Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ebcf25-b35b-4dbc-bae2-bee0e176b454.roa
File: 42ebcf25-b35b-4dbc-bae2-bee0e176b454.roa (raw, json)
Hash identifier: RHaivPbMlY4VrHA5vGYJ/reZlJPsfSzVjZAPgeaDCqc=
Subject key identifier: 43:EB:E5:9A:98:2E:7D:83:60:6D:4C:25:3F:46:27:63:BC:23:10:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56D5761CE29D65F7831525982890FC90D93D2539
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ebcf25-b35b-4dbc-bae2-bee0e176b454.roa
Signing time: Fri 16 May 2025 17:40:03 +0000
ROA not before: Fri 16 May 2025 17:40:03 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:d5:76:1c:e2:9d:65:f7:83:15:25:98:28:90:fc:90:d9:3d:25:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:03 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=8c6182adabed71803081267ba451d8769b0c9bbe42c0cb53b696392c3d36d64e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4d:03:7a:c9:9d:10:f5:55:93:cc:4e:02:e0:
30:b4:09:f2:87:88:89:45:a6:64:3b:6f:2e:d6:89:
0b:e0:08:49:79:f3:33:ab:b5:d3:b5:9a:6f:4e:3e:
db:cd:55:69:fb:3a:12:79:f2:2b:bb:bc:85:62:50:
8d:8d:57:7d:8a:f7:a0:fb:7b:36:e8:74:2e:7b:91:
ce:9a:b6:2b:d7:d2:cb:de:dc:59:0f:0d:03:a4:a1:
15:02:b4:5d:e0:7f:11:da:ec:b3:0d:df:f4:90:42:
9d:1e:87:ea:40:0e:d7:9c:d9:61:42:82:c6:41:b0:
92:c9:96:e6:00:96:b3:23:66:9b:f9:5b:5e:b2:5e:
86:da:09:c3:24:fa:b3:02:02:11:db:8f:eb:29:f2:
98:f3:30:a6:87:94:36:72:6a:d5:2b:e9:df:10:c7:
ac:2c:22:ab:3b:4f:14:15:3f:f7:7f:58:df:ef:29:
e1:25:60:97:e3:b0:ff:99:46:ae:a4:52:83:2b:16:
5e:6a:6b:60:93:aa:38:94:10:a7:c5:c6:25:5b:4f:
96:08:d6:9b:39:c5:17:de:8a:58:d5:e5:05:7a:1e:
14:05:ea:0f:f6:3f:88:1d:03:04:b0:bd:ef:c1:e0:
92:ce:a6:d2:99:96:7b:c0:49:aa:d7:c3:da:30:ae:
06:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EB:E5:9A:98:2E:7D:83:60:6D:4C:25:3F:46:27:63:BC:23:10:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ebcf25-b35b-4dbc-bae2-bee0e176b454.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:840::/46
Signature Algorithm: sha256WithRSAEncryption
43:c9:73:76:e0:0a:2b:04:49:ab:3a:d4:56:de:d5:83:19:3c:
62:b4:3b:40:f5:02:2a:1b:3a:02:f1:dc:2a:6a:65:48:fe:ec:
21:cd:78:9f:f7:a2:8b:bd:08:66:ec:ac:af:45:3e:06:55:ac:
04:40:ea:01:6f:2f:ee:45:ef:5d:25:f2:70:44:51:4f:c1:7e:
11:60:c6:e9:ba:dd:7f:14:ca:2c:c7:04:3f:13:a8:d2:7f:32:
1a:31:11:e7:0a:47:c2:7b:d7:9c:9f:a6:a3:11:2f:f4:d8:e9:
53:45:82:b1:18:ee:90:2d:e9:2c:59:59:60:a7:eb:e6:fa:da:
e3:5b:a3:c7:f1:37:26:8d:d0:73:97:7e:e3:28:3f:ca:59:44:
c3:96:72:49:61:58:18:6d:d2:97:7d:0c:c8:c7:8d:26:d9:ba:
20:a8:d0:1f:da:49:7f:c4:db:5f:5e:ae:b6:5d:4d:a3:ff:50:
89:c9:0d:d5:b3:3b:f6:e9:50:7d:9a:e2:f8:33:ff:21:7d:cf:
16:b6:33:83:13:ab:31:5e:ec:dc:24:6c:56:be:82:09:2c:e9:
24:9d:64:bd:7a:70:f1:94:b6:26:5a:5f:48:18:54:0d:fa:7d:
c7:7a:17:22:d4:7d:b8:35:b1:06:c7:d6:6e:61:66:d5:1b:53:
5c:6e:b6:e2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVtV2HOKdZfeDFSWYKJD8kNk9JTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwMDNaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjNjE4MmFkYWJlZDcxODAzMDgxMjY3YmE0NTFkODc2OWIwYzliYmU0MmMw
Y2I1M2I2OTYzOTJjM2QzNmQ2NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZNA3rJnRD1VZPMTgLgMLQJ8oeIiUWmZDtvLtaJC+AISXnzM6u107Wab04+
281Vafs6EnnyK7u8hWJQjY1XfYr3oPt7Nuh0LnuRzpq2K9fSy97cWQ8NA6ShFQK0
XeB/Edrssw3f9JBCnR6H6kAO15zZYUKCxkGwksmW5gCWsyNmm/lbXrJehtoJwyT6
swICEduP6ynymPMwpoeUNnJq1Svp3xDHrCwiqztPFBU/939Y3+8p4SVgl+Ow/5lG
rqRSgysWXmprYJOqOJQQp8XGJVtPlgjWmznFF96KWNXlBXoeFAXqD/Y/iB0DBLC9
78Hgks6m0pmWe8BJqtfD2jCuBgkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRD6+Wa
mC59g2BtTCU/RidjvCMQZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJlYmNmMjUtYjM1Yi00ZGJjLWJhZTItYmVlMGUxNzZiNDU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsI
QDANBgkqhkiG9w0BAQsFAAOCAQEAQ8lzduAKKwRJqzrUVt7Vgxk8YrQ7QPUCKhs6
AvHcKmplSP7sIc14n/eii70IZuysr0U+BlWsBEDqAW8v7kXvXSXycERRT8F+EWDG
6brdfxTKLMcEPxOo0n8yGjER5wpHwnvXnJ+moxEv9NjpU0WCsRjukC3pLFlZYKfr
5vra41ujx/E3Jo3Qc5d+4yg/yllEw5ZySWFYGG3Sl30MyMeNJtm6IKjQH9pJf8Tb
X16utl1No/9QickN1bM79ulQfZri+DP/IX3PFrYzgxOrMV7s3CRsVr6CCSzpJJ1k
vXpw8ZS2JlpfSBhUDfp9x3oXItR9uDWxBsfWbmFm1RtTXG624g==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:18 2025 by rpki-client