Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
File: cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa (raw, json)
Hash identifier: DACkiFjEhRc/xQGd/zEKXBCchALmKD7bDrGUJhs+GGA=
Subject key identifier: 5A:31:46:67:69:5D:9A:99:03:0B:A9:63:24:1D:AF:35:9E:EC:60:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3455D86B0ED0A885B95626A237874C047462DB0F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
Signing time: Tue 03 Jun 2025 20:53:39 +0000
ROA not before: Tue 03 Jun 2025 20:53:39 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:55:d8:6b:0e:d0:a8:85:b9:56:26:a2:37:87:4c:04:74:62:db:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 20:53:39 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=ee3718fe40688f4c23550d678b36779039dbebfd976307814ac7c6440fdde7c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:b7:40:68:dd:34:e8:17:b3:95:87:7f:e8:44:
86:32:b0:31:6a:31:b9:e1:35:70:7f:f2:d2:d4:8b:
64:54:7a:ae:be:95:d4:35:4b:43:68:63:6c:33:e8:
4a:8c:b8:56:80:4f:b6:82:64:ad:10:8f:46:a5:ec:
36:3c:c1:1e:fd:45:20:44:aa:87:04:52:d5:c7:36:
c4:b8:32:3f:d8:b9:b5:03:8d:ef:36:89:b3:44:54:
8d:48:51:0e:65:01:96:ee:5f:29:7c:5b:eb:86:08:
da:d5:dd:b1:69:34:59:a2:5e:f1:66:fa:0f:39:5c:
f9:c2:5e:0b:99:d6:8b:9f:08:a7:69:28:c5:e1:48:
4d:9e:f1:95:92:7f:92:76:9f:2d:e1:cc:e1:9c:28:
67:fb:63:60:e2:6c:99:a6:f9:fa:62:69:d8:00:70:
26:68:b3:1b:31:f6:f9:09:49:34:ef:f0:fe:29:1b:
89:51:19:64:fc:58:e2:63:bf:14:bb:7e:01:eb:5d:
4a:c7:15:30:58:72:26:d5:b4:de:13:80:23:bb:2c:
3d:6f:cd:e3:97:06:71:50:ef:9f:05:e3:19:81:9d:
60:bb:e5:51:64:98:8a:43:fb:5d:e8:70:66:a4:e5:
cf:b5:7c:78:6b:30:fa:64:07:a0:e2:f3:07:a1:ec:
dc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:31:46:67:69:5D:9A:99:03:0B:A9:63:24:1D:AF:35:9E:EC:60:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
56:c1:aa:28:64:1e:3d:88:ed:65:e3:3a:60:b6:bd:a3:1b:e9:
14:a1:65:71:ec:01:5f:0e:eb:f6:d3:07:10:70:fd:ec:fb:ca:
c6:3d:58:f6:b7:da:95:d7:dc:00:9b:68:03:2a:02:09:bc:da:
45:c1:76:f8:7e:9e:47:92:45:17:43:f9:52:42:b5:cd:1d:84:
f7:a0:49:66:1b:68:3d:c5:87:39:66:41:a4:27:7a:39:11:d5:
1d:aa:86:bc:cd:0f:47:6f:c0:bd:ef:b0:5d:df:10:43:db:33:
5a:07:30:79:ac:a3:00:95:ba:d6:b4:9b:c1:c5:e3:17:df:25:
26:3b:57:b0:61:4e:8b:cc:77:1b:44:17:d8:f3:be:85:d8:b4:
bb:15:7c:ae:2e:51:c6:1b:06:2b:47:77:31:70:ab:53:69:c1:
a8:b6:65:5c:45:fd:57:09:c3:67:0f:ae:52:2a:fc:41:51:c8:
3a:48:af:13:f1:1b:ce:e2:bd:aa:f5:4a:01:26:d0:a6:2e:1f:
0d:eb:c7:20:48:1b:ec:7b:96:c6:9e:aa:d3:f4:5f:04:53:f0:
a8:2f:fc:0d:ca:ec:00:e2:9c:f2:d9:05:fd:96:0c:da:32:41:
ee:a7:99:e0:aa:a5:80:8e:0d:be:07:8d:79:9f:fa:26:17:87:
07:ff:26:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNFXYaw7QqIW5ViaiN4dMBHRi2w8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMyMDUzMzlaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMzcxOGZlNDA2ODhmNGMyMzU1MGQ2NzhiMzY3NzkwMzlkYmViZmQ5NzYz
MDc4MTRhYzdjNjQ0MGZkZGU3YzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPe3QGjdNOgXs5WHf+hEhjKwMWoxueE1cH/y0tSLZFR6rr6V1DVLQ2hjbDPo
Soy4VoBPtoJkrRCPRqXsNjzBHv1FIESqhwRS1cc2xLgyP9i5tQON7zaJs0RUjUhR
DmUBlu5fKXxb64YI2tXdsWk0WaJe8Wb6Dzlc+cJeC5nWi58Ip2koxeFITZ7xlZJ/
knafLeHM4ZwoZ/tjYOJsmab5+mJp2ABwJmizGzH2+QlJNO/w/ikbiVEZZPxY4mO/
FLt+AetdSscVMFhyJtW03hOAI7ssPW/N45cGcVDvnwXjGYGdYLvlUWSYikP7Xehw
ZqTlz7V8eGsw+mQHoOLzB6Hs3AcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRaMUZn
aV2amQMLqWMkHa81nuxgrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2JkMjFiOWUtNzYyNy00ZWJjLWExZjgtNjM4OTBiNWQ0MTQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBWwaooZB49iO1l4zpgtr2jG+kUoWVx7AFfDuv2
0wcQcP3s+8rGPVj2t9qV19wAm2gDKgIJvNpFwXb4fp5HkkUXQ/lSQrXNHYT3oElm
G2g9xYc5ZkGkJ3o5EdUdqoa8zQ9Hb8C977Bd3xBD2zNaBzB5rKMAlbrWtJvBxeMX
3yUmO1ewYU6LzHcbRBfY876F2LS7FXyuLlHGGwYrR3cxcKtTacGotmVcRf1XCcNn
D65SKvxBUcg6SK8T8RvO4r2q9UoBJtCmLh8N68cgSBvse5bGnqrT9F8EU/CoL/wN
yuwA4pzy2QX9lgzaMkHup5ngqqWAjg2+B415n/omF4cH/yao
-----END CERTIFICATE-----
Generated at Sat Jun 7 03:55:08 2025 by rpki-client