Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
File: 304afa07-08cf-4abd-b55e-949deeea1591.roa (raw, json)
Hash identifier: vc9gM2r2gRZpzMYkrACoUN70aT/D2w6UhOioLTdMhyU=
Subject key identifier: 72:3B:5B:E4:91:9F:89:96:29:39:D5:56:58:DF:2C:B9:04:3F:0E:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 752FBEBD9C36C45232463261B2EFCA3F6903778C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
Signing time: Tue 13 May 2025 18:30:23 +0000
ROA not before: Tue 13 May 2025 18:30:23 +0000
ROA not after: Tue 17 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:2f:be:bd:9c:36:c4:52:32:46:32:61:b2:ef:ca:3f:69:03:77:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 13 18:30:23 2025 GMT
Not After : Jun 17 23:59:59 2025 GMT
Subject: serialNumber=b7d24225774cc809a0172983deb2e5d21c99eba779fa8fd7e24ee43049afa777, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d8:1a:a8:df:90:51:52:b7:47:d5:f5:5f:06:
95:00:1c:2d:de:58:f7:d5:d0:65:e4:f3:e8:9f:33:
23:4b:22:bd:53:7e:d7:17:10:e4:7a:c7:d0:31:d3:
6b:fb:3b:d2:5a:e9:62:d4:96:9c:ce:b0:99:d1:2d:
93:3e:8a:d5:21:7f:6c:46:e0:17:c7:c3:a6:c1:2e:
eb:0d:63:8d:2c:43:49:64:b8:80:f4:b2:4f:3b:f8:
7d:76:9d:11:0b:7a:f2:43:eb:2e:5c:b7:16:6e:88:
f5:64:1a:79:39:2e:ac:ce:e3:e3:16:7c:2b:76:72:
c2:d1:1e:d2:f6:53:21:c2:32:f3:57:b7:09:62:50:
06:3e:71:e3:35:fd:f7:48:54:db:0e:7d:7f:22:14:
86:de:e3:0c:39:d2:a1:4e:1e:a4:78:3a:df:1b:d1:
f9:9d:71:14:ea:bf:51:07:3f:24:6c:45:c3:8b:4a:
c9:9a:f4:44:26:b5:e5:e2:81:72:98:72:54:c7:18:
d5:e0:b0:e2:32:66:41:a1:56:b6:c2:b9:bd:2f:fb:
5e:5b:78:02:8d:3b:85:38:4b:79:07:6d:5f:22:2f:
f7:c6:6d:ea:ea:c8:bd:51:4b:db:8a:03:3f:75:f2:
6f:5c:4a:ee:25:03:b8:9b:1d:0a:4d:0a:80:a8:99:
79:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:3B:5B:E4:91:9F:89:96:29:39:D5:56:58:DF:2C:B9:04:3F:0E:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/40
Signature Algorithm: sha256WithRSAEncryption
11:9a:64:69:33:8d:04:99:76:96:0c:c3:44:81:cf:61:c5:e5:
87:29:b8:16:bf:6d:8e:25:90:b1:c5:68:e5:b3:33:2a:57:72:
9e:60:8c:39:00:62:2f:9f:71:ac:6a:b4:3d:0a:86:7a:a1:40:
ac:2f:26:7c:80:f3:fe:72:e3:21:29:83:c4:86:8b:54:7d:77:
a6:80:df:21:4a:39:08:45:e4:bc:7b:42:92:02:e0:55:a4:0b:
33:14:f9:41:2a:da:ae:9e:6a:ef:dd:83:3d:89:5a:f8:bd:94:
0e:21:96:f3:b6:f0:03:4f:ae:6a:fe:b5:73:0c:9b:d1:2f:3d:
42:3a:95:a1:78:3c:79:5b:c9:82:6c:64:ab:12:13:d7:2d:2a:
3f:fc:de:6f:2c:2a:54:29:fc:51:1f:8a:26:61:04:87:b1:b5:
a7:5f:c2:88:3d:cf:47:c7:09:b1:ea:bd:6a:ba:c7:8b:5a:68:
a1:f5:74:b0:06:b1:a8:41:e3:7c:aa:4b:2d:ca:04:a1:02:ea:
d0:9a:54:04:37:3e:d6:d7:fa:e4:03:ba:97:50:a1:82:75:52:
49:96:9d:19:04:bd:78:23:65:2b:44:46:b6:5e:18:62:06:4c:
b6:6a:63:1a:00:44:51:da:be:b7:20:3e:9c:1b:91:20:2e:b3:
de:06:33:aa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdS++vZw2xFIyRjJhsu/KP2kDd4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTMxODMwMjNaFw0yNTA2MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3ZDI0MjI1Nzc0Y2M4MDlhMDE3Mjk4M2RlYjJlNWQyMWM5OWViYTc3OWZh
OGZkN2UyNGVlNDMwNDlhZmE3NzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXYGqjfkFFSt0fV9V8GlQAcLd5Y99XQZeTz6J8zI0sivVN+1xcQ5HrH0DHT
a/s70lrpYtSWnM6wmdEtkz6K1SF/bEbgF8fDpsEu6w1jjSxDSWS4gPSyTzv4fXad
EQt68kPrLly3Fm6I9WQaeTkurM7j4xZ8K3ZywtEe0vZTIcIy81e3CWJQBj5x4zX9
90hU2w59fyIUht7jDDnSoU4epHg63xvR+Z1xFOq/UQc/JGxFw4tKyZr0RCa15eKB
cphyVMcY1eCw4jJmQaFWtsK5vS/7Xlt4Ao07hThLeQdtXyIv98Zt6urIvVFL24oD
P3Xyb1xK7iUDuJsdCk0KgKiZeTcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyO1vk
kZ+Jlik51VZY3yy5BD8OtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzA0YWZhMDctMDhjZi00YWJkLWI1NWUtOTQ5ZGVlZWExNTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQARmmRpM40EmXaWDMNEgc9hxeWHKbgWv22OJZCx
xWjlszMqV3KeYIw5AGIvn3GsarQ9CoZ6oUCsLyZ8gPP+cuMhKYPEhotUfXemgN8h
SjkIReS8e0KSAuBVpAszFPlBKtqunmrv3YM9iVr4vZQOIZbztvADT65q/rVzDJvR
Lz1COpWheDx5W8mCbGSrEhPXLSo//N5vLCpUKfxRH4omYQSHsbWnX8KIPc9Hxwmx
6r1quseLWmih9XSwBrGoQeN8qkstygShAurQmlQENz7W1/rkA7qXUKGCdVJJlp0Z
BL14I2UrREa2XhhiBky2amMaAERR2r63ID6cG5EgLrPeBjOq
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:53 2025 by rpki-client