Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1e62f8d3-a799-4cf1-86a5-f65d4f494f04.roa
File: 1e62f8d3-a799-4cf1-86a5-f65d4f494f04.roa (raw, json)
Hash identifier: gEX7yXXjeu9yWqrhXz4SLSleSEc8s4CVu3X0XbSfLg8=
Subject key identifier: 90:29:A9:F1:12:FD:40:2A:41:1A:81:C7:58:D6:F1:B6:2D:7F:64:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12B63644873D814615FBB6E5DE7E9085A4D367D7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1e62f8d3-a799-4cf1-86a5-f65d4f494f04.roa
Signing time: Mon 12 May 2025 16:21:16 +0000
ROA not before: Mon 12 May 2025 16:21:16 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:b6:36:44:87:3d:81:46:15:fb:b6:e5:de:7e:90:85:a4:d3:67:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:21:16 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=002509781d636478fe9b0c2de45f959d571cb4b95029b4e6719681cf5d5787bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7d:c1:8d:86:f5:0d:eb:b9:2c:90:23:1e:86:
62:ed:84:f1:0e:55:4d:f4:48:f2:9c:d4:44:bf:42:
18:aa:17:bc:8a:33:35:59:3a:19:c1:fc:a4:19:ea:
a2:ec:5e:f2:31:23:e3:54:e7:9e:fa:3e:36:e6:01:
18:56:d1:19:cf:b1:c9:44:e8:c9:bf:e1:a4:b1:80:
aa:25:4f:b3:7b:35:ab:63:97:a6:2a:1e:f5:31:2e:
4b:93:02:54:d1:36:4d:b5:6a:c8:b8:3b:46:61:9f:
ba:04:f3:06:33:b9:49:f4:ad:40:eb:a1:ae:e6:ef:
2d:75:da:8d:9b:98:50:b9:99:cf:0d:a7:e5:d0:44:
31:cf:40:98:dd:25:57:14:de:60:71:26:9a:81:8a:
34:7e:dd:8f:1b:64:5c:2e:0e:7d:68:50:44:1c:96:
3c:3e:0f:8f:6a:ef:6b:a6:92:94:e6:c8:88:6b:14:
4e:af:00:a1:40:67:ae:23:a4:81:95:51:42:18:e2:
75:3f:c3:36:fc:d9:44:c5:20:11:6c:aa:21:a9:2c:
ee:32:36:d1:e1:ec:3b:cf:4a:1e:d3:c7:b4:90:12:
34:82:c0:db:72:09:45:ce:6a:e7:12:30:e4:c7:2b:
b3:64:6f:1b:7c:77:2b:b4:77:10:75:a3:f9:75:79:
d3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:29:A9:F1:12:FD:40:2A:41:1A:81:C7:58:D6:F1:B6:2D:7F:64:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1e62f8d3-a799-4cf1-86a5-f65d4f494f04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ad:6f:3c:6e:46:23:af:a4:60:19:9f:3c:9a:66:ae:7e:33:be:
68:5f:91:40:0d:37:d1:92:eb:a1:7b:5a:40:c6:46:62:a0:0f:
60:97:13:71:3d:15:c6:39:dc:82:e7:5e:59:82:51:c2:f2:83:
a2:8f:d1:41:4a:90:b1:cd:34:11:f2:86:ea:71:c6:96:07:a6:
b1:48:e5:e0:ac:85:aa:10:86:7b:b1:fb:bf:11:4f:eb:34:f3:
e9:bc:c2:61:ce:61:9a:a7:7c:fa:47:ae:9e:4b:0f:20:b1:2d:
ef:8b:14:1e:21:fd:1c:55:6f:fd:b0:31:3e:61:a9:b0:fa:dc:
46:8c:72:e4:fe:d2:fc:ae:3c:0e:1c:2d:f8:8b:b3:50:c0:13:
4c:4d:0e:33:37:d0:bc:ec:c9:15:07:4a:7d:22:6d:7f:fb:f9:
57:dd:9e:f0:72:d1:56:80:d3:5b:43:53:26:fd:f9:e8:c6:26:
de:98:8b:7f:7e:a5:3e:51:dc:81:31:06:50:45:a8:b2:24:06:
0b:19:75:f2:05:7d:9e:72:ae:58:08:6e:87:e8:77:62:a9:76:
5c:5a:c4:3e:06:1a:36:1f:d7:0a:93:2b:a8:11:0d:88:27:69:
55:49:7b:dc:79:f6:f4:ce:3d:a9:2a:fa:36:bc:5e:a4:71:aa:
94:d3:eb:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUErY2RIc9gUYV+7bl3n6QhaTTZ9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIxMTZaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwMjUwOTc4MWQ2MzY0NzhmZTliMGMyZGU0NWY5NTlkNTcxY2I0Yjk1MDI5
YjRlNjcxOTY4MWNmNWQ1Nzg3YmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMx9wY2G9Q3ruSyQIx6GYu2E8Q5VTfRI8pzURL9CGKoXvIozNVk6GcH8pBnq
ouxe8jEj41Tnnvo+NuYBGFbRGc+xyUToyb/hpLGAqiVPs3s1q2OXpioe9TEuS5MC
VNE2TbVqyLg7RmGfugTzBjO5SfStQOuhrubvLXXajZuYULmZzw2n5dBEMc9AmN0l
VxTeYHEmmoGKNH7djxtkXC4OfWhQRByWPD4Pj2rva6aSlObIiGsUTq8AoUBnriOk
gZVRQhjidT/DNvzZRMUgEWyqIaks7jI20eHsO89KHtPHtJASNILA23IJRc5q5xIw
5Mcrs2RvG3x3K7R3EHWj+XV50x8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQKanx
Ev1AKkEagcdY1vG2LX9k5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWU2MmY4ZDMtYTc5OS00Y2YxLTg2YTUtZjY1ZDRmNDk0ZjA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCtbzxuRiOvpGAZnzyaZq5+M75oX5FADTfRkuuh
e1pAxkZioA9glxNxPRXGOdyC515ZglHC8oOij9FBSpCxzTQR8obqccaWB6axSOXg
rIWqEIZ7sfu/EU/rNPPpvMJhzmGap3z6R66eSw8gsS3vixQeIf0cVW/9sDE+Yamw
+txGjHLk/tL8rjwOHC34i7NQwBNMTQ4zN9C87MkVB0p9Im1/+/lX3Z7wctFWgNNb
Q1Mm/fnoxibemIt/fqU+UdyBMQZQRaiyJAYLGXXyBX2ecq5YCG6H6HdiqXZcWsQ+
Bho2H9cKkyuoEQ2IJ2lVSXvcefb0zj2pKvo2vF6kcaqU0+vF
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:21 2025 by rpki-client