Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
File: caeeaf61-b927-4d38-b398-1efb2c05d49e.roa (raw, json)
Hash identifier: 8p3u0IM6Hzu5cIs3glXY+VAHdVSr2pdZZc0P3IxP3wM=
Subject key identifier: 67:9C:B8:24:43:1E:5B:89:37:71:D2:2A:E8:3D:5D:F6:FF:EA:82:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 304E165FD9AE1EC8E34851062560C78F0B6FBEBA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
Signing time: Fri 16 May 2025 17:40:47 +0000
ROA not before: Fri 16 May 2025 17:40:47 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:4e:16:5f:d9:ae:1e:c8:e3:48:51:06:25:60:c7:8f:0b:6f:be:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:47 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=68adba3cd91cfa8dcb7725108827ee869e4f7363d0cf39adfbd91d92998167e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:78:b4:46:33:91:39:c6:ba:f1:0c:f2:da:65:
0c:67:ee:7e:4d:d0:45:7b:1b:0e:1f:02:14:14:d7:
52:f6:5e:45:61:c2:f4:db:ec:62:96:2d:e7:ac:ae:
a9:87:e0:95:a5:e6:a3:5c:0b:e4:b9:cb:d4:81:1c:
f9:ae:20:6f:c1:ec:bf:39:cd:e0:83:c9:e0:5c:4a:
94:35:f7:5b:8f:49:47:1a:5d:43:fc:4b:95:72:f9:
2f:21:f4:e5:02:c4:b7:20:06:45:2f:8e:82:bc:b2:
4a:ef:ce:39:db:93:d1:0e:20:d1:b7:b9:01:46:15:
0b:f5:33:24:9a:06:0f:ae:14:61:bb:8e:69:f2:7d:
0f:5e:99:f5:67:d2:c3:71:19:49:71:65:3d:a1:66:
60:94:70:69:19:68:4c:a2:a4:78:16:60:cf:a9:cb:
75:aa:3b:59:40:5f:c7:14:4d:d0:b7:72:fe:34:d5:
b1:c5:cc:6b:f4:e7:1b:2c:71:28:d5:bd:e5:ad:03:
72:f9:a0:d9:52:42:e7:e8:40:87:60:68:7b:f1:23:
3e:b5:f1:70:eb:0e:1e:c9:04:45:83:1d:20:53:f0:
da:6e:41:1b:f9:dc:ad:de:f0:e7:28:af:4e:6b:4f:
d1:63:a3:80:e2:38:a4:e0:fe:93:7f:7f:94:39:92:
db:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9C:B8:24:43:1E:5B:89:37:71:D2:2A:E8:3D:5D:F6:FF:EA:82:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:800::/40
Signature Algorithm: sha256WithRSAEncryption
9d:b0:ed:cc:d8:6b:fd:fe:6b:05:7f:87:17:9d:d2:3b:ad:b0:
2e:11:a0:4b:7a:1d:87:06:92:6f:2d:68:40:3b:51:b1:b8:e9:
3c:65:2e:00:f3:60:a8:82:4c:ca:47:6d:95:80:53:82:73:61:
02:72:68:3f:e1:f2:f9:88:5d:c2:64:c3:c4:77:4d:f7:a8:af:
f0:3b:aa:35:f4:b3:e5:bb:20:5e:07:d6:b5:f6:5d:12:17:9e:
72:e9:5e:46:28:9e:36:f7:c0:8c:06:1b:64:2b:6c:74:12:56:
09:0e:01:ab:9e:71:52:98:bc:19:b3:9a:10:cf:0c:65:ba:33:
46:d2:58:92:79:75:d7:6b:55:0a:44:85:11:e5:2c:fe:aa:1f:
fd:58:a3:d7:94:7c:0f:b1:05:63:9e:7d:cc:d6:38:47:00:a6:
dd:a4:83:62:1e:84:ab:57:ff:32:5f:80:c4:fb:c8:6a:85:c7:
9e:ae:7a:6a:57:37:0a:3f:bc:c5:04:fa:92:e5:98:b4:59:ab:
1b:fd:c9:e8:10:5e:37:8e:bd:c2:68:00:15:21:71:30:cb:c3:
09:af:ff:16:37:06:2f:e0:fc:b8:bf:56:87:16:c8:b4:68:d0:
9f:72:cb:a8:7d:f2:74:e2:74:19:d4:03:f3:15:d5:b5:df:c8:
30:22:6b:64
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUME4WX9muHsjjSFEGJWDHjwtvvrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwNDdaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4YWRiYTNjZDkxY2ZhOGRjYjc3MjUxMDg4MjdlZTg2OWU0ZjczNjNkMGNm
MzlhZGZiZDkxZDkyOTk4MTY3ZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM94tEYzkTnGuvEM8tplDGfufk3QRXsbDh8CFBTXUvZeRWHC9NvsYpYt56yu
qYfglaXmo1wL5LnL1IEc+a4gb8HsvznN4IPJ4FxKlDX3W49JRxpdQ/xLlXL5LyH0
5QLEtyAGRS+OgryySu/OOduT0Q4g0be5AUYVC/UzJJoGD64UYbuOafJ9D16Z9WfS
w3EZSXFlPaFmYJRwaRloTKKkeBZgz6nLdao7WUBfxxRN0Ldy/jTVscXMa/TnGyxx
KNW95a0Dcvmg2VJC5+hAh2Boe/EjPrXxcOsOHskERYMdIFPw2m5BG/ncrd7w5yiv
TmtP0WOjgOI4pOD+k39/lDmS22MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnnLgk
Qx5biTdx0iroPV32/+qCJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FlZWFmNjEtYjkyNy00ZDM4LWIzOTgtMWVmYjJjMDVkNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgI
MA0GCSqGSIb3DQEBCwUAA4IBAQCdsO3M2Gv9/msFf4cXndI7rbAuEaBLeh2HBpJv
LWhAO1GxuOk8ZS4A82CogkzKR22VgFOCc2ECcmg/4fL5iF3CZMPEd033qK/wO6o1
9LPluyBeB9a19l0SF55y6V5GKJ4298CMBhtkK2x0ElYJDgGrnnFSmLwZs5oQzwxl
ujNG0liSeXXXa1UKRIUR5Sz+qh/9WKPXlHwPsQVjnn3M1jhHAKbdpINiHoSrV/8y
X4DE+8hqhceernpqVzcKP7zFBPqS5Zi0Wasb/cnoEF43jr3CaAAVIXEwy8MJr/8W
NwYv4Py4v1aHFsi0aNCfcsuoffJ04nQZ1APzFdW138gwImtk
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:03 2025 by rpki-client