Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
File: 5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa (raw, json)
Hash identifier: MZ5aXlrWtBuw0JEz8Z5XS9sr6NNJV49jN2wF2Gq2ZwM=
Subject key identifier: D2:F0:17:05:2E:8E:61:80:E3:45:4E:35:48:8B:06:EF:04:AA:16:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46D4AE3E1CA53A4183521D0A5670DE7000F107F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
Signing time: Tue 03 Jun 2025 20:53:41 +0000
ROA not before: Tue 03 Jun 2025 20:53:41 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:d4:ae:3e:1c:a5:3a:41:83:52:1d:0a:56:70:de:70:00:f1:07:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 20:53:41 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=6649271955a0b493924886dcedabe1afb1e39d8f7f578db69eab6eb5dab91b21, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b3:e2:ec:c4:ec:d1:f9:59:b7:8d:dc:12:ba:
fb:d8:d2:51:1d:86:3f:7e:8c:10:e2:ae:29:2e:9e:
7e:e6:2d:54:e9:8f:3e:69:b4:f8:93:f7:e9:ad:b4:
da:fa:d5:3c:fc:b9:eb:14:82:6c:c5:c3:5f:95:92:
13:80:32:24:ef:92:ad:63:63:f8:60:b5:9e:e2:be:
67:be:46:cd:7f:a4:b2:68:d9:ad:01:39:6a:66:bb:
c7:a9:d1:37:24:d4:47:82:02:83:bd:90:e7:0e:90:
aa:de:1c:bc:b7:16:9c:b9:b4:6a:50:5b:19:a2:ed:
c2:58:eb:d8:77:55:70:af:91:e5:c9:fe:aa:8f:1b:
6f:75:2c:1c:a5:3a:5a:5b:9f:3c:b3:a1:ed:9a:6e:
9a:9c:6b:11:d5:47:e6:ef:b2:fd:b6:9b:ca:ee:09:
2b:62:00:28:54:fc:3d:d4:6e:b2:31:55:c8:db:63:
37:ae:89:fa:78:d1:1a:b6:77:41:b3:42:5a:75:42:
de:64:a5:6a:a8:8a:f9:1b:b1:04:72:3f:45:19:1b:
ce:ed:4d:fa:e4:6c:b9:e0:ea:03:78:8b:67:4b:cc:
e6:92:be:e2:ee:4f:64:36:c8:86:5b:a4:3c:ee:7a:
25:fa:2b:32:7e:2a:81:20:4a:c3:ee:8a:a4:88:57:
b6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F0:17:05:2E:8E:61:80:E3:45:4E:35:48:8B:06:EF:04:AA:16:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
69:00:8e:c4:9d:06:42:b7:e4:e8:7e:d0:8e:2f:19:f4:74:5f:
3a:6d:c7:5f:72:3f:94:a7:39:94:b1:9a:ba:af:06:20:dc:4a:
48:96:23:cf:36:7a:72:d4:c4:e4:c2:14:cc:12:0f:34:38:18:
20:90:ae:71:2c:ae:79:32:41:d8:63:35:3d:3c:28:9c:b2:6b:
f2:15:6e:ce:10:63:34:60:bb:ca:81:38:d9:e7:47:ea:20:d9:
38:02:59:42:6d:d5:84:76:ae:11:f4:12:6e:30:75:d0:c2:dc:
fb:8d:3b:54:72:a8:17:1c:82:d3:92:fc:2e:6f:f0:2d:f7:38:
f4:b4:f0:cc:ad:91:b7:64:d8:a8:29:d2:73:23:d1:9b:0f:5a:
cf:8b:2f:34:5b:bd:07:a2:89:c9:c3:a1:44:07:c8:49:e7:8a:
94:d4:87:8c:e6:c9:63:57:52:29:96:69:47:e6:8f:bc:e1:41:
fb:3a:f0:e5:5a:a4:d5:62:36:74:28:1a:51:07:ce:31:34:d5:
38:27:05:96:43:96:6d:50:54:53:fa:a0:26:ef:dc:b4:17:b2:
93:88:d8:ee:23:09:6b:f3:aa:f2:8d:23:47:cb:bb:27:d4:36:
2b:59:e5:1d:a2:8f:a1:5c:35:63:7d:4a:1d:bb:1c:bb:9f:b4:
d1:49:cb:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURtSuPhylOkGDUh0KVnDecADxB/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMyMDUzNDFaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2NDkyNzE5NTVhMGI0OTM5MjQ4ODZkY2VkYWJlMWFmYjFlMzlkOGY3ZjU3
OGRiNjllYWI2ZWI1ZGFiOTFiMjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmz4uzE7NH5WbeN3BK6+9jSUR2GP36MEOKuKS6efuYtVOmPPmm0+JP36a20
2vrVPPy56xSCbMXDX5WSE4AyJO+SrWNj+GC1nuK+Z75GzX+ksmjZrQE5ama7x6nR
NyTUR4ICg72Q5w6Qqt4cvLcWnLm0alBbGaLtwljr2HdVcK+R5cn+qo8bb3UsHKU6
WlufPLOh7ZpumpxrEdVH5u+y/babyu4JK2IAKFT8PdRusjFVyNtjN66J+njRGrZ3
QbNCWnVC3mSlaqiK+RuxBHI/RRkbzu1N+uRsueDqA3iLZ0vM5pK+4u5PZDbIhluk
PO56JforMn4qgSBKw+6KpIhXtjsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTS8BcF
Lo5hgONFTjVIiwbvBKoWzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQzN2RjMTUtMTIyNC00OTAxLWFhYjEtN2Y3ZjMwZmU2MWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBpAI7EnQZCt+ToftCOLxn0dF86bcdfcj+UpzmU
sZq6rwYg3EpIliPPNnpy1MTkwhTMEg80OBggkK5xLK55MkHYYzU9PCicsmvyFW7O
EGM0YLvKgTjZ50fqINk4AllCbdWEdq4R9BJuMHXQwtz7jTtUcqgXHILTkvwub/At
9zj0tPDMrZG3ZNioKdJzI9GbD1rPiy80W70HoonJw6FEB8hJ54qU1IeM5sljV1Ip
lmlH5o+84UH7OvDlWqTVYjZ0KBpRB84xNNU4JwWWQ5ZtUFRT+qAm79y0F7KTiNju
Iwlr86ryjSNHy7sn1DYrWeUdoo+hXDVjfUoduxy7n7TRScu/
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:54 2025 by rpki-client