Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
File: bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa (raw, json)
Hash identifier: wVxJQ561yQjkH8VRVsBwCjUOJMg/gAlnqm8xXhPlTQM=
Subject key identifier: 5E:CC:D2:71:56:6E:25:ED:67:B8:A8:77:29:67:4E:99:C4:77:47:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AE54DB2EEF94A624C8EB09E07B8AF76C6035672
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
Signing time: Mon 12 May 2025 16:21:12 +0000
ROA not before: Mon 12 May 2025 16:21:12 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:e5:4d:b2:ee:f9:4a:62:4c:8e:b0:9e:07:b8:af:76:c6:03:56:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:21:12 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=0e08c0fce6e956de3de3b7c63fab7b981fb0629bafd8d6b52e30ebfb5ee0f880, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:96:4f:80:c0:46:65:8d:20:33:82:be:5f:8d:
a7:ca:86:bd:73:63:40:98:b3:50:fb:ee:de:27:2b:
48:68:7a:36:c4:1e:7f:90:b6:45:68:ac:4d:2b:ce:
59:9a:c6:48:28:b7:26:74:20:cb:96:3b:96:42:40:
b3:ac:e8:c5:34:f5:f7:e8:e6:81:c7:90:5a:58:e4:
5e:c2:37:88:39:7b:70:c1:87:6c:95:4b:44:57:c5:
3a:c7:48:2a:fc:21:42:32:5a:31:7b:3c:53:02:c9:
32:d7:24:fa:1b:32:3d:d9:7a:45:4c:91:3f:ab:0d:
49:d7:a0:ce:91:7c:36:70:ac:33:7b:71:1a:b1:b4:
f5:f8:c8:33:d3:5b:84:f1:c6:e7:7d:74:08:1c:c9:
3d:e0:96:dc:df:1d:05:4f:d6:7e:05:95:54:58:4e:
99:7d:45:b9:e9:3a:d5:14:5b:98:ee:33:9d:ea:95:
9b:82:a8:48:d6:fc:4f:c0:1f:62:05:19:e0:43:0f:
65:a2:96:42:c4:06:ed:37:1d:1f:41:ae:4e:66:24:
3a:12:fe:aa:27:5f:fa:d8:c9:44:47:07:52:57:8b:
03:20:6a:91:bb:d4:4c:db:e4:ae:64:9f:a0:5c:d6:
55:b5:86:c6:e7:91:2e:66:3e:9c:71:39:ce:a1:85:
d0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CC:D2:71:56:6E:25:ED:67:B8:A8:77:29:67:4E:99:C4:77:47:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
4c:ec:08:0b:03:c0:db:64:6a:9b:b0:5e:da:7f:82:7d:55:f8:
0e:f6:03:cc:cf:ba:3e:ad:75:5a:4b:ab:36:6e:31:fa:76:7b:
7d:c6:16:fc:48:12:dd:e7:fd:d3:fe:f9:5a:81:b2:bb:3d:dd:
1f:ee:15:2e:3c:aa:39:47:aa:9c:bf:f3:de:f3:37:4e:bc:7c:
51:53:2b:f3:7f:12:02:cd:10:f6:a0:18:ec:e7:22:9c:46:0e:
52:db:b2:99:fc:48:18:0e:cb:9c:67:36:0b:b4:0a:17:4f:16:
b1:19:24:5b:df:e0:1f:9d:42:41:88:13:3e:24:de:3a:00:34:
f5:9a:d3:9f:a6:31:a4:fc:49:b6:77:35:98:1a:7b:56:b9:e1:
e9:97:66:1d:bd:40:49:ce:c2:21:39:0a:a9:f7:dc:84:49:42:
fa:9b:5c:97:2c:d3:49:4d:74:d7:3e:ca:8b:f6:66:ed:c7:ed:
46:b3:ec:6e:8e:aa:7a:34:92:c3:f8:f7:2a:de:9b:8d:77:38:
3d:46:4e:f3:d7:22:f1:3c:30:81:16:b4:c9:c4:09:8f:e4:fa:
af:a7:94:05:46:8d:66:39:1d:3a:8e:a8:54:62:25:29:cb:0f:
0c:4b:50:7d:b3:8b:7a:2d:83:8b:ca:7f:42:2c:05:35:00:44:
14:0d:5b:27
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOuVNsu75SmJMjrCeB7ivdsYDVnIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIxMTJaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlMDhjMGZjZTZlOTU2ZGUzZGUzYjdjNjNmYWI3Yjk4MWZiMDYyOWJhZmQ4
ZDZiNTJlMzBlYmZiNWVlMGY4ODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSWT4DARmWNIDOCvl+Np8qGvXNjQJizUPvu3icrSGh6NsQef5C2RWisTSvO
WZrGSCi3JnQgy5Y7lkJAs6zoxTT19+jmgceQWljkXsI3iDl7cMGHbJVLRFfFOsdI
KvwhQjJaMXs8UwLJMtck+hsyPdl6RUyRP6sNSdegzpF8NnCsM3txGrG09fjIM9Nb
hPHG5310CBzJPeCW3N8dBU/WfgWVVFhOmX1Fuek61RRbmO4zneqVm4KoSNb8T8Af
YgUZ4EMPZaKWQsQG7TcdH0GuTmYkOhL+qidf+tjJREcHUleLAyBqkbvUTNvkrmSf
oFzWVbWGxueRLmY+nHE5zqGF0JUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRezNJx
Vm4l7We4qHcpZ06ZxHdHczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRhYTZkZTYtMDBkMy00ZDE4LThhYTAtMGJmODI4ODhkMzZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQBM7AgLA8DbZGqbsF7af4J9VfgO9gPMz7o+rXVa
S6s2bjH6dnt9xhb8SBLd5/3T/vlagbK7Pd0f7hUuPKo5R6qcv/Pe8zdOvHxRUyvz
fxICzRD2oBjs5yKcRg5S27KZ/EgYDsucZzYLtAoXTxaxGSRb3+AfnUJBiBM+JN46
ADT1mtOfpjGk/Em2dzWYGntWueHpl2YdvUBJzsIhOQqp99yESUL6m1yXLNNJTXTX
PsqL9mbtx+1Gs+xujqp6NJLD+Pcq3puNdzg9Rk7z1yLxPDCBFrTJxAmP5Pqvp5QF
Ro1mOR06jqhUYiUpyw8MS1B9s4t6LYOLyn9CLAU1AEQUDVsn
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:59 2025 by rpki-client