Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
File: 2678e5d7-5995-4791-9318-f087e83654a9.roa (raw, json)
Hash identifier: xYMnrFnFdzsyub+k4qTwfRb3skif9Hc7FfhoTA/wDW4=
Subject key identifier: 58:9A:46:99:B0:A7:99:8D:A4:E6:D3:0F:A8:2D:ED:9A:FC:60:13:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EAE44F12B811BFCDD1B4D77519B341CA95DCBE5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
Signing time: Tue 13 May 2025 18:30:31 +0000
ROA not before: Tue 13 May 2025 18:30:31 +0000
ROA not after: Tue 17 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ae:44:f1:2b:81:1b:fc:dd:1b:4d:77:51:9b:34:1c:a9:5d:cb:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 13 18:30:31 2025 GMT
Not After : Jun 17 23:59:59 2025 GMT
Subject: serialNumber=9b56a63464c92a4aeee39ec74d9f76084c957276edb9250252bc345a37d17107, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:d1:77:c8:e3:5b:ef:db:64:da:b2:22:a4:ca:
d7:91:37:ad:48:75:7c:75:8d:fd:00:55:e9:62:88:
4c:c3:d9:68:77:39:96:e0:7f:38:72:15:f2:50:79:
12:65:3f:a8:60:bd:b9:e3:80:8b:69:be:9f:b4:d2:
0e:35:76:d9:ab:58:44:b6:dd:0f:15:22:a4:bd:f8:
5c:8b:fe:c7:74:f6:25:bf:9f:97:41:65:b9:4f:ac:
cc:72:96:c9:98:67:ca:f8:9c:e8:6e:05:40:fe:60:
bf:0b:53:ad:e5:51:c7:80:50:7b:bb:fb:ae:1f:bf:
b7:66:30:75:cf:cd:47:fe:38:90:f3:a3:eb:1c:2d:
a5:74:09:f5:a1:f7:72:e1:86:1a:08:5e:b4:43:7f:
03:51:bb:8f:ff:83:f4:68:96:a6:02:a1:4e:29:81:
ef:6f:09:01:51:51:fd:ea:1a:95:7b:b2:f0:8b:2d:
1d:e8:c7:33:7e:4c:04:6e:27:af:d8:3e:0f:0f:2d:
ac:d5:7e:87:71:ca:10:92:52:3c:30:d9:79:e6:06:
bc:5e:9f:4b:c6:3e:a6:91:a0:5a:05:bf:05:78:4d:
d7:47:89:92:c3:4b:77:41:0b:20:21:05:e4:52:e2:
6a:c9:08:c8:9f:0e:ba:b1:9e:c8:5b:9e:6c:25:fc:
6f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:9A:46:99:B0:A7:99:8D:A4:E6:D3:0F:A8:2D:ED:9A:FC:60:13:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/48
Signature Algorithm: sha256WithRSAEncryption
77:d7:5c:47:5f:54:8a:d5:e1:1a:8d:73:ff:10:cf:26:72:21:
71:95:d0:13:f3:3a:0b:cf:95:6f:e0:6b:77:3d:e4:20:5f:f6:
ad:ba:6e:02:e6:a8:ca:a6:bc:b1:50:00:0a:28:7a:ba:48:2c:
cb:7e:ab:29:7c:d4:5b:e2:b6:16:eb:37:d4:55:4a:cd:12:04:
af:18:c8:1b:18:ce:61:d7:59:54:d4:99:88:89:83:99:4d:2b:
3c:dc:d3:21:e0:72:ee:35:a9:9f:91:7c:b1:b5:fa:62:59:8d:
cd:7b:1b:b4:6b:21:cd:c1:b6:9b:f5:70:73:2f:c4:94:e1:2b:
9f:4f:20:12:6f:e6:b2:0b:f2:7c:60:7b:da:75:91:61:1f:a8:
57:2f:6b:3b:d0:a7:2d:65:96:33:47:eb:e8:2a:7e:c3:6e:6a:
c0:6f:aa:cf:6a:86:27:91:c7:83:1d:0b:a2:c2:c8:eb:dd:ed:
ff:df:33:a7:46:fb:30:d1:86:7b:b0:dc:bb:a1:96:38:d2:cb:
43:51:c5:33:ca:c8:be:30:c8:b2:d4:0b:1d:44:bc:e9:af:e8:
9f:a9:79:aa:20:f2:3d:86:d1:e8:d6:c2:18:c9:d4:fb:c7:ae:
b5:34:35:b8:b3:61:5e:98:42:3f:d3:77:8c:25:2e:c4:43:77:
1a:56:bc:81
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXq5E8SuBG/zdG013UZs0HKldy+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTMxODMwMzFaFw0yNTA2MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDliNTZhNjM0NjRjOTJhNGFlZWUzOWVjNzRkOWY3NjA4NGM5NTcyNzZlZGI5
MjUwMjUyYmMzNDVhMzdkMTcxMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPHRd8jjW+/bZNqyIqTK15E3rUh1fHWN/QBV6WKITMPZaHc5luB/OHIV8lB5
EmU/qGC9ueOAi2m+n7TSDjV22atYRLbdDxUipL34XIv+x3T2Jb+fl0FluU+szHKW
yZhnyvic6G4FQP5gvwtTreVRx4BQe7v7rh+/t2Ywdc/NR/44kPOj6xwtpXQJ9aH3
cuGGGghetEN/A1G7j/+D9GiWpgKhTimB728JAVFR/eoalXuy8IstHejHM35MBG4n
r9g+Dw8trNV+h3HKEJJSPDDZeeYGvF6fS8Y+ppGgWgW/BXhN10eJksNLd0ELICEF
5FLiaskIyJ8OurGeyFuebCX8b70CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRYmkaZ
sKeZjaTm0w+oLe2a/GATOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjY3OGU1ZDctNTk5NS00NzkxLTkzMTgtZjA4N2U4MzY1NGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hbg
ADANBgkqhkiG9w0BAQsFAAOCAQEAd9dcR19UitXhGo1z/xDPJnIhcZXQE/M6C8+V
b+Brdz3kIF/2rbpuAuaoyqa8sVAACih6ukgsy36rKXzUW+K2Fus31FVKzRIErxjI
GxjOYddZVNSZiImDmU0rPNzTIeBy7jWpn5F8sbX6YlmNzXsbtGshzcG2m/Vwcy/E
lOErn08gEm/msgvyfGB72nWRYR+oVy9rO9CnLWWWM0fr6Cp+w25qwG+qz2qGJ5HH
gx0LosLI693t/98zp0b7MNGGe7Dcu6GWONLLQ1HFM8rIvjDIstQLHUS86a/on6l5
qiDyPYbR6NbCGMnU+8eutTQ1uLNhXphCP9N3jCUuxEN3Gla8gQ==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:29:22 2025 by rpki-client