Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
File: be609ec8-2ad0-42f7-9159-0a3ece35241f.roa (raw, json)
Hash identifier: Um/q9O3fOc27WJBGc66wvVyc41zpPcYFr6yMm/aoHSg=
Subject key identifier: E1:E8:D6:15:00:87:6B:9A:29:5F:35:7D:2A:E0:67:90:CC:8E:76:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 453928BA60F0FCD0DE2EF06353903B73C3E7E561
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
Signing time: Fri 16 May 2025 17:40:48 +0000
ROA not before: Fri 16 May 2025 17:40:48 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:39:28:ba:60:f0:fc:d0:de:2e:f0:63:53:90:3b:73:c3:e7:e5:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:48 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=053fcf8ff221dbf63059f7b1568fa2b584c66f076b6f68238491d168c0bc00fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cb:a1:4f:be:a0:f7:36:f6:7b:95:9e:86:17:
1f:93:ef:a7:6a:b1:44:a1:34:ca:a7:3b:51:ec:68:
c4:3a:88:a1:22:c8:85:76:a0:0c:8f:ce:a2:97:20:
53:40:3b:f4:da:7e:8c:a4:4a:c2:cc:92:3a:15:f9:
bf:8b:31:c8:0d:d7:1d:1c:f1:10:03:a0:7f:27:bc:
d5:80:54:35:38:83:de:85:d6:35:29:38:03:4f:18:
f4:f7:69:a7:4a:f2:49:40:10:42:ae:cb:3b:c1:23:
04:b0:38:7c:ca:b2:6f:90:7b:7c:a7:28:4a:31:2c:
18:60:a2:92:b4:7d:ab:f1:14:2f:ac:4d:41:50:6a:
44:e8:8b:be:7e:2d:79:25:db:41:bb:f4:72:1f:fb:
fd:35:d9:66:bb:98:78:b8:1a:8d:cd:0a:c2:9e:97:
51:64:33:a9:ae:2f:80:ae:b5:bd:1a:5f:03:98:38:
ab:8f:87:c9:83:c1:1c:a7:69:24:71:8b:91:87:4a:
f4:2d:25:3c:29:73:c4:f4:5b:cd:12:b8:81:e8:60:
ba:fd:db:a7:d5:2e:1f:7c:6e:fd:de:78:da:0a:e1:
1c:27:e5:74:2c:8d:ec:d0:ef:46:0d:75:d7:02:71:
01:dc:b7:38:1b:3d:96:b2:11:4d:e4:a6:e2:38:be:
60:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E8:D6:15:00:87:6B:9A:29:5F:35:7D:2A:E0:67:90:CC:8E:76:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:800::/40
Signature Algorithm: sha256WithRSAEncryption
95:c4:ae:e4:24:bf:83:b9:25:c8:2e:db:84:84:8d:11:52:98:
cb:dc:57:54:42:ed:3c:47:24:28:29:69:3b:46:14:e6:7a:28:
55:47:3e:85:8e:c0:4b:f4:6a:2a:bc:fc:a6:a7:63:f2:61:ce:
4b:49:5c:4b:f5:a1:f3:ba:20:18:f9:6c:59:fa:29:f4:90:5b:
b0:57:34:cf:34:1e:06:82:fd:66:f1:e3:9f:6e:a3:5e:1c:e8:
36:dc:71:ba:4e:41:5d:3f:58:7b:71:6d:1d:81:a0:0f:7f:e0:
42:0e:eb:da:87:9a:29:e6:b0:81:6b:13:97:f2:d6:0d:d0:23:
0e:43:e1:87:3a:5e:75:d6:b9:79:11:0b:6b:88:6f:b9:8a:66:
87:a0:44:4b:de:6f:7d:e7:ab:3e:f5:b6:5e:1f:5c:27:fb:77:
df:76:bd:ff:ba:48:ef:2c:4d:00:ab:25:52:d4:8f:fa:79:44:
67:57:5f:ce:9b:06:b4:eb:24:1e:d0:cf:94:64:89:38:a1:83:
97:0c:15:fd:0d:e1:7c:75:3b:c2:e4:4e:26:54:39:02:59:f1:
3d:91:6e:f4:db:a2:ad:71:db:61:6d:db:a2:d5:22:e5:cb:66:
49:59:d3:98:c8:1a:83:ec:95:1c:1f:e3:7e:6e:00:b0:37:61:
ef:f8:06:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURTkoumDw/NDeLvBjU5A7c8Pn5WEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwNDhaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1M2ZjZjhmZjIyMWRiZjYzMDU5ZjdiMTU2OGZhMmI1ODRjNjZmMDc2YjZm
NjgyMzg0OTFkMTY4YzBiYzAwZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHLoU++oPc29nuVnoYXH5Pvp2qxRKE0yqc7UexoxDqIoSLIhXagDI/Oopcg
U0A79Np+jKRKwsySOhX5v4sxyA3XHRzxEAOgfye81YBUNTiD3oXWNSk4A08Y9Pdp
p0rySUAQQq7LO8EjBLA4fMqyb5B7fKcoSjEsGGCikrR9q/EUL6xNQVBqROiLvn4t
eSXbQbv0ch/7/TXZZruYeLgajc0Kwp6XUWQzqa4vgK61vRpfA5g4q4+HyYPBHKdp
JHGLkYdK9C0lPClzxPRbzRK4gehguv3bp9UuH3xu/d542grhHCfldCyN7NDvRg11
1wJxAdy3OBs9lrIRTeSm4ji+YF0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTh6NYV
AIdrmilfNX0q4GeQzI526zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MDllYzgtMmFkMC00MmY3LTkxNTktMGEzZWNlMzUyNDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAI
MA0GCSqGSIb3DQEBCwUAA4IBAQCVxK7kJL+DuSXILtuEhI0RUpjL3FdUQu08RyQo
KWk7RhTmeihVRz6FjsBL9GoqvPymp2PyYc5LSVxL9aHzuiAY+WxZ+in0kFuwVzTP
NB4Ggv1m8eOfbqNeHOg23HG6TkFdP1h7cW0dgaAPf+BCDuvah5op5rCBaxOX8tYN
0CMOQ+GHOl511rl5EQtriG+5imaHoERL3m9956s+9bZeH1wn+3ffdr3/ukjvLE0A
qyVS1I/6eURnV1/Omwa06yQe0M+UZIk4oYOXDBX9DeF8dTvC5E4mVDkCWfE9kW70
26Ktcdthbdui1SLly2ZJWdOYyBqD7JUcH+N+bgCwN2Hv+AaL
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:18 2025 by rpki-client