Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa
File: bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa (raw, json)
Hash identifier: 24ptjwpDeccKUOPSr0nX3oDTAXP/UUW/OpIiZ3Hgqls=
Subject key identifier: 3B:EA:CE:6C:DC:CE:84:C5:D7:AA:A6:CE:23:60:82:25:44:43:C3:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D774F241BF62F9D481BBED3B7BFFDE3395F17ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa
Signing time: Mon 12 May 2025 16:21:20 +0000
ROA not before: Mon 12 May 2025 16:21:20 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:77:4f:24:1b:f6:2f:9d:48:1b:be:d3:b7:bf:fd:e3:39:5f:17:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:21:20 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=b77fd6f9b6c5555603de8206d887eef1a3ed2bf1695135ce66ca7aab26c22c84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ef:1f:85:75:50:b8:b9:3e:83:23:10:d0:31:
3d:6c:34:c3:9b:c9:e1:6e:7e:7f:b0:8f:fe:6f:f4:
a1:3a:13:54:cd:08:5f:3f:bb:fb:e0:27:74:fd:99:
b4:f3:5f:7e:14:54:6a:52:d8:bd:b9:97:2b:14:38:
37:a3:e7:cd:b0:2c:40:86:a2:43:b8:75:16:a8:ad:
8a:c7:d0:c0:c3:ec:a4:a6:77:59:a2:31:31:c1:07:
0b:49:69:26:e0:5a:2c:2c:60:e0:ad:ca:f2:6e:14:
af:72:8d:08:68:f7:bb:ac:05:59:8e:28:23:9b:e4:
e6:31:81:e9:18:a3:86:4d:b3:c0:b4:d0:fb:4b:5c:
ac:d7:99:fd:97:de:c1:a4:23:01:cc:96:f6:d3:04:
1d:c2:20:7c:7f:8b:1a:b5:5a:de:0b:71:36:8c:a2:
74:89:28:02:c8:2e:4b:8b:f7:b6:de:1e:e2:ed:68:
99:13:1b:5c:e0:2b:26:28:5c:b9:bf:ac:b1:5f:f4:
c3:6d:f0:13:74:40:62:70:cc:df:ee:8a:74:c0:24:
88:18:96:bd:77:aa:cc:d9:26:df:8a:93:9a:db:67:
01:9e:e7:35:27:18:0e:75:17:16:67:62:a1:e4:81:
cb:44:64:e8:62:0e:d3:9c:76:8e:62:86:82:3e:99:
3a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EA:CE:6C:DC:CE:84:C5:D7:AA:A6:CE:23:60:82:25:44:43:C3:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf0cf493-d65d-4886-a341-bcbb40fbf10b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
77:55:55:d4:90:ef:cb:98:0b:45:5c:14:6e:14:4c:31:43:b3:
2f:f2:d8:bd:f2:f2:a0:23:de:89:67:55:bd:75:01:23:aa:02:
4a:4d:ee:2e:62:49:ef:da:ad:bb:89:8f:fc:e0:d6:30:0e:36:
cc:84:c6:95:87:03:25:e1:80:0f:93:c1:d8:6d:b4:ec:e3:62:
1a:65:75:d5:f9:e5:43:47:bc:0e:b1:86:72:ad:e3:3a:b8:68:
46:e4:e1:e1:7b:d8:9c:13:85:4b:80:d5:cf:fd:4f:71:eb:1b:
63:1c:8c:1e:2d:13:8f:b6:a1:c4:9f:ef:26:7d:5a:02:49:d4:
d5:a2:7d:88:99:ee:4b:90:5d:9a:71:73:90:14:1f:89:44:70:
32:dc:32:82:64:91:3f:2b:3c:44:51:0c:70:27:ed:29:1b:49:
d0:0e:6c:8d:69:4d:87:a7:5c:75:d7:15:5f:25:31:cc:ed:f0:
26:5b:1e:03:d6:f0:ee:73:dd:e1:c0:44:4e:46:c4:52:ff:41:
0e:40:11:8d:56:1e:b1:03:84:01:af:91:90:ca:e7:92:6f:06:
58:b7:ad:46:9c:23:f1:ed:63:e9:1f:90:2a:70:c6:64:94:56:
65:c8:0d:2b:cb:d5:58:18:a8:be:ea:36:ac:ff:60:52:1a:df:
c5:7d:42:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfXdPJBv2L51IG77Tt7/94zlfF+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIxMjBaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3N2ZkNmY5YjZjNTU1NTYwM2RlODIwNmQ4ODdlZWYxYTNlZDJiZjE2OTUx
MzVjZTY2Y2E3YWFiMjZjMjJjODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/vH4V1ULi5PoMjENAxPWw0w5vJ4W5+f7CP/m/0oToTVM0IXz+7++AndP2Z
tPNffhRUalLYvbmXKxQ4N6PnzbAsQIaiQ7h1FqitisfQwMPspKZ3WaIxMcEHC0lp
JuBaLCxg4K3K8m4Ur3KNCGj3u6wFWY4oI5vk5jGB6Rijhk2zwLTQ+0tcrNeZ/Zfe
waQjAcyW9tMEHcIgfH+LGrVa3gtxNoyidIkoAsguS4v3tt4e4u1omRMbXOArJihc
ub+ssV/0w23wE3RAYnDM3+6KdMAkiBiWvXeqzNkm34qTmttnAZ7nNScYDnUXFmdi
oeSBy0Rk6GIO05x2jmKGgj6ZOsMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ76s5s
3M6Exdeqps4jYIIlREPDpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmYwY2Y0OTMtZDY1ZC00ODg2LWEzNDEtYmNiYjQwZmJmMTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRA
MA0GCSqGSIb3DQEBCwUAA4IBAQB3VVXUkO/LmAtFXBRuFEwxQ7Mv8ti98vKgI96J
Z1W9dQEjqgJKTe4uYknv2q27iY/84NYwDjbMhMaVhwMl4YAPk8HYbbTs42IaZXXV
+eVDR7wOsYZyreM6uGhG5OHhe9icE4VLgNXP/U9x6xtjHIweLROPtqHEn+8mfVoC
SdTVon2Ime5LkF2acXOQFB+JRHAy3DKCZJE/KzxEUQxwJ+0pG0nQDmyNaU2Hp1x1
1xVfJTHM7fAmWx4D1vDuc93hwERORsRS/0EOQBGNVh6xA4QBr5GQyueSbwZYt61G
nCPx7WPpH5AqcMZklFZlyA0ry9VYGKi+6jas/2BSGt/FfUID
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:18 2025 by rpki-client