Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c753331a-9b4d-4856-abb9-330765ad02d0.roa
File: c753331a-9b4d-4856-abb9-330765ad02d0.roa (raw, json)
Hash identifier: Arw520t7NxJwlVObo+FqMCCN5urJZSm5YeRvf+5SPM8=
Subject key identifier: D6:FF:E8:B9:93:7D:36:60:C5:12:90:88:8B:10:CD:B1:D2:DC:C4:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4511DB9B3E6AA182CDD2000761789F515FF78D13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c753331a-9b4d-4856-abb9-330765ad02d0.roa
Signing time: Fri 16 May 2025 17:40:08 +0000
ROA not before: Fri 16 May 2025 17:40:08 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:11:db:9b:3e:6a:a1:82:cd:d2:00:07:61:78:9f:51:5f:f7:8d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:08 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=5dc2779e8d51d8269ff20de4093b392fec4fc6653651d394e357b7b5676fafc4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:95:2c:6c:b8:51:b7:c2:d2:a2:3a:72:ff:12:
24:a0:97:16:6d:80:e9:be:f1:c3:18:77:99:9c:94:
bf:50:4a:4f:28:91:79:b7:e1:c3:c0:7b:3e:31:ea:
cd:cb:89:f5:0c:c2:7e:69:ed:14:1c:36:b9:0f:cb:
33:5b:39:99:7c:37:28:21:75:a0:bf:15:fc:0b:98:
bd:ef:19:ef:ec:55:5f:d9:21:bc:0a:89:cc:fd:0c:
f1:ed:d8:27:ac:33:90:83:71:34:80:63:c2:8e:8b:
e3:ba:6d:80:e5:dc:24:53:ad:0b:b0:95:0e:bc:6e:
26:53:9d:96:02:52:7f:32:bc:d5:1c:97:55:a1:dc:
84:84:45:39:f0:d5:fb:d4:ce:00:97:fd:69:53:d8:
76:f6:3c:6d:62:e2:a2:5f:35:f1:7f:75:03:d3:b7:
c0:14:d7:3e:ee:d6:b5:33:4b:2b:79:12:6d:66:30:
39:50:d5:db:74:96:b7:70:df:fc:b0:f6:a2:92:7a:
b6:37:a0:58:64:86:44:18:11:6d:04:b3:eb:71:07:
0a:ae:8e:8e:4e:74:f2:81:35:ec:e5:96:fb:d9:ca:
ba:99:ff:ba:f2:f9:7f:d7:0b:b2:3e:0d:0f:37:33:
48:e4:ea:b3:36:a1:e1:82:b8:5c:ce:27:d3:e2:4d:
93:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:FF:E8:B9:93:7D:36:60:C5:12:90:88:8B:10:CD:B1:D2:DC:C4:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c753331a-9b4d-4856-abb9-330765ad02d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8c0::/46
Signature Algorithm: sha256WithRSAEncryption
3f:a3:95:4e:7b:e2:11:da:1e:16:7c:50:39:88:67:d8:12:4d:
68:4b:4e:65:ea:11:79:fc:ab:8d:c4:d2:90:79:a7:90:63:77:
e0:f7:40:41:3a:31:69:2c:14:0a:31:7c:43:fe:85:d8:3f:a8:
ed:7f:fd:ac:2e:b3:58:70:6f:e5:26:a9:db:30:b7:10:bc:e7:
e7:2c:e8:a2:52:8d:2a:ee:9d:da:49:d4:7a:66:af:9c:45:44:
4d:09:d0:b4:1a:eb:04:6a:70:32:11:b6:62:7a:c3:fa:a1:c8:
2f:6a:35:bb:6b:c8:c8:d2:85:8e:24:91:dd:28:4c:30:03:ed:
65:1d:20:f0:8b:7a:70:02:1e:04:43:3e:4f:52:6a:ee:cc:f5:
d3:f9:af:ad:1d:9a:a8:66:64:b6:45:6c:fd:b2:c3:c9:e4:9c:
df:cf:a0:dc:b4:19:ed:51:67:ca:a6:30:20:90:3c:ad:e3:80:
ae:f0:ab:b4:36:49:c0:36:a9:c7:e5:56:b7:32:81:d1:e1:6a:
21:ec:13:1b:d4:95:e0:ff:2d:26:11:14:5b:56:4f:97:41:08:
d4:69:19:cc:37:93:03:9e:25:ce:9f:f0:ed:a0:1f:73:63:96:
69:de:d8:1e:1a:01:18:e2:7f:2a:f7:f1:05:d4:c7:0b:39:ed:
7c:36:d1:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURRHbmz5qoYLN0gAHYXifUV/3jRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwMDhaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkYzI3NzllOGQ1MWQ4MjY5ZmYyMGRlNDA5M2IzOTJmZWM0ZmM2NjUzNjUx
ZDM5NGUzNTdiN2I1Njc2ZmFmYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyVLGy4UbfC0qI6cv8SJKCXFm2A6b7xwxh3mZyUv1BKTyiRebfhw8B7PjHq
zcuJ9QzCfmntFBw2uQ/LM1s5mXw3KCF1oL8V/AuYve8Z7+xVX9khvAqJzP0M8e3Y
J6wzkINxNIBjwo6L47ptgOXcJFOtC7CVDrxuJlOdlgJSfzK81RyXVaHchIRFOfDV
+9TOAJf9aVPYdvY8bWLiol818X91A9O3wBTXPu7WtTNLK3kSbWYwOVDV23SWt3Df
/LD2opJ6tjegWGSGRBgRbQSz63EHCq6Ojk508oE17OWW+9nKupn/uvL5f9cLsj4N
DzczSOTqszah4YK4XM4n0+JNkw0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTW/+i5
k302YMUSkIiLEM2x0tzECDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc1MzMzMWEtOWI0ZC00ODU2LWFiYjktMzMwNzY1YWQwMmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUI
wDANBgkqhkiG9w0BAQsFAAOCAQEAP6OVTnviEdoeFnxQOYhn2BJNaEtOZeoRefyr
jcTSkHmnkGN34PdAQToxaSwUCjF8Q/6F2D+o7X/9rC6zWHBv5Sap2zC3ELzn5yzo
olKNKu6d2knUemavnEVETQnQtBrrBGpwMhG2YnrD+qHIL2o1u2vIyNKFjiSR3ShM
MAPtZR0g8It6cAIeBEM+T1Jq7sz10/mvrR2aqGZktkVs/bLDyeSc38+g3LQZ7VFn
yqYwIJA8reOArvCrtDZJwDapx+VWtzKB0eFqIewTG9SV4P8tJhEUW1ZPl0EI1GkZ
zDeTA54lzp/w7aAfc2OWad7YHhoBGOJ/KvfxBdTHCzntfDbRAQ==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:00 2025 by rpki-client