Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
File: 1a961f3a-fb71-4357-a4fc-28c4024b0441.roa (raw, json)
Hash identifier: hi1yUTHrVQM7pQHK1bL3PE+QQhkoCJP5+pb2M9bGRq8=
Subject key identifier: 3C:1A:F2:41:79:C2:E9:1E:3E:E6:4B:EB:A7:8E:9B:E5:AA:66:B8:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 726C8A36A002DE4C11F6FCA9094506A9756397FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
Signing time: Sat 31 May 2025 00:50:06 +0000
ROA not before: Sat 31 May 2025 00:50:06 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:6c:8a:36:a0:02:de:4c:11:f6:fc:a9:09:45:06:a9:75:63:97:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 00:50:06 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=d106d91f1ba31cb61d41d24a018dc1f5d1f7dcbe086a974753cce06da83dd28d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:88:2d:c3:1c:70:5a:8d:fc:b5:e4:d1:de:fd:
24:25:93:f7:33:6a:e9:84:e8:39:7b:38:ad:b9:76:
79:0c:29:84:23:f8:2f:7f:fe:a0:31:88:6c:40:d7:
fa:0d:0b:eb:c7:c5:fd:44:c0:82:9d:23:a3:d6:3d:
56:1f:ad:3d:a1:f6:0f:61:bc:38:b2:a0:c6:5d:34:
23:62:29:8a:01:bf:af:e2:e3:98:ae:52:c6:b3:14:
d4:fb:03:ae:66:d8:b6:32:9c:ef:db:a4:bc:5d:74:
0a:11:14:1e:73:88:41:a6:e1:7e:51:e6:eb:3e:f4:
3c:7d:dc:fd:42:f3:1c:28:18:de:4e:65:60:63:65:
d0:1c:dc:00:23:9c:29:21:63:74:f9:e2:df:e8:04:
bf:ce:42:97:cb:d0:e6:58:b7:b7:91:bc:f9:ed:52:
47:29:04:c8:61:50:66:cd:79:55:f3:1d:47:38:60:
8b:f2:22:3f:30:59:ea:72:bd:d2:fa:70:95:40:7f:
3f:75:fa:e2:be:7e:97:d1:88:26:04:2f:1e:55:09:
e7:ab:6f:93:d4:70:7e:3d:ac:7f:b3:9d:20:cf:66:
e2:53:f9:50:36:85:a3:a3:52:95:50:b2:01:c5:41:
83:42:5c:54:d8:05:07:db:2a:62:a1:1d:1b:38:f9:
44:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1A:F2:41:79:C2:E9:1E:3E:E6:4B:EB:A7:8E:9B:E5:AA:66:B8:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
7d:7e:11:fa:f7:68:d9:dd:9b:18:54:de:bb:bf:3d:ec:78:ef:
17:29:d8:59:75:25:0c:19:d5:17:99:7c:e5:42:6c:69:c0:30:
17:95:38:c2:d1:bc:82:90:6c:eb:c6:20:4e:77:27:d0:7f:76:
b6:1a:7b:e3:7a:de:72:5a:98:b4:0f:21:86:5e:0a:74:f4:99:
a3:db:fb:ca:34:5e:9c:79:d3:47:82:4a:31:a2:12:e1:65:dc:
2c:b0:51:8e:a5:30:da:8e:ad:45:23:2e:97:e4:d6:3d:61:36:
70:18:5f:dc:5f:ad:c1:d0:c1:1f:2b:9f:3a:58:53:d7:7f:01:
a2:09:03:d2:f9:f5:bf:06:33:6e:fb:21:81:db:3f:2f:09:34:
36:f4:5a:2d:51:0c:31:42:73:02:b7:da:fa:23:f7:28:1a:d9:
cc:6f:ff:35:06:e9:eb:e4:82:b1:c9:6b:7e:0a:38:84:ac:54:
81:1f:7c:ab:1a:ce:28:48:50:e5:75:e6:c1:e0:ab:33:3c:5e:
5b:62:c7:e9:91:a8:63:ab:20:eb:4a:08:48:c3:b6:e8:72:70:
fa:71:0e:c4:87:1f:69:0c:47:c9:84:cc:da:4f:e6:d4:ab:dd:
fe:76:08:89:09:a6:86:aa:12:74:9f:ec:42:4e:b2:33:c7:44:
86:aa:50:0b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUcmyKNqAC3kwR9vypCUUGqXVjl/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MzEwMDUwMDZaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxMDZkOTFmMWJhMzFjYjYxZDQxZDI0YTAxOGRjMWY1ZDFmN2RjYmUwODZh
OTc0NzUzY2NlMDZkYTgzZGQyOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGILcMccFqN/LXk0d79JCWT9zNq6YToOXs4rbl2eQwphCP4L3/+oDGIbEDX
+g0L68fF/UTAgp0jo9Y9Vh+tPaH2D2G8OLKgxl00I2IpigG/r+LjmK5SxrMU1PsD
rmbYtjKc79ukvF10ChEUHnOIQabhflHm6z70PH3c/ULzHCgY3k5lYGNl0BzcACOc
KSFjdPni3+gEv85Cl8vQ5li3t5G8+e1SRykEyGFQZs15VfMdRzhgi/IiPzBZ6nK9
0vpwlUB/P3X64r5+l9GIJgQvHlUJ56tvk9Rwfj2sf7OdIM9m4lP5UDaFo6NSlVCy
AcVBg0JcVNgFB9sqYqEdGzj5ROUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ8GvJB
ecLpHj7mS+unjpvlqma4vDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE5NjFmM2EtZmI3MS00MzU3LWE0ZmMtMjhjNDAyNGIwNDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBAH1+Efr3aNndmxhU3ru/Pex47xcp2Fl1JQwZ1ReZ
fOVCbGnAMBeVOMLRvIKQbOvGIE53J9B/drYae+N63nJamLQPIYZeCnT0maPb+8o0
Xpx500eCSjGiEuFl3CywUY6lMNqOrUUjLpfk1j1hNnAYX9xfrcHQwR8rnzpYU9d/
AaIJA9L59b8GM277IYHbPy8JNDb0Wi1RDDFCcwK32voj9yga2cxv/zUG6evkgrHJ
a34KOISsVIEffKsazihIUOV15sHgqzM8Xltix+mRqGOrIOtKCEjDtuhycPpxDsSH
H2kMR8mEzNpP5tSr3f52CIkJpoaqEnSf7EJOsjPHRIaqUAs=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:51 2025 by rpki-client