Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
File: 689f17ea-2ccc-4beb-bf91-0695da802222.roa (raw, json)
Hash identifier: nWCXH5uTUT4XTmGymgQPfNE61ufiZ3qStL1ODO7DZRs=
Subject key identifier: AE:4A:40:60:2E:35:FB:1F:AE:56:23:9E:87:AE:AC:B5:F4:3C:45:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04F900601AF9B99E06F670AE8E7F240C9A4D0B0A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
Signing time: Mon 12 May 2025 16:11:09 +0000
ROA not before: Mon 12 May 2025 16:11:09 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f9:00:60:1a:f9:b9:9e:06:f6:70:ae:8e:7f:24:0c:9a:4d:0b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:09 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=e2c522c08185158c08b7428f23736c8b212e51c8d5a51b99d35e69af3efb1652, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a1:5f:62:42:f7:d1:c8:c4:0a:34:97:be:63:
9a:16:8b:db:02:d3:31:94:2a:c1:64:14:6b:19:2c:
11:b4:86:cc:9a:93:d6:78:f3:37:94:e3:45:b3:4f:
0b:e1:44:36:04:f7:de:b4:ce:bd:8f:c5:7c:2b:97:
a8:60:75:9e:2b:ac:2b:62:94:2a:13:0f:9b:53:30:
33:0f:41:8a:16:3c:8e:a6:ec:54:c8:d3:5b:de:d0:
47:6f:43:85:90:5b:11:37:00:97:8e:b3:ae:91:d1:
0c:be:e4:66:fe:d7:b1:7c:c1:7b:52:b0:f4:eb:13:
e2:84:bc:4f:dc:36:dc:1d:1c:ae:6d:45:eb:ce:5e:
a9:be:1b:d6:fe:6c:c9:c8:1d:a2:c5:de:57:b9:08:
02:4c:5c:08:dc:46:06:51:15:52:86:71:15:34:41:
3a:8f:3e:02:78:4b:55:dd:54:fb:46:38:c3:e9:f6:
d5:04:63:10:4d:4a:aa:ea:b7:81:cb:76:3d:c8:6f:
c9:d5:1a:05:ab:ef:fd:0c:4a:08:5c:64:7a:16:6c:
f5:3a:c2:f2:70:65:48:70:32:9e:ab:af:4f:4f:be:
2a:f7:eb:23:9f:ac:ec:a5:46:d2:bd:32:02:57:f8:
ce:b4:44:10:d6:5d:75:7f:9a:92:08:61:80:08:fb:
1e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4A:40:60:2E:35:FB:1F:AE:56:23:9E:87:AE:AC:B5:F4:3C:45:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1000::/40
Signature Algorithm: sha256WithRSAEncryption
34:aa:70:55:48:46:e3:18:ac:d1:e8:c5:cf:1b:4d:b6:f4:bf:
7e:8a:9d:d0:97:03:08:f1:59:b9:25:b0:84:81:d1:81:eb:3b:
ef:58:c2:60:f3:72:fe:f1:a7:8b:26:fe:45:23:88:99:2f:2f:
49:38:bd:00:e1:8d:43:0e:86:d9:46:4a:50:ce:84:8b:7d:09:
ec:5e:2e:74:b7:bc:ea:81:54:cd:b3:90:e7:08:ae:1e:67:4b:
ab:61:44:ec:10:11:3b:59:29:96:c1:8c:b4:dc:28:9d:0c:d7:
f9:9e:5e:60:a9:eb:93:57:3f:ee:17:90:13:27:6a:78:a9:34:
87:b2:f6:0d:1c:c2:aa:b1:47:15:ba:00:34:51:df:75:14:7a:
76:ae:68:d3:7e:24:22:71:8f:69:f1:61:c6:d4:93:c3:5f:d4:
9e:19:aa:c4:73:ea:98:d3:30:93:34:0f:35:e1:bf:ce:2e:89:
6a:0d:58:8d:ba:d8:35:dc:15:3f:79:dd:a7:1d:5c:8f:0b:17:
db:a2:05:e0:18:d4:7c:73:43:01:2a:dc:c9:d4:39:6e:2b:20:
5d:59:20:36:ba:bf:30:ee:b0:65:97:9f:4f:3a:a0:f2:7c:54:
f4:77:da:9b:3d:d5:2e:cc:1e:c8:d5:a3:24:5b:dc:4f:82:78:
f1:1a:5f:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBPkAYBr5uZ4G9nCujn8kDJpNCwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMDlaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyYzUyMmMwODE4NTE1OGMwOGI3NDI4ZjIzNzM2YzhiMjEyZTUxYzhkNWE1
MWI5OWQzNWU2OWFmM2VmYjE2NTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOihX2JC99HIxAo0l75jmhaL2wLTMZQqwWQUaxksEbSGzJqT1njzN5TjRbNP
C+FENgT33rTOvY/FfCuXqGB1niusK2KUKhMPm1MwMw9BihY8jqbsVMjTW97QR29D
hZBbETcAl46zrpHRDL7kZv7XsXzBe1Kw9OsT4oS8T9w23B0crm1F685eqb4b1v5s
ycgdosXeV7kIAkxcCNxGBlEVUoZxFTRBOo8+AnhLVd1U+0Y4w+n21QRjEE1Kquq3
gct2PchvydUaBavv/QxKCFxkehZs9TrC8nBlSHAynquvT0++KvfrI5+s7KVG0r0y
Alf4zrREENZddX+akghhgAj7Hi8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuSkBg
LjX7H65WI56Hrqy19DxFdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg5ZjE3ZWEtMmNjYy00YmViLWJmOTEtMDY5NWRhODAyMjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA0qnBVSEbjGKzR6MXPG0229L9+ip3QlwMI8Vm5
JbCEgdGB6zvvWMJg83L+8aeLJv5FI4iZLy9JOL0A4Y1DDobZRkpQzoSLfQnsXi50
t7zqgVTNs5DnCK4eZ0urYUTsEBE7WSmWwYy03CidDNf5nl5gqeuTVz/uF5ATJ2p4
qTSHsvYNHMKqsUcVugA0Ud91FHp2rmjTfiQicY9p8WHG1JPDX9SeGarEc+qY0zCT
NA814b/OLolqDViNutg13BU/ed2nHVyPCxfbogXgGNR8c0MBKtzJ1DluKyBdWSA2
ur8w7rBll59POqDyfFT0d9qbPdUuzB7I1aMkW9xPgnjxGl/3
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:50 2025 by rpki-client