Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
File: 9a0196e5-a789-4daf-912c-37aa6951f379.roa (raw, json)
Hash identifier: yLw7iTFe2Uhk3Z5yg9EWRx+96fTdoIO04K/SX8dyqKE=
Subject key identifier: 53:C5:7C:F4:57:FF:C6:B2:22:DB:48:47:11:F8:81:C0:11:21:B4:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 222415E460D7E6D2627C4B256434F38A690116EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
Signing time: Mon 12 May 2025 16:21:05 +0000
ROA not before: Mon 12 May 2025 16:21:05 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:24:15:e4:60:d7:e6:d2:62:7c:4b:25:64:34:f3:8a:69:01:16:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:21:05 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=1dfb228be842be4c0283c613555d6f78f652d6417c85d7686f83067473f04ac9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d8:fd:95:3d:ae:15:9b:b0:94:b6:f0:a5:48:
0a:0b:d5:b5:7d:dc:5b:68:54:96:47:91:66:ed:e0:
08:5b:03:83:2e:2d:d2:e3:51:09:a8:98:de:3d:ea:
45:35:f7:00:3b:de:b8:e9:bd:19:49:97:05:5d:33:
55:8d:eb:c0:64:74:ce:76:5f:2c:bb:f4:54:ee:16:
df:de:01:fc:47:0d:6f:b7:7f:c1:e2:72:d2:86:1d:
c7:07:61:66:c5:35:55:96:f6:ba:4f:a8:10:6f:ba:
29:0a:11:58:50:d6:4f:82:df:16:e5:cc:42:69:3b:
14:d3:04:91:4a:70:ed:2d:81:ef:0c:ac:f9:0e:c0:
71:af:f4:61:25:60:94:12:18:44:c2:8c:de:63:34:
e7:c9:5b:95:44:f2:f7:d1:8e:ae:a8:87:1a:27:07:
5f:a5:1e:09:b1:e2:76:1f:61:05:a8:95:b6:0c:3e:
49:b2:dd:6f:50:13:d8:7b:22:12:5a:95:91:33:12:
ee:e6:a0:73:16:ee:6d:77:53:2c:68:34:92:23:45:
65:ae:70:01:1a:48:1a:86:c1:9a:43:50:9a:c9:e3:
ef:e2:46:b6:ac:76:1f:c4:62:49:6c:5e:49:eb:dc:
20:60:b9:27:e1:a3:2f:2b:d4:76:3c:41:26:22:f1:
a4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C5:7C:F4:57:FF:C6:B2:22:DB:48:47:11:F8:81:C0:11:21:B4:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:2a:60:1c:6e:1b:cd:49:a3:06:41:84:78:5e:4f:ff:7e:56:
87:a0:09:40:32:bf:b9:b0:29:56:72:a2:a2:61:ec:65:e3:90:
b3:6e:41:a3:72:70:3c:ea:4b:ab:16:b6:fe:05:ef:32:be:7b:
b3:ef:89:6c:a7:5d:4f:c1:ef:ea:ac:b3:b1:d1:68:e4:d5:a3:
55:6f:f6:99:2f:32:01:13:db:e0:d7:7c:b2:4e:ca:00:0d:90:
da:07:07:7b:bb:fa:18:bb:79:f5:a0:df:f9:97:73:86:cc:92:
ea:a2:22:f0:16:0d:7d:13:9a:6e:9c:cc:c1:fa:9b:2b:18:58:
cc:2b:09:48:1e:b6:d9:81:60:29:2a:59:a6:0f:22:c4:a3:c9:
1a:57:0a:97:44:25:6e:51:31:19:04:0e:11:b3:d7:47:2d:54:
67:3b:5b:0a:7c:40:2e:d6:7c:9c:d9:e6:ec:b1:44:42:65:0a:
50:68:64:10:50:04:81:6b:e4:2d:b7:a5:9e:94:05:a5:61:67:
91:4e:9d:28:cb:b7:d2:c3:12:13:be:97:50:76:05:65:e9:6d:
48:fa:6b:94:7f:95:3e:cb:d7:3a:ad:1f:b4:39:0d:d3:4e:6e:
14:ad:e5:c4:86:62:23:db:0f:08:17:6f:6e:43:7c:3b:6f:f0:
e9:f5:20:2b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIiQV5GDX5tJifEslZDTzimkBFuowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIxMDVaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkZmIyMjhiZTg0MmJlNGMwMjgzYzYxMzU1NWQ2Zjc4ZjY1MmQ2NDE3Yzg1
ZDc2ODZmODMwNjc0NzNmMDRhYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/Y/ZU9rhWbsJS28KVICgvVtX3cW2hUlkeRZu3gCFsDgy4t0uNRCaiY3j3q
RTX3ADveuOm9GUmXBV0zVY3rwGR0znZfLLv0VO4W394B/EcNb7d/weJy0oYdxwdh
ZsU1VZb2uk+oEG+6KQoRWFDWT4LfFuXMQmk7FNMEkUpw7S2B7wys+Q7Aca/0YSVg
lBIYRMKM3mM058lblUTy99GOrqiHGicHX6UeCbHidh9hBaiVtgw+SbLdb1AT2Hsi
ElqVkTMS7uagcxbubXdTLGg0kiNFZa5wARpIGobBmkNQmsnj7+JGtqx2H8RiSWxe
SevcIGC5J+GjLyvUdjxBJiLxpBsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRTxXz0
V//GsiLbSEcR+IHAESG02TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWEwMTk2ZTUtYTc4OS00ZGFmLTkxMmMtMzdhYTY5NTFmMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQDGKmAcbhvNSaMGQYR4Xk//flaHoAlAMr+5sClW
cqKiYexl45CzbkGjcnA86kurFrb+Be8yvnuz74lsp11Pwe/qrLOx0Wjk1aNVb/aZ
LzIBE9vg13yyTsoADZDaBwd7u/oYu3n1oN/5l3OGzJLqoiLwFg19E5punMzB+psr
GFjMKwlIHrbZgWApKlmmDyLEo8kaVwqXRCVuUTEZBA4Rs9dHLVRnO1sKfEAu1nyc
2ebssURCZQpQaGQQUASBa+Qtt6WelAWlYWeRTp0oy7fSwxITvpdQdgVl6W1I+muU
f5U+y9c6rR+0OQ3TTm4UreXEhmIj2w8IF29uQ3w7b/Dp9SAr
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:41 2025 by rpki-client