Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
File: 66a53b3f-eb55-4869-ac1a-f83569ee728f.roa (raw, json)
Hash identifier: v7jQDXwWu7VQnGDLiHXwZGq4HTZInSJnvctZS3MNP5Q=
Subject key identifier: E7:FF:D2:BA:97:FA:B5:62:B9:9C:75:A8:B2:29:3C:2F:8C:4F:5C:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B1EA9FEFFAFEEBE55740931A52B1652FF52DA4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
Signing time: Mon 12 May 2025 16:21:21 +0000
ROA not before: Mon 12 May 2025 16:21:21 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:1e:a9:fe:ff:af:ee:be:55:74:09:31:a5:2b:16:52:ff:52:da:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:21:21 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=72cd62486cd7ee3347eb1d0e6be85d3c3fef157c4b993ebe83fb724bf172cb4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8a:f2:6a:c7:b1:d8:41:2c:7c:f3:57:b2:f5:
b6:20:99:4e:73:af:92:81:1f:29:3e:33:3a:d9:f3:
4d:46:55:95:c2:56:39:88:74:92:e7:a4:d8:fb:4a:
86:eb:30:d2:85:ff:be:19:6e:45:b1:55:a5:f8:29:
1f:b2:94:ed:38:75:61:c1:a8:5b:d3:38:98:75:ab:
0b:5b:ed:8b:66:5c:b3:11:96:f8:5f:e8:57:ad:d3:
33:bf:c3:88:04:51:7c:5c:ca:d4:39:12:2a:4a:94:
e2:df:d6:e5:ab:93:e8:bf:23:b3:97:d9:c5:38:dd:
83:21:3f:6a:01:3d:31:0f:eb:a5:e7:ab:ad:24:3b:
53:40:b8:8f:0b:fb:21:d7:65:a7:19:72:ce:bb:27:
38:3e:49:32:f2:de:ab:11:a8:3b:08:a5:5b:ab:28:
2f:fe:c1:b1:3a:01:3f:1c:12:ab:86:c4:2b:57:d4:
8a:8b:28:f2:0d:99:da:e9:5d:f9:4e:f2:a6:1a:6b:
75:0b:42:1b:b6:ea:32:7d:77:aa:54:b8:d8:3d:0b:
15:5f:8c:a8:84:b1:5d:a9:8f:3e:bc:0b:ce:72:bc:
8d:b9:50:12:6a:e9:0f:b8:e6:72:a5:70:bf:53:63:
c5:8d:8c:d0:21:8b:de:26:eb:5c:23:8e:d7:b2:3e:
ef:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FF:D2:BA:97:FA:B5:62:B9:9C:75:A8:B2:29:3C:2F:8C:4F:5C:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:ed:79:b0:dd:1b:ed:df:a8:ce:41:12:24:36:35:63:fb:66:
fd:d2:55:3f:88:35:31:fa:0c:eb:f9:d7:18:98:74:cf:03:7c:
15:5e:03:2c:20:22:52:b5:6d:53:4e:50:ba:60:4f:83:35:7a:
51:0b:2b:1d:e1:0e:35:63:c1:a3:8b:f4:d6:27:87:5a:b8:a3:
71:7c:cc:2f:5f:4d:78:21:d7:b8:3c:55:f1:ee:d6:4c:56:9b:
dd:ef:d0:ea:24:59:22:35:ea:43:3c:af:6b:ef:30:50:b1:e1:
d5:91:53:ab:a7:69:f5:c3:36:51:b7:76:f7:6c:57:be:5e:f8:
f1:8a:47:ad:24:9f:4f:c6:8f:29:bd:21:a7:6f:c7:9b:9a:37:
7a:e4:e6:58:36:81:9d:60:74:fc:fc:c9:19:94:a8:0d:bb:33:
e7:cd:9d:4c:07:77:39:97:6c:b9:55:67:92:aa:76:17:18:0b:
62:94:b6:af:62:ea:b1:aa:09:e9:5d:08:1d:60:35:8b:30:78:
2c:0c:b5:76:c6:5a:fd:1a:c9:24:51:11:e0:d5:a3:74:8c:6f:
83:52:89:8e:48:d3:e9:44:dd:c4:ce:c6:d2:6a:48:29:bc:4a:
31:c7:e9:95:31:a6:2b:1a:5a:69:cb:e3:22:86:0c:6c:68:7c:
07:a1:35:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOx6p/v+v7r5VdAkxpSsWUv9S2kwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIxMjFaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyY2Q2MjQ4NmNkN2VlMzM0N2ViMWQwZTZiZTg1ZDNjM2ZlZjE1N2M0Yjk5
M2ViZTgzZmI3MjRiZjE3MmNiNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKK8mrHsdhBLHzzV7L1tiCZTnOvkoEfKT4zOtnzTUZVlcJWOYh0kuek2PtK
husw0oX/vhluRbFVpfgpH7KU7Th1YcGoW9M4mHWrC1vti2ZcsxGW+F/oV63TM7/D
iARRfFzK1DkSKkqU4t/W5auT6L8js5fZxTjdgyE/agE9MQ/rpeerrSQ7U0C4jwv7
IddlpxlyzrsnOD5JMvLeqxGoOwilW6soL/7BsToBPxwSq4bEK1fUioso8g2Z2uld
+U7yphprdQtCG7bqMn13qlS42D0LFV+MqISxXamPPrwLznK8jblQEmrpD7jmcqVw
v1NjxY2M0CGL3ibrXCOO17I+73sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTn/9K6
l/q1YrmcdaiyKTwvjE9cIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjZhNTNiM2YtZWI1NS00ODY5LWFjMWEtZjgzNTY5ZWU3MjhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQAb7Xmw3Rvt36jOQRIkNjVj+2b90lU/iDUx+gzr
+dcYmHTPA3wVXgMsICJStW1TTlC6YE+DNXpRCysd4Q41Y8Gji/TWJ4dauKNxfMwv
X014Ide4PFXx7tZMVpvd79DqJFkiNepDPK9r7zBQseHVkVOrp2n1wzZRt3b3bFe+
XvjxiketJJ9Pxo8pvSGnb8ebmjd65OZYNoGdYHT8/MkZlKgNuzPnzZ1MB3c5l2y5
VWeSqnYXGAtilLavYuqxqgnpXQgdYDWLMHgsDLV2xlr9GskkURHg1aN0jG+DUomO
SNPpRN3EzsbSakgpvEoxx+mVMaYrGlppy+MihgxsaHwHoTW+
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:53 2025 by rpki-client