Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
File: 9ea9340f-dd25-4e30-a952-27ce8d9906df.roa (raw, json)
Hash identifier: 2nb48SV0D03pYyRqhuOMEXJKhuI2E2Eiaw3s2ppsCbk=
Subject key identifier: A5:FC:BE:5F:B9:28:81:0E:73:E3:8C:35:F9:C8:54:79:AB:5A:35:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D683D898DAA155C7B79D9ED9745A2A991413C70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
Signing time: Mon 12 May 2025 16:11:05 +0000
ROA not before: Mon 12 May 2025 16:11:05 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:68:3d:89:8d:aa:15:5c:7b:79:d9:ed:97:45:a2:a9:91:41:3c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:05 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=9ce3a2472a8219bb4c8057d277daca69bde25b365e40b94aaf48a54f5c06f612, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d5:ea:e4:04:c5:ed:b0:40:74:15:db:06:71:
8f:74:6d:d2:f3:50:e0:b9:52:0d:07:aa:a8:3d:01:
fe:52:c1:03:59:06:64:54:5b:08:a0:09:2f:de:04:
b7:0c:95:19:31:00:1a:ba:5c:93:89:48:6f:51:1d:
1e:2d:c0:a5:34:35:a8:6f:7f:76:a1:13:d7:4e:3c:
e4:b2:bd:0c:3a:fc:26:fd:56:fe:93:ef:29:4b:75:
29:84:f4:5c:10:8f:a4:fe:b0:27:62:5b:1f:53:7b:
ea:6f:e2:fc:8f:3c:ae:53:9d:6a:03:0d:b1:84:75:
9f:59:ba:9e:6c:27:e1:55:e9:1b:18:39:56:94:9e:
37:9c:09:58:9b:94:49:88:7a:1f:b7:96:c8:27:45:
d5:05:de:ed:cd:da:2b:c6:35:4d:a1:96:39:dd:96:
7a:05:2c:f1:18:38:ab:42:83:5b:ea:2d:dc:f6:02:
e4:a6:da:79:36:2b:4a:15:b3:0d:01:5f:ff:35:8e:
c8:e1:a1:c5:fb:00:79:75:0d:e7:cb:74:a8:6e:02:
03:40:6d:3b:63:ff:e1:98:c1:06:40:ab:e2:f6:4f:
5f:86:b7:96:4b:44:f6:c1:16:54:4a:74:6d:2c:b6:
98:23:92:20:3b:77:09:68:d4:a5:d8:b1:6c:62:79:
1d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:FC:BE:5F:B9:28:81:0E:73:E3:8C:35:F9:C8:54:79:AB:5A:35:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:96:1c:ba:5a:d5:2c:7b:74:d5:e0:b8:e5:2b:8c:8e:a9:21:
2b:14:2d:5c:4f:bc:1a:89:77:c7:03:1d:17:8f:4d:dd:ad:46:
14:09:39:94:a0:b1:ae:d8:4e:e0:e4:be:bf:5b:ca:e2:da:77:
03:41:ed:0c:31:4b:a3:45:5f:67:d6:fe:eb:cf:ab:43:0f:4e:
0e:b6:e5:02:b7:86:e8:cc:da:e4:b6:cc:63:6d:06:0e:3f:5a:
6e:63:bb:3c:a0:b2:7c:cb:6e:1c:a6:10:83:c4:7b:ba:fd:93:
5a:98:99:5a:d1:8b:55:20:ce:b0:94:bd:0c:72:84:73:12:67:
e6:53:11:b0:b1:23:4f:de:0d:4f:2a:d4:3a:ce:cd:75:cc:64:
84:f7:9a:70:37:14:d0:80:63:ac:e2:f6:e2:2c:03:11:48:c7:
9f:e2:dd:dc:80:b4:88:a1:31:eb:8b:03:18:0e:80:aa:76:be:
02:c0:ef:b1:fb:fa:f3:46:02:f2:d3:bb:51:cf:50:ab:6a:aa:
fa:66:aa:86:2f:31:90:87:4d:c0:95:cb:62:e2:8f:b7:87:38:
af:90:8b:c3:38:94:03:a4:35:37:98:4b:19:87:f1:62:5d:cb:
95:fd:71:e3:76:1f:74:31:92:be:35:ab:93:f4:69:4e:b6:f9:
9b:99:ce:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXWg9iY2qFVx7edntl0WiqZFBPHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMDVaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZTNhMjQ3MmE4MjE5YmI0YzgwNTdkMjc3ZGFjYTY5YmRlMjViMzY1ZTQw
Yjk0YWFmNDhhNTRmNWMwNmY2MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHV6uQExe2wQHQV2wZxj3Rt0vNQ4LlSDQeqqD0B/lLBA1kGZFRbCKAJL94E
twyVGTEAGrpck4lIb1EdHi3ApTQ1qG9/dqET10485LK9DDr8Jv1W/pPvKUt1KYT0
XBCPpP6wJ2JbH1N76m/i/I88rlOdagMNsYR1n1m6nmwn4VXpGxg5VpSeN5wJWJuU
SYh6H7eWyCdF1QXe7c3aK8Y1TaGWOd2WegUs8Rg4q0KDW+ot3PYC5KbaeTYrShWz
DQFf/zWOyOGhxfsAeXUN58t0qG4CA0BtO2P/4ZjBBkCr4vZPX4a3lktE9sEWVEp0
bSy2mCOSIDt3CWjUpdixbGJ5HU0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSl/L5f
uSiBDnPjjDX5yFR5q1o1yzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVhOTM0MGYtZGQyNS00ZTMwLWE5NTItMjdjZThkOTkwNmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCwlhy6WtUse3TV4LjlK4yOqSErFC1cT7waiXfH
Ax0Xj03drUYUCTmUoLGu2E7g5L6/W8ri2ncDQe0MMUujRV9n1v7rz6tDD04OtuUC
t4bozNrktsxjbQYOP1puY7s8oLJ8y24cphCDxHu6/ZNamJla0YtVIM6wlL0McoRz
EmfmUxGwsSNP3g1PKtQ6zs11zGSE95pwNxTQgGOs4vbiLAMRSMef4t3cgLSIoTHr
iwMYDoCqdr4CwO+x+/rzRgLy07tRz1Craqr6ZqqGLzGQh03Alcti4o+3hzivkIvD
OJQDpDU3mEsZh/FiXcuV/XHjdh90MZK+NauT9GlOtvmbmc5j
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:28 2025 by rpki-client