Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
File: 8a06e909-5227-47d9-a58c-be623a2a4cad.roa (raw, json)
Hash identifier: DWJr28YpbbkqrkK/bUx7/nX3GaAHftMPBz/f5By4sFA=
Subject key identifier: 0E:80:1A:78:BB:DB:33:93:66:67:74:7E:A3:96:B4:EF:62:7E:7A:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 599E8775B5F2F5EECEE83C6862A212AFDB8E4C61
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
Signing time: Tue 20 May 2025 20:11:24 +0000
ROA not before: Tue 20 May 2025 20:11:24 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:9e:87:75:b5:f2:f5:ee:ce:e8:3c:68:62:a2:12:af:db:8e:4c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:24 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=070aaac1e7f074d0e38d0d7e0df0c96b8dde0f0f5cf9a11b2c0c6a2770f8f7b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6a:8d:79:ae:b9:4a:24:b5:f7:eb:89:fa:1c:
3d:2f:80:1d:ab:23:c6:22:fb:d6:7d:53:84:2b:43:
b8:d8:24:8a:9e:15:a8:89:4a:b4:be:9e:67:20:9d:
86:fb:88:a7:5f:a6:e5:14:72:f6:91:a8:e1:3e:30:
f3:d6:90:3f:55:19:cc:13:a9:be:17:20:c9:ad:5f:
10:d1:a6:ef:b1:64:f2:64:6b:23:45:78:27:1f:db:
d3:5f:52:df:14:0e:0d:85:78:5d:5b:8f:09:fd:6a:
b0:2f:db:a0:52:30:7a:fc:83:1d:4a:bd:4b:93:73:
26:3c:aa:f0:5f:bc:50:2a:35:63:d2:5f:9f:6f:ed:
f5:ee:55:c0:21:58:ad:15:41:01:8c:ec:cd:51:6c:
ca:93:f3:fb:0a:fb:f3:34:19:ee:18:f1:4c:af:09:
cf:2f:14:62:8d:07:88:e4:90:d2:c8:e1:80:0f:16:
f2:ba:79:35:8d:91:d0:c9:69:96:90:62:7c:fc:83:
be:58:8b:ea:52:68:96:a9:32:1d:21:bf:8c:98:fc:
34:8d:7f:99:6a:cb:a0:d6:a0:3e:f1:37:7a:ab:e0:
ad:5f:5c:e2:a5:4a:f0:a6:70:fd:1f:b8:1c:e8:3e:
75:f6:8d:5e:15:f5:10:1c:66:0a:9a:1e:d1:d3:fa:
56:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:80:1A:78:BB:DB:33:93:66:67:74:7E:A3:96:B4:EF:62:7E:7A:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:4000::/40
Signature Algorithm: sha256WithRSAEncryption
31:89:4f:bc:49:30:2b:01:46:e2:79:c6:5f:3c:f1:54:ca:59:
9c:b9:49:ae:f0:56:3d:c0:7e:05:ab:b4:94:88:35:22:2c:53:
b0:a9:6d:a7:72:7f:e4:78:35:3c:de:ab:76:62:89:c1:c7:af:
fa:cf:92:ca:9c:2a:8b:45:d8:ef:11:1a:cd:09:90:43:70:90:
b7:33:61:71:4b:49:67:6a:a9:23:20:bf:7d:a6:e8:52:d7:77:
9a:01:1a:ff:f7:68:a9:8e:50:be:fe:f9:cc:73:9e:3f:be:47:
74:e9:65:df:f8:3a:0a:bf:0c:8e:62:d6:f4:c5:cd:a3:bb:fb:
52:9b:71:07:b2:92:81:77:5e:d7:19:21:7c:01:56:4e:9e:94:
1b:16:46:99:c5:63:3d:cf:d9:1c:60:89:e5:03:1f:7e:d9:31:
be:b0:0e:41:df:0e:84:bd:cc:43:6b:b3:40:f5:49:2e:01:b2:
48:da:00:be:69:71:f8:3d:a0:62:6f:90:14:21:9e:9b:f4:8c:
44:81:3d:4c:4d:b7:4e:22:4a:b1:f7:a1:86:09:47:7f:68:dc:
af:12:cf:4d:41:f5:02:65:28:64:18:b6:82:30:f3:1f:53:11:
8e:a7:d4:7c:3b:65:36:24:d6:f2:9c:3d:01:0f:f8:71:aa:f1:
86:b0:24:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWZ6HdbXy9e7O6DxoYqISr9uOTGEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMjRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3MGFhYWMxZTdmMDc0ZDBlMzhkMGQ3ZTBkZjBjOTZiOGRkZTBmMGY1Y2Y5
YTExYjJjMGM2YTI3NzBmOGY3YjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpqjXmuuUoktffrifocPS+AHasjxiL71n1ThCtDuNgkip4VqIlKtL6eZyCd
hvuIp1+m5RRy9pGo4T4w89aQP1UZzBOpvhcgya1fENGm77Fk8mRrI0V4Jx/b019S
3xQODYV4XVuPCf1qsC/boFIwevyDHUq9S5NzJjyq8F+8UCo1Y9Jfn2/t9e5VwCFY
rRVBAYzszVFsypPz+wr78zQZ7hjxTK8Jzy8UYo0HiOSQ0sjhgA8W8rp5NY2R0Mlp
lpBifPyDvliL6lJolqkyHSG/jJj8NI1/mWrLoNagPvE3eqvgrV9c4qVK8KZw/R+4
HOg+dfaNXhX1EBxmCpoe0dP6VjMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOgBp4
u9szk2ZndH6jlrTvYn567DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGEwNmU5MDktNTIyNy00N2Q5LWE1OGMtYmU2MjNhMmE0Y2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhA
MA0GCSqGSIb3DQEBCwUAA4IBAQAxiU+8STArAUbiecZfPPFUylmcuUmu8FY9wH4F
q7SUiDUiLFOwqW2ncn/keDU83qt2YonBx6/6z5LKnCqLRdjvERrNCZBDcJC3M2Fx
S0lnaqkjIL99puhS13eaARr/92ipjlC+/vnMc54/vkd06WXf+DoKvwyOYtb0xc2j
u/tSm3EHspKBd17XGSF8AVZOnpQbFkaZxWM9z9kcYInlAx9+2TG+sA5B3w6EvcxD
a7NA9UkuAbJI2gC+aXH4PaBib5AUIZ6b9IxEgT1MTbdOIkqx96GGCUd/aNyvEs9N
QfUCZShkGLaCMPMfUxGOp9R8O2U2JNbynD0BD/hxqvGGsCSs
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:15 2025 by rpki-client