Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
File: 8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa (raw, json)
Hash identifier: toliTZB5X7poFOEoubVz7iQatK2zDgzJdIMXypgRl7A=
Subject key identifier: F3:51:96:7C:3D:FC:2E:BE:06:C5:3B:92:01:64:F5:C5:D7:78:3B:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 273601668ABFC8E5C7A703B29916A863B2CBCDAC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
Signing time: Fri 23 May 2025 00:40:52 +0000
ROA not before: Fri 23 May 2025 00:40:52 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:36:01:66:8a:bf:c8:e5:c7:a7:03:b2:99:16:a8:63:b2:cb:cd:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:52 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=de1ee9bc4d73dc0a1a7abfb43e893a4837c0021860a7a7d2e035bd2a5ef876fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d3:f0:96:43:d6:13:d6:3a:f9:fe:18:d9:0a:
d0:0e:b4:79:62:bc:f1:be:cf:24:f9:20:d7:36:35:
6e:28:2e:1d:14:87:f8:60:ad:a7:3a:f7:5c:13:e5:
51:52:58:70:bc:d1:8f:8a:3f:cf:60:4d:b3:a4:9c:
ee:02:51:97:51:a0:81:9c:b9:7c:ac:c6:f3:e2:e2:
37:cc:eb:d2:e6:14:ec:2f:35:df:a0:ec:9d:cf:27:
d5:29:4f:f8:ef:2c:fc:69:90:94:cd:ab:dd:bf:02:
30:96:ed:5c:85:99:5b:a6:ca:a2:42:38:04:a9:34:
59:00:66:1b:c6:3e:27:af:73:f4:33:ac:92:25:13:
49:88:05:8c:5f:21:20:3c:63:0a:24:d4:32:31:7c:
f3:d9:c3:9f:96:e0:ae:7c:14:73:b4:f5:e2:e1:14:
e8:71:7f:48:5d:1b:5e:79:cd:a5:6a:d1:48:f1:36:
0b:af:89:32:c3:05:e7:a7:de:f5:4a:fd:c2:e1:19:
0e:8e:30:48:da:95:2d:4f:3a:bd:85:65:27:fd:18:
2f:a3:f1:41:0e:2e:e4:84:49:36:05:64:f5:44:4d:
ff:36:08:65:f1:15:92:86:02:ac:de:b7:c1:fa:8b:
d7:f6:2e:2b:fd:62:0d:d8:07:a1:75:be:e8:5e:00:
77:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:51:96:7C:3D:FC:2E:BE:06:C5:3B:92:01:64:F5:C5:D7:78:3B:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
30:55:65:d1:32:81:b0:2e:8e:92:16:01:0c:9c:03:00:a7:42:
90:fd:f7:ef:e2:a6:c1:11:93:a2:ed:bf:83:fd:f5:92:b6:ae:
ad:95:c1:28:91:13:84:55:a2:58:88:f9:4b:28:28:34:b9:60:
67:8a:83:42:3c:17:4a:a4:d8:fe:73:98:9a:2d:24:1b:66:01:
17:04:c8:7e:05:ab:e7:da:e3:4e:1e:56:43:40:1a:4c:96:6d:
d7:55:7a:63:46:22:46:99:24:23:0d:a5:4a:bc:27:c3:e1:08:
ad:6b:72:d9:a0:65:19:03:88:b4:0a:00:7e:ed:41:b7:4c:3d:
86:0c:bb:9f:b5:5e:88:0e:ca:32:c4:28:a3:20:6b:c8:f7:27:
c0:e3:37:2a:9e:3d:98:f8:35:16:f2:01:49:31:46:88:2d:e1:
43:a5:b3:48:20:70:a5:ea:d1:8f:bb:37:a5:30:33:f2:79:c4:
6f:cf:1f:29:96:39:3b:7e:da:eb:0c:de:e6:48:ee:2d:23:2e:
5d:a4:79:f1:ea:69:81:a9:80:30:7e:06:12:7a:50:4f:c6:c6:
c2:50:dd:db:33:53:48:31:29:02:6a:00:83:2d:44:d7:eb:39:
42:71:2b:13:2a:69:31:32:fd:0d:c0:52:82:6a:0a:7f:4d:37:
4b:77:bd:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJzYBZoq/yOXHpwOymRaoY7LLzawwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwNTJaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlMWVlOWJjNGQ3M2RjMGExYTdhYmZiNDNlODkzYTQ4MzdjMDAyMTg2MGE3
YTdkMmUwMzViZDJhNWVmODc2ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/T8JZD1hPWOvn+GNkK0A60eWK88b7PJPkg1zY1biguHRSH+GCtpzr3XBPl
UVJYcLzRj4o/z2BNs6Sc7gJRl1GggZy5fKzG8+LiN8zr0uYU7C8136Dsnc8n1SlP
+O8s/GmQlM2r3b8CMJbtXIWZW6bKokI4BKk0WQBmG8Y+J69z9DOskiUTSYgFjF8h
IDxjCiTUMjF889nDn5bgrnwUc7T14uEU6HF/SF0bXnnNpWrRSPE2C6+JMsMF56fe
9Ur9wuEZDo4wSNqVLU86vYVlJ/0YL6PxQQ4u5IRJNgVk9URN/zYIZfEVkoYCrN63
wfqL1/YuK/1iDdgHoXW+6F4Ad9ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzUZZ8
PfwuvgbFO5IBZPXF13g74TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGE1N2U5ODItYzZiOC00YWE3LWIzMGEtMzhiZWQ2NGRmYzMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+A
MA0GCSqGSIb3DQEBCwUAA4IBAQAwVWXRMoGwLo6SFgEMnAMAp0KQ/ffv4qbBEZOi
7b+D/fWStq6tlcEokROEVaJYiPlLKCg0uWBnioNCPBdKpNj+c5iaLSQbZgEXBMh+
Bavn2uNOHlZDQBpMlm3XVXpjRiJGmSQjDaVKvCfD4Qita3LZoGUZA4i0CgB+7UG3
TD2GDLuftV6IDsoyxCijIGvI9yfA4zcqnj2Y+DUW8gFJMUaILeFDpbNIIHCl6tGP
uzelMDPyecRvzx8pljk7ftrrDN7mSO4tIy5dpHnx6mmBqYAwfgYSelBPxsbCUN3b
M1NIMSkCagCDLUTX6zlCcSsTKmkxMv0NwFKCagp/TTdLd71q
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:18 2025 by rpki-client