Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdfda4b5-843e-4797-9739-e616ff3d5825.roa
File: bdfda4b5-843e-4797-9739-e616ff3d5825.roa (raw, json)
Hash identifier: oYKeabw8JK7Wly8EX/uLuOL/au0obtwqXGrXFtyz4/w=
Subject key identifier: 3E:4F:F1:16:85:03:34:FA:1B:D3:BF:99:60:66:D0:40:46:6B:4C:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63F6C6CFB72FE15B69A23B8FF680AF533EA77EB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdfda4b5-843e-4797-9739-e616ff3d5825.roa
Signing time: Mon 12 May 2025 16:11:12 +0000
ROA not before: Mon 12 May 2025 16:11:12 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:f6:c6:cf:b7:2f:e1:5b:69:a2:3b:8f:f6:80:af:53:3e:a7:7e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:12 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=a03135cd0fd85f97b5e84ebbe5fab0e9115a09ef2b9d84582ff9abd4964978d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:13:af:4f:4f:b8:f7:5d:98:4f:45:76:de:
bd:ba:5f:3e:bb:1e:50:4f:19:67:cb:2e:86:a5:03:
fe:0c:0d:0a:bd:dc:31:d0:55:e7:4e:9a:97:8a:4a:
11:ce:c2:53:48:84:cc:ad:c0:b4:cf:d5:90:ec:81:
15:ab:87:b7:7a:9b:18:12:d9:0a:1c:f4:2e:f6:b1:
7d:1e:0b:43:a0:42:1d:73:be:9e:86:73:64:24:b3:
2a:19:2e:ff:1a:1a:92:d5:56:29:37:95:3e:1e:ff:
a4:ff:b8:99:8c:50:73:df:ca:4d:77:31:91:ca:52:
fa:05:24:e2:84:5c:61:26:11:f9:70:8b:f4:3a:d2:
a6:9d:d4:c2:d1:f8:0b:6b:f2:08:5b:a4:5f:6d:0d:
a9:f3:5b:98:02:c4:40:a4:76:b2:7b:c2:53:72:eb:
c6:61:54:4d:20:6a:8a:11:51:8a:99:ec:3c:6c:6e:
9a:af:05:4d:84:b9:ca:00:a4:f6:4e:0b:c1:1d:d3:
e8:ef:b4:da:a7:ff:ed:2f:56:34:7e:0f:f2:35:30:
4a:82:27:cf:b6:e8:29:a0:32:75:50:da:32:63:0a:
ae:1c:7e:58:bd:45:e7:18:35:41:b4:b1:72:cf:65:
29:3a:81:df:0b:05:6b:bf:fe:82:01:2b:37:24:20:
2a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4F:F1:16:85:03:34:FA:1B:D3:BF:99:60:66:D0:40:46:6B:4C:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdfda4b5-843e-4797-9739-e616ff3d5825.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
5f:51:6d:7b:63:46:84:1c:3d:21:56:6a:27:7c:99:ca:e4:52:
28:11:8d:cf:0c:e4:ad:0a:b9:47:a0:b6:56:7e:ed:1a:d6:42:
09:1e:fb:23:f6:6c:d1:33:06:d7:c6:2d:3d:ba:2b:c7:3e:af:
26:76:31:3f:91:00:c4:d3:be:0f:5f:d9:b2:46:63:51:36:a6:
ba:33:4f:05:69:61:a7:5e:2a:ce:f3:4e:f9:85:6c:67:ae:c4:
7f:a0:aa:61:28:5a:aa:88:96:f9:e1:e3:0b:20:ea:73:87:c9:
11:34:f4:1d:4f:b0:69:8c:0c:f1:fd:e3:74:17:c3:51:ea:0d:
a7:2b:00:0a:11:a8:3b:45:cc:36:84:69:54:7d:71:ed:4d:09:
e3:bf:64:69:98:4e:bc:c2:c5:6b:03:66:fb:c1:66:f4:41:9a:
c8:ac:40:25:9e:f4:e9:f3:47:de:05:93:3e:41:f5:2e:f1:5f:
e3:06:73:ca:2c:b0:ea:65:3f:d3:cb:8e:2d:64:e1:17:f0:8c:
a9:6c:85:3a:b8:24:83:16:cd:2c:eb:57:78:80:9c:b3:25:e0:
49:51:5e:46:d5:56:0f:4d:73:60:b4:ff:18:d8:49:d3:6f:44:
b5:f6:78:64:c5:0f:ef:d5:ba:b3:b9:e1:fe:a1:1f:09:3e:fa:
b9:cb:52:e3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY/bGz7cv4VtpojuP9oCvUz6nfrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMTJaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwMzEzNWNkMGZkODVmOTdiNWU4NGViYmU1ZmFiMGU5MTE1YTA5ZWYyYjlk
ODQ1ODJmZjlhYmQ0OTY0OTc4ZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALndE69PT7j3XZhPRXbevbpfPrseUE8ZZ8suhqUD/gwNCr3cMdBV506al4pK
Ec7CU0iEzK3AtM/VkOyBFauHt3qbGBLZChz0LvaxfR4LQ6BCHXO+noZzZCSzKhku
/xoaktVWKTeVPh7/pP+4mYxQc9/KTXcxkcpS+gUk4oRcYSYR+XCL9DrSpp3UwtH4
C2vyCFukX20NqfNbmALEQKR2snvCU3LrxmFUTSBqihFRipnsPGxumq8FTYS5ygCk
9k4LwR3T6O+02qf/7S9WNH4P8jUwSoInz7boKaAydVDaMmMKrhx+WL1F5xg1QbSx
cs9lKTqB3wsFa7/+ggErNyQgKvsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+T/EW
hQM0+hvTv5lgZtBARmtMOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRmZGE0YjUtODQzZS00Nzk3LTk3MzktZTYxNmZmM2Q1ODI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBfUW17Y0aEHD0hVmonfJnK5FIoEY3PDOStCrlH
oLZWfu0a1kIJHvsj9mzRMwbXxi09uivHPq8mdjE/kQDE074PX9myRmNRNqa6M08F
aWGnXirO8075hWxnrsR/oKphKFqqiJb54eMLIOpzh8kRNPQdT7BpjAzx/eN0F8NR
6g2nKwAKEag7Rcw2hGlUfXHtTQnjv2RpmE68wsVrA2b7wWb0QZrIrEAlnvTp80fe
BZM+QfUu8V/jBnPKLLDqZT/Ty44tZOEX8IypbIU6uCSDFs0s61d4gJyzJeBJUV5G
1VYPTXNgtP8Y2EnTb0S19nhkxQ/v1bqzueH+oR8JPvq5y1Lj
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:55 2025 by rpki-client