Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
File: c7743543-1a04-47c2-8128-1b90de9136a9.roa (raw, json)
Hash identifier: 7c0sbyAgeb/CQONVFvTf0MHwBXEYa7qN8lDd3NhCXow=
Subject key identifier: BB:84:8D:19:D0:D2:55:E9:CF:CC:AF:62:46:E8:4C:1B:CF:2E:D8:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40E62AB0192BBC00ECEF3C5FF83E26BF68059EA7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
Signing time: Tue 20 May 2025 18:50:08 +0000
ROA not before: Tue 20 May 2025 18:50:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:e6:2a:b0:19:2b:bc:00:ec:ef:3c:5f:f8:3e:26:bf:68:05:9e:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e9493fc04d786a1c354e3b91851347b5c86c6ca57238bad2b8f7dfc224cd414f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8c:80:37:26:a1:f0:ad:e4:d7:97:f1:5a:b9:
24:e6:b4:85:21:01:bc:7e:3a:71:44:e7:6f:8d:ea:
c8:e5:bb:1a:cb:9f:7c:4e:ef:4d:09:d9:7d:c2:09:
56:9f:77:9d:5e:14:4a:b0:af:7d:7b:f8:a7:0a:96:
63:dd:8c:89:55:e9:0d:ec:92:77:5e:47:a5:0e:9d:
b2:b7:04:0d:f6:05:4e:ea:32:c1:8e:82:a0:03:ec:
86:3c:95:39:d2:f8:89:5f:14:6d:85:55:b4:9e:d2:
a3:4e:b9:e3:56:e9:d4:4d:28:45:91:46:b0:68:b8:
a9:d0:c2:3f:97:5a:0c:33:5b:e0:bd:ad:7e:c3:db:
99:7a:65:dd:8c:a8:08:4c:74:47:c3:b9:00:8f:ca:
09:74:cc:da:2b:4a:54:16:85:b6:37:8a:9a:64:c3:
e4:48:b3:e0:66:69:11:2a:63:d9:64:19:85:47:fd:
53:30:ec:57:84:76:55:67:fb:8a:cd:a9:e4:a8:98:
0e:69:06:05:69:74:e3:d8:b5:b2:7b:df:0c:f1:8f:
b4:ab:fe:d6:57:47:cd:8a:3c:2a:16:c8:9d:26:88:
b3:e6:80:14:98:44:e7:2b:63:73:30:93:6c:c8:18:
6e:67:62:15:b2:e3:cc:c9:a4:3d:ad:a6:ff:4e:6b:
7a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:84:8D:19:D0:D2:55:E9:CF:CC:AF:62:46:E8:4C:1B:CF:2E:D8:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8090::/48
Signature Algorithm: sha256WithRSAEncryption
08:20:33:66:ae:fe:2a:b3:76:44:80:48:ef:77:90:20:bf:e7:
ed:72:ee:af:24:64:bd:98:b8:27:55:0d:cb:80:ec:9a:b9:c1:
b5:b3:a1:3a:13:8e:e6:40:da:71:dc:8e:d4:c6:11:35:60:60:
09:1a:ac:9e:24:83:b1:52:0b:9b:52:32:4b:be:d1:8b:30:9b:
e1:a9:3b:8a:03:1e:05:69:a0:40:3f:49:7c:53:19:34:0f:0f:
25:b8:1c:21:ca:1f:76:3e:cc:94:e7:3a:57:7f:95:a6:a2:69:
8c:ed:1f:c4:c9:73:9b:13:b5:23:3f:95:c1:5d:3e:5d:9f:95:
16:7a:8f:a0:f0:eb:7f:9b:c3:00:77:38:0f:95:34:4f:83:78:
f3:d8:84:b8:d1:1f:cf:18:02:40:62:bd:0e:74:1a:06:9f:35:
9a:0d:f8:ae:03:01:fd:3b:c0:d6:ad:f5:9c:4a:70:8f:25:23:
91:89:56:50:d2:5e:f3:0e:14:e6:43:36:99:4c:12:28:ff:7c:
85:99:30:b3:d4:49:e6:31:da:e1:ee:e6:6f:6c:45:83:9e:d9:
06:11:c8:dc:60:8b:b5:c6:bd:91:89:c0:7a:4c:08:ca:05:b3:
c5:11:0f:c3:b7:8e:3e:16:4e:b5:e4:65:7f:c7:b3:fb:d6:b1:
3f:12:09:5b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQOYqsBkrvADs7zxf+D4mv2gFnqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5NDkzZmMwNGQ3ODZhMWMzNTRlM2I5MTg1MTM0N2I1Yzg2YzZjYTU3MjM4
YmFkMmI4ZjdkZmMyMjRjZDQxNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGMgDcmofCt5NeX8Vq5JOa0hSEBvH46cUTnb43qyOW7GsuffE7vTQnZfcIJ
Vp93nV4USrCvfXv4pwqWY92MiVXpDeySd15HpQ6dsrcEDfYFTuoywY6CoAPshjyV
OdL4iV8UbYVVtJ7So06541bp1E0oRZFGsGi4qdDCP5daDDNb4L2tfsPbmXpl3Yyo
CEx0R8O5AI/KCXTM2itKVBaFtjeKmmTD5Eiz4GZpESpj2WQZhUf9UzDsV4R2VWf7
is2p5KiYDmkGBWl049i1snvfDPGPtKv+1ldHzYo8KhbInSaIs+aAFJhE5ytjczCT
bMgYbmdiFbLjzMmkPa2m/05reqsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS7hI0Z
0NJV6c/Mr2JG6Ewbzy7YjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3NDM1NDMtMWEwNC00N2MyLTgxMjgtMWI5MGRlOTEzNmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
kDANBgkqhkiG9w0BAQsFAAOCAQEACCAzZq7+KrN2RIBI73eQIL/n7XLuryRkvZi4
J1UNy4DsmrnBtbOhOhOO5kDacdyO1MYRNWBgCRqsniSDsVILm1IyS77RizCb4ak7
igMeBWmgQD9JfFMZNA8PJbgcIcofdj7MlOc6V3+VpqJpjO0fxMlzmxO1Iz+VwV0+
XZ+VFnqPoPDrf5vDAHc4D5U0T4N489iEuNEfzxgCQGK9DnQaBp81mg34rgMB/TvA
1q31nEpwjyUjkYlWUNJe8w4U5kM2mUwSKP98hZkws9RJ5jHa4e7mb2xFg57ZBhHI
3GCLtca9kYnAekwIygWzxREPw7eOPhZOteRlf8ez+9axPxIJWw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:05 2025 by rpki-client