5aEmzrj+HjZEmuyKeFRiGq3yhhwKO3rr7lxm8UXAQKs=
Subject key identifier: 34:37:9D:5C:CE:E4:F4:4F:25:78:AB:80:3D:3C:9E:05:0B:2F:DC:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6830EF16BCC6D8322486FA1FD33F58515A347107
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
Signing time: Tue 20 May 2025 19:11:02 +0000
ROA not before: Tue 20 May 2025 19:11:02 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:30:ef:16:bc:c6:d8:32:24:86:fa:1f:d3:3f:58:51:5a:34:71:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:02 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d993eb312e41a7dfeff483d83716de88305e27799dcd72811afd444cd0d5572c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:d3:29:2f:aa:e0:b5:41:61:24:b9:f9:88:
1d:5e:d5:3f:98:d4:2b:39:62:cc:17:fa:82:f0:47:
72:57:b3:eb:68:b9:5d:81:b0:53:10:be:96:85:55:
56:e8:39:d6:0d:61:a0:f5:47:27:77:09:71:e3:22:
90:65:87:cf:bf:06:06:1f:d0:b5:40:61:12:72:61:
9c:65:7f:f7:f2:99:78:d5:45:5a:92:03:4b:48:20:
26:b2:d3:0c:c8:16:4e:9b:95:ac:0e:fa:5b:ff:dd:
ac:3c:28:1a:d9:01:a5:1d:d2:ae:3d:d8:f9:11:7c:
bc:78:d7:dd:af:a9:cc:eb:22:71:da:21:fd:0a:0e:
5f:82:a9:4f:55:9d:d9:71:eb:ab:d4:1e:d4:d8:ac:
df:6b:cd:a9:f3:da:5e:19:49:ae:06:16:f6:31:8c:
c4:49:72:77:4e:cb:50:e0:5b:ac:04:b1:a5:51:91:
4e:6a:37:cf:60:19:b8:e5:31:b7:86:e8:60:3b:3a:
ea:a9:da:b8:c8:43:83:e0:cb:3c:e1:95:ff:e5:2b:
a2:b8:ea:07:83:8f:43:db:48:aa:ed:ac:62:49:13:
c2:cd:a3:df:2f:7b:40:69:b1:b7:5c:d4:35:01:c5:
80:62:d2:d3:36:da:06:51:5f:51:85:87:33:f1:ef:
d3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:37:9D:5C:CE:E4:F4:4F:25:78:AB:80:3D:3C:9E:05:0B:2F:DC:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e000::/40
Signature Algorithm: sha256WithRSAEncryption
89:70:2a:19:6b:cb:7c:23:c5:52:fe:46:51:7d:00:1b:9d:13:
21:a6:79:de:d8:bd:f2:ec:8b:d2:db:74:36:59:d9:22:be:fc:
94:a6:12:56:87:3a:22:62:e6:5d:26:e0:4c:1c:a1:d5:0d:a4:
69:53:b1:cc:c5:fa:24:ad:9d:4f:65:0b:ac:63:60:35:84:69:
26:7e:0f:ef:d1:51:c6:23:40:f2:0d:54:f6:31:4d:81:62:72:
e0:65:88:e9:86:30:c5:7c:15:13:11:db:ef:db:79:bf:b7:31:
c5:a8:c3:3c:1d:6d:b5:39:99:1c:11:47:7c:b1:9e:55:b0:18:
2a:85:05:75:97:07:c6:3b:87:b4:b8:fb:fc:b4:a7:4b:92:e0:
e7:e3:8a:8e:08:c6:6e:0d:c9:86:86:a6:70:8b:68:a9:41:4e:
4e:0f:44:34:4f:40:a1:ca:d2:02:34:5f:e3:72:d6:5f:0e:b4:
a3:48:da:5e:9f:67:fd:6f:04:69:7b:9e:ca:15:df:1b:6a:11:
7a:e1:6f:72:98:e5:54:9e:2b:2c:24:a8:6c:cf:d2:a2:07:97:
4b:50:bb:87:4c:bc:0b:4e:8f:db:7e:86:cb:f6:ae:f7:cc:7a:
44:88:b9:82:17:a7:7f:49:c9:32:22:63:dc:db:b9:fe:52:74:
16:57:9f:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaDDvFrzG2DIkhvof0z9YUVo0cQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5OTNlYjMxMmU0MWE3ZGZlZmY0ODNkODM3MTZkZTg4MzA1ZTI3Nzk5ZGNk
NzI4MTFhZmQ0NDRjZDBkNTU3MmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALd90ykvquC1QWEkufmIHV7VP5jUKzlizBf6gvBHclez62i5XYGwUxC+loVV
Vug51g1hoPVHJ3cJceMikGWHz78GBh/QtUBhEnJhnGV/9/KZeNVFWpIDS0ggJrLT
DMgWTpuVrA76W//drDwoGtkBpR3Srj3Y+RF8vHjX3a+pzOsicdoh/QoOX4KpT1Wd
2XHrq9Qe1Nis32vNqfPaXhlJrgYW9jGMxElyd07LUOBbrASxpVGRTmo3z2AZuOUx
t4boYDs66qnauMhDg+DLPOGV/+UrorjqB4OPQ9tIqu2sYkkTws2j3y97QGmxt1zU
NQHFgGLS0zbaBlFfUYWHM/Hv04UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0N51c
zuT0TyV4q4A9PJ4FCy/c2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4NzU3YTMtNWIwZS00NDczLTlhM2ItODc2Y2MxMzRlMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADg
MA0GCSqGSIb3DQEBCwUAA4IBAQCJcCoZa8t8I8VS/kZRfQAbnRMhpnne2L3y7IvS
23Q2WdkivvyUphJWhzoiYuZdJuBMHKHVDaRpU7HMxfokrZ1PZQusY2A1hGkmfg/v
0VHGI0DyDVT2MU2BYnLgZYjphjDFfBUTEdvv23m/tzHFqMM8HW21OZkcEUd8sZ5V
sBgqhQV1lwfGO4e0uPv8tKdLkuDn44qOCMZuDcmGhqZwi2ipQU5OD0Q0T0ChytIC
NF/jctZfDrSjSNpen2f9bwRpe57KFd8bahF64W9ymOVUnissJKhsz9KiB5dLULuH
TLwLTo/bfobL9q73zHpEiLmCF6d/SckyImPc27n+UnQWV587
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:46 2025 by rpki-client