Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
File: cb352ba2-1c61-4993-802d-895dc73880c2.roa (raw, json)
Hash identifier: Bxd0GwA6CIvBWVg0Bre6U20Ig2+fHkJ7FT3NO5Q8/+c=
Subject key identifier: 9D:3A:63:10:63:D5:1F:3A:D1:59:6B:F6:9A:95:6A:D1:B8:DC:4F:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FADCDF9321CB64F809994DEBCA20A8A41DC1611
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
Signing time: Fri 16 May 2025 17:40:19 +0000
ROA not before: Fri 16 May 2025 17:40:19 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:ad:cd:f9:32:1c:b6:4f:80:99:94:de:bc:a2:0a:8a:41:dc:16:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:19 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=863037cdfa4c92f39c5c73e8b726f5d304e0732d06e8a07232ee35e504b7758b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1f:a2:83:1d:97:e5:3a:2a:45:7b:5c:74:af:
69:6f:a1:aa:86:20:08:4f:33:d2:6a:2c:d9:b5:d9:
37:25:df:92:3b:82:8d:81:81:97:25:de:a7:c5:25:
31:ca:9d:3a:9a:fe:5c:7d:e8:e7:fa:4f:cb:2f:f8:
f1:41:a6:fe:11:c9:56:ab:c4:a3:42:8e:a8:49:de:
d0:65:a8:6b:27:f4:74:9d:cf:72:0b:52:b6:dc:90:
3a:59:49:58:c4:af:d4:fb:97:ca:39:ee:cc:c9:da:
ac:cc:b6:1a:c4:b1:bb:f4:6e:e8:d6:12:8f:d9:2b:
c9:24:51:1d:b3:6c:54:3b:5e:94:7a:7d:6b:ba:0f:
93:33:8e:7b:2a:84:f4:88:dc:ed:96:0c:f7:8f:e4:
c3:76:09:5d:5c:1e:cd:e7:76:af:27:ad:1b:fc:23:
35:d2:d9:9e:12:e9:dc:2c:87:28:ad:f9:e4:7c:e1:
d8:25:38:2a:8f:9b:16:36:64:58:eb:ec:e2:d5:3a:
a9:95:29:d1:2d:db:13:51:22:4e:da:58:10:b6:e7:
a4:63:6c:9f:e6:68:e1:e9:90:ad:22:44:af:00:df:
7e:53:69:fe:71:48:5f:16:a1:72:97:03:c8:d5:55:
bb:77:1e:07:87:22:13:90:97:32:cc:1b:9e:b2:88:
7e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3A:63:10:63:D5:1F:3A:D1:59:6B:F6:9A:95:6A:D1:B8:DC:4F:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:800::/40
Signature Algorithm: sha256WithRSAEncryption
93:58:11:ea:f1:85:58:a5:6f:22:f1:cb:72:8a:af:70:0f:fc:
43:0a:c4:fc:fc:52:90:73:46:48:88:e0:00:f7:e1:24:b7:76:
d6:87:74:87:58:03:a3:7b:cd:b3:00:8f:48:1f:3a:bd:c1:b8:
55:5f:dc:25:b9:8f:91:ea:04:12:7a:89:b6:51:67:3f:62:5c:
8a:72:32:4b:dd:6b:30:22:d2:cb:dc:a4:20:34:18:cb:40:1e:
36:c9:04:e9:1d:52:60:40:19:2b:2c:92:03:2a:32:8b:21:eb:
46:5d:f5:df:16:f0:bc:01:f7:a2:7e:8b:85:16:ce:f5:db:57:
a7:53:0d:5a:9b:08:a2:ae:99:9b:7c:7b:27:77:bc:29:41:f6:
18:bc:dc:77:69:1d:32:99:d8:5e:ae:96:f7:2d:4c:52:35:75:
31:2a:5a:61:a1:01:cf:3e:c8:31:fc:1c:c8:fb:8c:1e:b0:4b:
64:7f:14:30:e4:55:b6:7d:e1:f2:d5:e3:20:e9:db:7f:f6:6d:
1b:12:26:66:31:24:67:dd:d8:44:46:9c:34:db:fa:a6:6d:a1:
be:bd:fb:5d:ed:05:9b:98:af:0c:6b:c9:eb:07:d9:5e:46:af:
21:e2:45:cd:61:ef:22:f5:7e:fc:59:fb:e7:26:50:77:3a:ab:
6d:73:c8:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH63N+TIctk+AmZTevKIKikHcFhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwMTlaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MzAzN2NkZmE0YzkyZjM5YzVjNzNlOGI3MjZmNWQzMDRlMDczMmQwNmU4
YTA3MjMyZWUzNWU1MDRiNzc1OGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4fooMdl+U6KkV7XHSvaW+hqoYgCE8z0mos2bXZNyXfkjuCjYGBlyXep8Ul
McqdOpr+XH3o5/pPyy/48UGm/hHJVqvEo0KOqEne0GWoayf0dJ3PcgtSttyQOllJ
WMSv1PuXyjnuzMnarMy2GsSxu/Ru6NYSj9krySRRHbNsVDtelHp9a7oPkzOOeyqE
9Ijc7ZYM94/kw3YJXVwezed2ryetG/wjNdLZnhLp3CyHKK355Hzh2CU4Ko+bFjZk
WOvs4tU6qZUp0S3bE1EiTtpYELbnpGNsn+Zo4emQrSJErwDfflNp/nFIXxahcpcD
yNVVu3ceB4ciE5CXMswbnrKIfqcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSdOmMQ
Y9UfOtFZa/aalWrRuNxPMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IzNTJiYTItMWM2MS00OTkzLTgwMmQtODk1ZGM3Mzg4MGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYI
MA0GCSqGSIb3DQEBCwUAA4IBAQCTWBHq8YVYpW8i8ctyiq9wD/xDCsT8/FKQc0ZI
iOAA9+Ekt3bWh3SHWAOje82zAI9IHzq9wbhVX9wluY+R6gQSeom2UWc/YlyKcjJL
3WswItLL3KQgNBjLQB42yQTpHVJgQBkrLJIDKjKLIetGXfXfFvC8AfeifouFFs71
21enUw1amwiirpmbfHsnd7wpQfYYvNx3aR0ymdherpb3LUxSNXUxKlphoQHPPsgx
/BzI+4wesEtkfxQw5FW2feHy1eMg6dt/9m0bEiZmMSRn3dhERpw02/qmbaG+vftd
7QWbmK8Ma8nrB9leRq8h4kXNYe8i9X78WfvnJlB3Oqttc8i0
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:59 2025 by rpki-client