Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
File: 5b65b415-a397-41d3-99dc-207c8689d0ee.roa (raw, json)
Hash identifier: ClA1DyeiRA1/4GFQe/7AcweWyw/3aLFCDuhynHEME5c=
Subject key identifier: 9C:D8:13:B0:66:38:FA:36:D6:FF:FC:F1:3E:FA:AD:D7:24:C4:A7:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CB26D7C71AEBABA41EA3A7E0FCEEC5D9C1FA672
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
Signing time: Mon 12 May 2025 16:11:00 +0000
ROA not before: Mon 12 May 2025 16:11:00 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:b2:6d:7c:71:ae:ba:ba:41:ea:3a:7e:0f:ce:ec:5d:9c:1f:a6:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:00 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=fe9395551c1b253080724a1c59155795525aba1399696383b3f96241a6df2376, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d3:72:0f:6d:02:ee:e7:03:cf:e7:67:a0:a7:
c5:9c:14:7e:89:0d:2e:9f:af:f3:24:f7:40:c7:d6:
d8:67:0b:9c:38:e6:5e:9d:34:a3:25:e4:42:b9:8a:
f8:0f:8c:8a:87:96:01:a1:a1:d6:50:6d:8a:86:48:
69:32:90:67:93:fd:6b:46:bd:c6:af:95:37:23:91:
73:cd:88:11:a7:63:95:f4:92:c7:a5:d3:e3:1b:fe:
de:cf:bb:1b:b7:00:af:97:06:b8:1b:94:17:22:eb:
81:ee:0e:0e:e1:16:68:e6:ef:29:c2:3f:da:d4:3e:
74:64:4d:22:17:05:8e:1f:da:21:00:de:96:9c:a0:
fd:89:03:54:22:6e:19:2f:1b:31:97:b8:2d:8e:b1:
4b:b6:ea:49:09:81:43:dc:80:f6:3a:c9:93:02:53:
6f:cc:9c:ea:a9:86:1a:b2:50:37:7d:07:bc:dd:db:
7f:c7:62:d4:6f:1d:dd:95:31:29:2b:dc:05:10:a6:
6d:b6:91:bf:12:7b:fa:d0:eb:86:9c:62:90:e8:87:
a5:25:8d:60:c4:d1:e3:2e:a5:64:f1:43:d3:ef:07:
e9:35:02:ad:3d:bc:53:a3:3d:7e:00:c0:7b:a1:4e:
ed:e7:c1:2a:6d:b4:9c:16:75:26:f5:21:29:b4:45:
71:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D8:13:B0:66:38:FA:36:D6:FF:FC:F1:3E:FA:AD:D7:24:C4:A7:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:5e:bc:46:11:fd:c1:64:b4:ac:79:a1:c0:f8:fa:37:cc:df:
c4:f2:42:a9:da:cd:c2:a3:02:f7:da:69:fe:01:2a:a0:36:e2:
73:fe:56:2f:c6:df:7d:33:d4:f1:9e:d4:b1:19:23:63:3e:d1:
ee:d9:8d:74:5d:d7:05:f6:87:6b:e2:05:4a:76:34:b6:50:18:
ee:e4:69:ec:41:cb:6a:f0:4c:c4:d4:1f:90:83:8c:23:af:e2:
b9:1c:04:c4:78:8d:3b:9f:0a:d4:b4:53:2a:16:8b:ac:06:db:
2c:17:2f:8f:3a:39:22:a9:ca:e2:df:38:6e:5c:50:42:83:22:
55:20:e8:3f:dc:09:38:b7:d3:2e:44:97:d2:e2:be:7e:b7:c7:
44:fb:84:74:8d:10:b8:9f:48:11:0c:43:12:7a:d3:97:58:73:
7b:97:74:a3:5f:30:e4:9b:98:be:64:95:53:27:de:70:84:88:
bc:68:b6:03:69:91:fc:d2:16:a5:f8:78:bc:09:26:ed:16:61:
d5:3b:91:95:21:01:19:de:b7:0c:51:66:74:ed:d6:78:b9:82:
cf:cd:1a:ae:b4:c7:0b:37:52:22:98:df:ad:79:4a:3a:d2:2c:
5c:a2:4e:7c:fb:0e:f8:8a:88:db:58:77:64:eb:99:47:2d:86:
73:03:4d:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTLJtfHGuurpB6jp+D87sXZwfpnIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMDBaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlOTM5NTU1MWMxYjI1MzA4MDcyNGExYzU5MTU1Nzk1NTI1YWJhMTM5OTY5
NjM4M2IzZjk2MjQxYTZkZjIzNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrTcg9tAu7nA8/nZ6CnxZwUfokNLp+v8yT3QMfW2GcLnDjmXp00oyXkQrmK
+A+MioeWAaGh1lBtioZIaTKQZ5P9a0a9xq+VNyORc82IEadjlfSSx6XT4xv+3s+7
G7cAr5cGuBuUFyLrge4ODuEWaObvKcI/2tQ+dGRNIhcFjh/aIQDelpyg/YkDVCJu
GS8bMZe4LY6xS7bqSQmBQ9yA9jrJkwJTb8yc6qmGGrJQN30HvN3bf8di1G8d3ZUx
KSvcBRCmbbaRvxJ7+tDrhpxikOiHpSWNYMTR4y6lZPFD0+8H6TUCrT28U6M9fgDA
e6FO7efBKm20nBZ1JvUhKbRFcZ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSc2BOw
Zjj6Ntb//PE++q3XJMSnBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI2NWI0MTUtYTM5Ny00MWQzLTk5ZGMtMjA3Yzg2ODlkMGVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZg
MA0GCSqGSIb3DQEBCwUAA4IBAQDBXrxGEf3BZLSseaHA+Po3zN/E8kKp2s3CowL3
2mn+ASqgNuJz/lYvxt99M9TxntSxGSNjPtHu2Y10XdcF9odr4gVKdjS2UBju5Gns
Qctq8EzE1B+Qg4wjr+K5HATEeI07nwrUtFMqFousBtssFy+POjkiqcri3zhuXFBC
gyJVIOg/3Ak4t9MuRJfS4r5+t8dE+4R0jRC4n0gRDEMSetOXWHN7l3SjXzDkm5i+
ZJVTJ95whIi8aLYDaZH80hal+Hi8CSbtFmHVO5GVIQEZ3rcMUWZ07dZ4uYLPzRqu
tMcLN1IimN+teUo60ixcok58+w74iojbWHdk65lHLYZzA01I
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:06 2025 by rpki-client