Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
File: 8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa (raw, json)
Hash identifier: 1q5BMj/FEQEmJJDH2ARjOgRjb6OJ0NvlcJDOt2GJr0s=
Subject key identifier: 63:78:8A:6E:EC:26:FA:F3:F1:CA:41:46:8E:0F:62:E1:5E:E5:C5:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 417FB73CAD22EC245E15C4141DDC660DD35C168B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
Signing time: Tue 20 May 2025 20:20:14 +0000
ROA not before: Tue 20 May 2025 20:20:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:7f:b7:3c:ad:22:ec:24:5e:15:c4:14:1d:dc:66:0d:d3:5c:16:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:20:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=78e57baeccb16e22f01f29f69fad4747061992d3fa259c24ef264cafe92a7ee5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:95:50:d4:73:b8:39:6a:ef:30:e6:80:10:7d:
e7:47:5e:2f:23:21:45:51:86:ff:e1:08:8c:23:aa:
58:64:72:ae:75:29:9f:40:bd:43:a1:7b:2a:60:fd:
0d:46:62:48:72:23:47:cf:02:1c:56:ff:23:a5:34:
9e:0c:52:db:1a:c9:47:f4:16:4a:eb:ab:45:7c:71:
ad:0a:36:ba:f5:cd:91:0a:3d:51:01:6f:49:f3:33:
bd:aa:3a:9e:56:85:6c:70:ac:69:49:87:77:0b:7c:
a6:65:65:4d:73:de:e1:1c:c2:22:13:3b:37:b0:16:
c7:df:47:fe:fb:4c:1a:1c:12:13:7e:99:d6:1a:f8:
71:c1:81:bd:d1:d6:43:ee:c7:eb:b5:44:95:73:8e:
bb:41:2f:d8:7d:b5:9d:ed:ea:62:65:6d:02:00:25:
3c:c9:f0:ab:74:a0:36:3f:5c:99:2e:60:60:a3:47:
74:b2:d4:74:93:58:a7:af:4a:72:e3:94:84:be:b3:
6f:d4:98:dd:db:d8:ac:d1:db:fd:4b:88:22:bf:e0:
d9:ca:ac:78:41:00:11:1f:6d:13:9d:a8:bd:de:5a:
9f:f5:f0:22:8b:3c:ab:98:06:90:4a:64:55:5b:07:
d4:06:6d:70:c7:05:c5:6d:83:39:f3:1d:31:59:03:
f4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:78:8A:6E:EC:26:FA:F3:F1:CA:41:46:8E:0F:62:E1:5E:E5:C5:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:800::/38
Signature Algorithm: sha256WithRSAEncryption
9f:a5:86:88:69:35:d8:7e:be:29:6b:ae:f4:84:74:aa:98:4e:
80:e0:ef:78:d3:0d:d9:4b:ca:46:b5:1a:34:b5:25:d2:02:87:
ad:89:aa:1b:24:87:bd:cf:3e:56:78:73:e2:31:66:04:55:d8:
03:29:63:0d:1e:56:3d:be:5d:d5:5b:74:80:6f:ea:74:83:84:
1f:c9:fd:9f:26:06:c0:32:0c:da:34:c2:00:f6:24:7b:74:ff:
f7:f6:25:b6:25:43:ab:71:51:7d:dc:46:de:33:b3:bd:b6:ee:
d7:2a:74:a6:ea:8d:4c:fe:68:ac:c2:33:cc:2b:fb:62:1e:c7:
d5:e3:15:71:a4:82:e4:10:45:79:76:ac:0f:ad:fe:06:6f:47:
35:e9:5e:76:a0:62:a1:4f:0d:90:50:30:ac:f1:5a:e9:02:61:
a0:4d:d7:af:b3:e8:58:e2:0a:df:9a:33:1a:7c:fc:5c:28:ef:
ec:cd:ae:d7:65:d9:99:fc:be:3d:1a:e0:65:9c:8a:78:fd:20:
81:19:42:21:e3:86:7f:04:60:21:66:d9:66:5c:6a:cb:e5:2c:
10:57:0d:bc:a3:07:47:7c:0e:69:76:58:42:f7:8c:ad:fb:a1:
cb:82:f5:eb:a2:c3:24:7b:ff:d3:ad:20:c3:9a:76:c7:bf:76:
b3:d3:a4:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQX+3PK0i7CReFcQUHdxmDdNcFoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIwMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4ZTU3YmFlY2NiMTZlMjJmMDFmMjlmNjlmYWQ0NzQ3MDYxOTkyZDNmYTI1
OWMyNGVmMjY0Y2FmZTkyYTdlZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiVUNRzuDlq7zDmgBB950deLyMhRVGG/+EIjCOqWGRyrnUpn0C9Q6F7KmD9
DUZiSHIjR88CHFb/I6U0ngxS2xrJR/QWSuurRXxxrQo2uvXNkQo9UQFvSfMzvao6
nlaFbHCsaUmHdwt8pmVlTXPe4RzCIhM7N7AWx99H/vtMGhwSE36Z1hr4ccGBvdHW
Q+7H67VElXOOu0Ev2H21ne3qYmVtAgAlPMnwq3SgNj9cmS5gYKNHdLLUdJNYp69K
cuOUhL6zb9SY3dvYrNHb/UuIIr/g2cqseEEAER9tE52ovd5an/XwIos8q5gGkEpk
VVsH1AZtcMcFxW2DOfMdMVkD9KUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjeIpu
7Cb68/HKQUaOD2LhXuXFPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNhNTA3N2ItMDk4Ny00YTY1LWI4ZmYtYTFlMjdmNzZjZDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoI
MA0GCSqGSIb3DQEBCwUAA4IBAQCfpYaIaTXYfr4pa670hHSqmE6A4O940w3ZS8pG
tRo0tSXSAoetiaobJIe9zz5WeHPiMWYEVdgDKWMNHlY9vl3VW3SAb+p0g4Qfyf2f
JgbAMgzaNMIA9iR7dP/39iW2JUOrcVF93EbeM7O9tu7XKnSm6o1M/miswjPMK/ti
HsfV4xVxpILkEEV5dqwPrf4Gb0c16V52oGKhTw2QUDCs8VrpAmGgTdevs+hY4grf
mjMafPxcKO/sza7XZdmZ/L49GuBlnIp4/SCBGUIh44Z/BGAhZtlmXGrL5SwQVw28
owdHfA5pdlhC94yt+6HLgvXrosMke//TrSDDmnbHv3az06Ss
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:49 2025 by rpki-client