Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
File: b41919f2-4e07-4adf-8fc6-43f8940080d4.roa (raw, json)
Hash identifier: fXT+MPJxnBsJjfUeWIrYhTgAeqAJPmfx5RTadPxReP0=
Subject key identifier: 64:71:B6:A5:2B:DF:FB:6B:CA:4E:CE:FC:06:13:87:68:56:D0:C9:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14768E96401A4543A70B0002BCE9B90668D6ADA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
Signing time: Mon 12 May 2025 16:11:01 +0000
ROA not before: Mon 12 May 2025 16:11:01 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:76:8e:96:40:1a:45:43:a7:0b:00:02:bc:e9:b9:06:68:d6:ad:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:01 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=85d89287a9c5fde30941b9b9f4f42a0617e90e743dda429f5c9913529298ade1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ec:61:b7:14:cb:53:03:25:69:09:aa:8c:f1:
80:44:a1:4f:a0:e1:d2:2b:64:f0:29:6b:ac:cd:c9:
6f:0a:66:37:86:7b:67:5f:ff:06:38:d6:e8:50:04:
b4:c2:a2:4e:c2:b8:1a:d0:7b:f1:90:0f:1b:55:61:
58:82:0d:d6:1d:53:0e:c3:c8:31:53:11:54:7e:e0:
9e:fe:78:ec:82:51:4e:b1:36:69:b5:82:6b:c3:f0:
a9:d5:47:8a:fa:1c:eb:33:c2:cf:5f:02:c9:67:4d:
0a:bc:7d:61:5a:e7:2b:28:24:bf:9c:81:53:98:05:
d9:d1:24:a1:20:b5:9b:31:f6:45:04:ad:cd:c3:5c:
36:51:38:02:32:2e:ff:c7:12:56:eb:5c:6a:34:43:
06:e7:e7:b9:a7:9a:07:17:ad:d9:0a:bb:8a:38:48:
20:89:1b:e2:8b:1a:d0:51:e3:92:20:72:a5:a5:bd:
84:8c:78:56:3a:8e:76:83:ba:a9:ee:bc:f2:a7:ea:
e1:38:20:fd:af:86:fa:4e:80:a3:d6:33:fd:fc:ee:
3a:d4:9d:1f:cf:70:f0:a2:be:e5:b6:f6:01:ab:9d:
ac:73:f6:8f:d3:5c:e8:6b:2f:32:57:7d:60:2b:be:
19:2a:3b:57:b0:2e:47:c8:c8:d9:bc:74:be:ea:11:
4f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:71:B6:A5:2B:DF:FB:6B:CA:4E:CE:FC:06:13:87:68:56:D0:C9:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:93:bc:cb:69:ba:fd:f9:eb:93:11:1c:0e:47:7d:bd:93:ea:
52:cc:b6:96:61:0a:63:40:be:8c:74:83:0b:1a:c6:dc:e1:26:
de:d4:ce:27:96:91:f3:e0:46:c4:0e:f5:19:94:f2:9f:b3:4b:
0c:f7:57:f9:c8:bf:06:50:42:12:61:c1:77:c0:7b:6f:6c:99:
92:b7:69:d1:b8:77:43:4e:e4:b2:3d:66:95:4e:fe:de:09:0a:
71:46:e9:b0:61:eb:43:19:49:5f:85:0e:50:42:7c:26:c4:88:
bc:76:d8:ea:31:a7:ea:de:d0:7b:37:5d:e8:c3:89:b3:cc:50:
0a:c0:88:73:1f:95:53:0c:3d:7a:23:73:24:60:38:ba:d8:3f:
aa:91:0f:e6:bb:77:d3:c6:3f:0b:f7:2a:c5:5f:0c:4f:7a:3d:
e6:fe:da:56:8a:d2:04:ca:8d:38:d4:f0:b0:34:2b:75:cd:a0:
dc:ae:dd:d5:9a:56:14:eb:c8:e9:7a:ee:fb:2e:65:d3:1e:4e:
28:4f:39:e9:58:9b:b9:8e:44:7e:01:44:1a:bf:e4:19:b5:f9:
f9:b4:3d:9d:b9:f6:1f:75:17:3e:fb:56:1d:72:57:0c:2f:02:
87:04:31:2a:14:3f:9c:c1:ed:55:3b:97:f3:69:91:9f:50:1e:
e3:1a:3b:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFHaOlkAaRUOnCwACvOm5BmjWraEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMDFaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1ZDg5Mjg3YTljNWZkZTMwOTQxYjliOWY0ZjQyYTA2MTdlOTBlNzQzZGRh
NDI5ZjVjOTkxMzUyOTI5OGFkZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHsYbcUy1MDJWkJqozxgEShT6Dh0itk8ClrrM3JbwpmN4Z7Z1//BjjW6FAE
tMKiTsK4GtB78ZAPG1VhWIIN1h1TDsPIMVMRVH7gnv547IJRTrE2abWCa8PwqdVH
ivoc6zPCz18CyWdNCrx9YVrnKygkv5yBU5gF2dEkoSC1mzH2RQStzcNcNlE4AjIu
/8cSVutcajRDBufnuaeaBxet2Qq7ijhIIIkb4osa0FHjkiBypaW9hIx4VjqOdoO6
qe688qfq4Tgg/a+G+k6Ao9Yz/fzuOtSdH89w8KK+5bb2AaudrHP2j9Nc6GsvMld9
YCu+GSo7V7AuR8jI2bx0vuoRTycCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRkcbal
K9/7a8pOzvwGE4doVtDJdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQxOTE5ZjItNGUwNy00YWRmLThmYzYtNDNmODk0MDA4MGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB9k7zLabr9+euTERwOR329k+pSzLaWYQpjQL6M
dIMLGsbc4Sbe1M4nlpHz4EbEDvUZlPKfs0sM91f5yL8GUEISYcF3wHtvbJmSt2nR
uHdDTuSyPWaVTv7eCQpxRumwYetDGUlfhQ5QQnwmxIi8dtjqMafq3tB7N13ow4mz
zFAKwIhzH5VTDD16I3MkYDi62D+qkQ/mu3fTxj8L9yrFXwxPej3m/tpWitIEyo04
1PCwNCt1zaDcrt3VmlYU68jpeu77LmXTHk4oTznpWJu5jkR+AUQav+QZtfn5tD2d
ufYfdRc++1YdclcMLwKHBDEqFD+cwe1VO5fzaZGfUB7jGjub
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:08 2025 by rpki-client