Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
File: 9d030354-5f4d-47d4-9f96-310c9a509d02.roa (raw, json)
Hash identifier: K/652UgYcIq92SzwOyuKOgl+MBJwV6j7oX98S32d27Q=
Subject key identifier: BE:58:E4:D9:8F:34:6D:33:14:6E:2C:02:53:86:4D:F4:57:9B:A3:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EC57346DCC0AF74E01438BD0E940ADFAFFDC37E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
Signing time: Fri 16 May 2025 17:40:22 +0000
ROA not before: Fri 16 May 2025 17:40:22 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:c5:73:46:dc:c0:af:74:e0:14:38:bd:0e:94:0a:df:af:fd:c3:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:22 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=a49db955b38b3e2c2f644ed2160a09c63998575ad74a81afcf0068f34487d9b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:69:bf:26:9e:e4:64:fb:3c:b8:11:9b:c7:e6:
da:84:ff:24:ef:e1:75:d4:0f:69:8c:1f:cf:d3:e3:
b6:71:5b:9c:a1:94:f3:e3:a0:00:18:7d:da:ac:40:
16:ba:2c:4b:18:e0:a3:19:f3:cb:7e:27:62:14:b0:
ef:85:72:43:55:c5:f9:14:ae:8c:69:88:03:55:47:
b4:0f:52:da:75:7f:11:94:3c:a9:d9:c2:20:52:82:
1f:d1:eb:1a:f1:21:67:cf:90:30:a3:20:8c:ec:ca:
eb:e5:91:e7:c8:28:30:30:80:80:aa:ee:f3:34:35:
cc:f5:4d:2f:67:df:8e:e3:7f:23:bc:0e:2a:99:39:
23:28:9c:bb:36:ba:b3:f8:22:f4:79:72:ef:95:d8:
07:6a:76:9a:71:8b:54:bf:0f:c7:e1:8b:e4:42:d4:
65:19:fc:4a:f6:c8:17:33:15:01:31:6c:ab:73:1c:
72:8a:c6:ee:5a:e1:7a:ca:d4:e5:83:73:ff:73:e6:
79:16:27:5b:f4:d5:cd:3f:fd:d6:75:11:06:63:0a:
a9:5a:2e:46:56:64:a5:ba:0d:26:4b:21:8c:3d:6c:
f8:94:40:b2:94:47:21:2c:cd:20:6b:f2:ef:d2:72:
44:0c:78:bd:08:18:6d:f5:90:37:64:f5:7c:65:39:
a3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:58:E4:D9:8F:34:6D:33:14:6E:2C:02:53:86:4D:F4:57:9B:A3:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:800::/40
Signature Algorithm: sha256WithRSAEncryption
c7:9b:6c:c7:db:bc:57:2f:0a:38:25:97:08:69:3f:ac:6c:f0:
b7:54:67:92:49:a6:d0:e6:0b:28:07:19:c7:d2:11:3e:95:a3:
ca:a6:c9:3a:bf:e5:23:4c:d0:0f:73:72:d3:17:ce:0f:93:2c:
0c:eb:93:27:50:eb:7d:8d:2b:30:66:6e:77:05:2c:a2:3d:e0:
85:37:cd:a6:6e:1a:71:76:0a:da:00:85:69:7e:c0:74:50:e4:
a5:60:e9:88:a1:3f:6e:c3:8c:1a:38:2a:ab:92:e0:97:84:2c:
0d:3d:53:94:e9:05:89:48:43:c5:cd:ee:e8:56:b7:61:52:a5:
7d:f2:6e:4a:40:a6:b0:78:27:fc:6e:e6:74:bb:a3:17:22:d2:
1d:cb:91:ac:df:7e:f0:d8:f8:ba:85:b3:5e:93:69:dc:89:51:
51:2b:47:98:a7:4e:17:bc:89:fc:9a:59:d5:33:f8:51:4b:8c:
96:5f:81:f8:1e:da:a5:c0:a7:f8:c8:ed:e8:7b:83:f9:09:d4:
71:ef:f7:81:3e:0e:ac:75:6b:12:b8:0c:3c:d0:47:8f:46:46:
43:5c:16:49:a2:5e:3b:4c:48:20:66:82:b8:28:41:16:fa:9e:
1f:f4:b1:b9:3b:86:10:e8:d6:f2:2e:f2:64:8e:30:d9:82:ad:
ba:a4:cb:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULsVzRtzAr3TgFDi9DpQK36/9w34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwMjJaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0OWRiOTU1YjM4YjNlMmMyZjY0NGVkMjE2MGEwOWM2Mzk5ODU3NWFkNzRh
ODFhZmNmMDA2OGYzNDQ4N2Q5YjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIJpvyae5GT7PLgRm8fm2oT/JO/hddQPaYwfz9PjtnFbnKGU8+OgABh92qxA
FrosSxjgoxnzy34nYhSw74VyQ1XF+RSujGmIA1VHtA9S2nV/EZQ8qdnCIFKCH9Hr
GvEhZ8+QMKMgjOzK6+WR58goMDCAgKru8zQ1zPVNL2ffjuN/I7wOKpk5Iyicuza6
s/gi9Hly75XYB2p2mnGLVL8Px+GL5ELUZRn8SvbIFzMVATFsq3MccorG7lrhesrU
5YNz/3PmeRYnW/TVzT/91nURBmMKqVouRlZkpboNJkshjD1s+JRAspRHISzNIGvy
79JyRAx4vQgYbfWQN2T1fGU5o3ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS+WOTZ
jzRtMxRuLAJThk30V5uj2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQwMzAzNTQtNWY0ZC00N2Q0LTlmOTYtMzEwYzlhNTA5ZDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAI
MA0GCSqGSIb3DQEBCwUAA4IBAQDHm2zH27xXLwo4JZcIaT+sbPC3VGeSSabQ5gso
BxnH0hE+laPKpsk6v+UjTNAPc3LTF84PkywM65MnUOt9jSswZm53BSyiPeCFN82m
bhpxdgraAIVpfsB0UOSlYOmIoT9uw4waOCqrkuCXhCwNPVOU6QWJSEPFze7oVrdh
UqV98m5KQKaweCf8buZ0u6MXItIdy5Gs337w2Pi6hbNek2nciVFRK0eYp04XvIn8
mlnVM/hRS4yWX4H4HtqlwKf4yO3oe4P5CdRx7/eBPg6sdWsSuAw80EePRkZDXBZJ
ol47TEggZoK4KEEW+p4f9LG5O4YQ6NbyLvJkjjDZgq26pMtB
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:30:02 2025 by rpki-client