Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
File: 8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa (raw, json)
Hash identifier: lLuOKwue1ZYCpWIZBcDMVe1MRfiNLmDu4DMM2ZZUy4M=
Subject key identifier: E4:BC:06:79:2A:8A:5C:DF:40:7F:B1:CB:48:F4:0F:D7:79:D8:B0:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E045CB93F0370B83C4AE39C85551F2D87FC038D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
Signing time: Tue 20 May 2025 20:10:56 +0000
ROA not before: Tue 20 May 2025 20:10:56 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:04:5c:b9:3f:03:70:b8:3c:4a:e3:9c:85:55:1f:2d:87:fc:03:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:56 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=261ac67393df21e25301ed273115bba19fc97d6c13eef32e09081aff776cfd20, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c0:39:4e:7d:4b:07:c0:e2:e5:b9:62:c0:ce:
f2:d8:c2:4f:65:d0:3c:ed:da:56:5c:9b:c1:41:69:
3d:9e:46:c7:69:82:bf:fa:2f:3f:a0:93:c0:8c:8d:
0a:6b:78:65:13:f1:4d:cd:0b:87:34:a8:78:a0:ab:
c7:9f:c0:84:e7:30:06:ba:a5:e0:71:71:ed:ae:60:
fc:33:bc:85:63:45:5c:9a:17:ab:e1:5d:5e:90:fe:
a0:38:bc:54:2c:ee:d3:8a:48:39:19:80:47:f1:39:
da:99:09:10:72:b5:29:3e:a8:43:79:45:7e:f7:d7:
79:2c:fd:81:a5:0e:b0:96:23:c7:1c:e0:e2:67:b0:
fe:27:58:3f:1e:83:f6:a9:0f:35:00:19:80:14:36:
82:84:2c:03:36:c4:66:d4:41:6c:ae:46:6e:7d:42:
6a:ac:2b:ae:33:ce:ef:b5:22:6f:cc:98:22:ca:4c:
e7:80:3f:48:a9:f9:22:0d:fa:d6:e7:79:8c:dd:5a:
ff:3c:1a:c2:28:6a:f7:36:b7:61:75:c4:5c:97:af:
c9:d4:3a:9f:65:8b:2f:40:c8:69:c3:7a:60:6e:83:
7f:a8:4e:6f:f7:53:0a:2f:1d:8e:96:5f:0f:1f:8e:
b2:87:f7:91:21:08:5c:01:65:69:aa:88:e2:db:a4:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:BC:06:79:2A:8A:5C:DF:40:7F:B1:CB:48:F4:0F:D7:79:D8:B0:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:e000::/40
Signature Algorithm: sha256WithRSAEncryption
ca:63:65:b7:b5:3d:a9:8e:4b:2d:dd:1c:77:31:04:15:a1:d9:
f2:1d:cf:2b:f9:da:28:7e:23:b3:13:c0:55:1f:eb:67:d8:32:
d6:70:ee:6e:7e:be:64:34:86:18:a0:fa:be:d2:39:49:e6:4b:
03:6d:dc:ba:02:23:08:aa:7f:97:0a:74:27:1b:5a:17:7b:8c:
24:7b:dc:10:03:94:e7:bc:bb:3d:46:e4:b9:69:01:25:87:dd:
53:10:65:17:43:d7:03:85:12:d7:e5:25:55:42:7e:51:79:6e:
5d:0f:5d:5e:17:5d:de:61:b7:0b:eb:ed:e4:e1:98:77:e4:e9:
e6:ec:65:a7:ce:5f:53:84:53:f3:62:e1:bc:7b:b9:a4:87:db:
1b:20:76:06:40:17:c4:8d:f3:12:38:52:8f:a5:a4:6c:ae:4c:
56:17:d6:6d:12:10:b3:36:a1:f1:d9:3d:ab:8c:17:fd:d2:8e:
98:79:6a:c9:54:a5:81:24:a6:1e:6a:78:8b:e5:52:ea:0e:7f:
2c:af:ec:17:97:79:a2:a1:c2:73:68:90:73:8c:9d:25:fd:4b:
87:17:24:54:30:17:65:5f:b1:13:f8:58:a9:aa:6b:9e:e9:9a:
c2:84:3d:1f:d9:ac:11:ec:33:f2:19:d4:b2:44:f9:85:46:ee:
be:50:32:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHgRcuT8DcLg8SuOchVUfLYf8A40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwNTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2MWFjNjczOTNkZjIxZTI1MzAxZWQyNzMxMTViYmExOWZjOTdkNmMxM2Vl
ZjMyZTA5MDgxYWZmNzc2Y2ZkMjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrAOU59SwfA4uW5YsDO8tjCT2XQPO3aVlybwUFpPZ5Gx2mCv/ovP6CTwIyN
Cmt4ZRPxTc0LhzSoeKCrx5/AhOcwBrql4HFx7a5g/DO8hWNFXJoXq+FdXpD+oDi8
VCzu04pIORmAR/E52pkJEHK1KT6oQ3lFfvfXeSz9gaUOsJYjxxzg4mew/idYPx6D
9qkPNQAZgBQ2goQsAzbEZtRBbK5Gbn1CaqwrrjPO77Uib8yYIspM54A/SKn5Ig36
1ud5jN1a/zwawihq9za3YXXEXJevydQ6n2WLL0DIacN6YG6Df6hOb/dTCi8djpZf
Dx+Osof3kSEIXAFlaaqI4tukiacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkvAZ5
Kopc30B/sctI9A/XediwGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGRjN2Q1YmEtYjFlOS00YzFjLWExOTAtMjE0NzMxYjcxYjQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dbg
MA0GCSqGSIb3DQEBCwUAA4IBAQDKY2W3tT2pjkst3Rx3MQQVodnyHc8r+doofiOz
E8BVH+tn2DLWcO5ufr5kNIYYoPq+0jlJ5ksDbdy6AiMIqn+XCnQnG1oXe4wke9wQ
A5TnvLs9RuS5aQElh91TEGUXQ9cDhRLX5SVVQn5ReW5dD11eF13eYbcL6+3k4Zh3
5Onm7GWnzl9ThFPzYuG8e7mkh9sbIHYGQBfEjfMSOFKPpaRsrkxWF9ZtEhCzNqHx
2T2rjBf90o6YeWrJVKWBJKYeaniL5VLqDn8sr+wXl3miocJzaJBzjJ0l/UuHFyRU
MBdlX7ET+Fipqmue6ZrChD0f2awR7DPyGdSyRPmFRu6+UDK5
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:19 2025 by rpki-client