Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
File: 5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa (raw, json)
Hash identifier: 5ae2k43A5BatXN9dDqpAjzRFsqXFZ1ldF/nhE9nJ3Uo=
Subject key identifier: 32:0D:33:0C:52:FF:5F:43:1D:FB:CB:D6:91:62:26:FD:F1:4E:CB:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39759CF14E7EA41360149E7B8B444D6B29496720
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
Signing time: Mon 12 May 2025 16:11:11 +0000
ROA not before: Mon 12 May 2025 16:11:11 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:75:9c:f1:4e:7e:a4:13:60:14:9e:7b:8b:44:4d:6b:29:49:67:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:11 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=f130fa195c94418fa1f1f567cb368327b9d9d3be9fdfd329ef106520dd9f9c55, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ce:3a:cf:1c:7a:55:8c:37:13:7a:f4:f4:c5:
2a:71:9e:42:39:f9:db:07:4f:28:57:ef:1f:d9:3f:
46:2c:3d:26:6c:63:44:94:c7:2a:75:12:0d:90:15:
d4:8d:8f:97:3c:89:64:35:4c:7d:ed:2f:0d:dc:b6:
87:bb:83:f6:fa:8a:e4:b4:69:d0:37:ce:23:9b:c4:
09:31:7a:9d:5c:71:cf:8b:78:20:97:4c:d6:61:47:
dd:43:08:f1:28:16:19:bf:46:7f:0e:c1:bb:2b:1c:
f9:fe:c5:6f:8b:06:5d:8d:f5:42:76:e9:d7:eb:91:
c8:24:7a:72:d8:e8:70:56:4f:17:c2:10:54:2b:03:
ba:56:7d:e4:b4:de:3f:0c:a6:83:9f:53:f6:03:11:
10:e6:0b:a1:84:55:f6:e7:45:d3:bd:fc:db:02:03:
92:59:86:8c:7a:2d:b8:b6:51:cc:3e:cb:9b:0f:7b:
23:ab:24:a2:99:99:38:78:2e:ad:cd:03:71:35:19:
32:4c:d6:ec:27:6b:ad:f5:90:13:91:97:b7:ad:52:
6f:43:fb:73:35:59:f8:6c:7f:d3:bb:78:c3:1a:a1:
42:a4:24:33:02:87:6c:aa:5d:c1:bc:7b:0b:bd:1e:
07:80:bf:a8:74:e4:91:e6:2e:0d:61:02:cc:e5:3b:
ca:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0D:33:0C:52:FF:5F:43:1D:FB:CB:D6:91:62:26:FD:F1:4E:CB:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:4f:f6:97:30:2a:b9:b7:2d:ef:b5:fd:5a:d0:94:a9:7f:3a:
73:40:e8:89:ac:c3:56:77:40:5a:d9:de:8a:b5:48:d1:e6:43:
33:8d:3c:c9:af:95:a7:11:34:a2:1f:96:f1:5c:36:f1:f6:91:
f7:ca:00:87:8a:64:1a:4b:d1:70:c7:95:ca:ab:96:ec:c2:c2:
e5:2c:17:67:55:e8:7d:07:4b:c0:9a:05:80:f2:21:ee:a5:eb:
50:59:b7:a9:bc:55:48:f8:a0:19:0f:1f:47:0d:44:09:19:46:
21:9a:8a:7e:4f:95:12:91:21:07:f1:fc:3b:f4:7e:ea:d0:0c:
7e:cf:79:7f:09:d3:01:5c:42:02:49:7b:15:70:6e:54:3b:77:
14:62:33:5e:ab:b3:4b:fb:82:ff:5a:25:46:39:e8:4c:bb:f0:
a9:b9:99:9b:3a:96:35:43:10:aa:a2:d4:c8:8c:f3:7a:8a:e3:
7a:d5:6b:b6:16:e7:9f:10:23:31:57:6b:90:de:36:2f:81:b2:
0e:5a:39:c2:1c:dd:6c:26:21:1e:9c:74:77:ad:35:68:84:51:
fc:9f:f8:b2:38:6d:23:a6:56:eb:8d:2b:16:01:73:cb:74:6d:
27:3e:31:19:83:27:82:6f:85:96:a0:cf:a3:25:bb:59:c3:20:
a9:f4:ce:d6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOXWc8U5+pBNgFJ57i0RNaylJZyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMTFaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMzBmYTE5NWM5NDQxOGZhMWYxZjU2N2NiMzY4MzI3YjlkOWQzYmU5ZmRm
ZDMyOWVmMTA2NTIwZGQ5ZjljNTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3OOs8celWMNxN69PTFKnGeQjn52wdPKFfvH9k/Riw9JmxjRJTHKnUSDZAV
1I2PlzyJZDVMfe0vDdy2h7uD9vqK5LRp0DfOI5vECTF6nVxxz4t4IJdM1mFH3UMI
8SgWGb9Gfw7Buysc+f7Fb4sGXY31Qnbp1+uRyCR6ctjocFZPF8IQVCsDulZ95LTe
Pwymg59T9gMREOYLoYRV9udF07382wIDklmGjHotuLZRzD7Lmw97I6skopmZOHgu
rc0DcTUZMkzW7CdrrfWQE5GXt61Sb0P7czVZ+Gx/07t4wxqhQqQkMwKHbKpdwbx7
C70eB4C/qHTkkeYuDWECzOU7yh8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyDTMM
Uv9fQx37y9aRYib98U7L6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI4Zjk4MzItZGY5Yi00ZmM4LTk0ZGEtNWU4ODNlMGQ2ZTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCuT/aXMCq5ty3vtf1a0JSpfzpzQOiJrMNWd0Ba
2d6KtUjR5kMzjTzJr5WnETSiH5bxXDbx9pH3ygCHimQaS9Fwx5XKq5bswsLlLBdn
Veh9B0vAmgWA8iHupetQWbepvFVI+KAZDx9HDUQJGUYhmop+T5USkSEH8fw79H7q
0Ax+z3l/CdMBXEICSXsVcG5UO3cUYjNeq7NL+4L/WiVGOehMu/CpuZmbOpY1QxCq
otTIjPN6iuN61Wu2FuefECMxV2uQ3jYvgbIOWjnCHN1sJiEenHR3rTVohFH8n/iy
OG0jplbrjSsWAXPLdG0nPjEZgyeCb4WWoM+jJbtZwyCp9M7W
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:11 2025 by rpki-client