Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
File: dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa (raw, json)
Hash identifier: 19/EA1ErA0LEUTh6skoMrKouTBj6YHOHvalQCybwaCY=
Subject key identifier: 97:C1:F9:50:EB:11:EB:8A:A4:98:DA:12:5B:80:80:6B:F6:2C:B7:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CC4521661F3CEE9E6796B3BA7B87941459E0407
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
Signing time: Tue 20 May 2025 19:11:14 +0000
ROA not before: Tue 20 May 2025 19:11:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:c4:52:16:61:f3:ce:e9:e6:79:6b:3b:a7:b8:79:41:45:9e:04:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=553f44359531a3b2563989d3e3b49567b925a8cc355e8963aa362357c79a7fe9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:20:88:0e:9f:5d:58:ad:18:cb:f0:96:9c:85:
82:8d:7a:9a:66:b3:a4:3b:eb:85:3e:4b:4a:2f:27:
17:02:02:0c:8f:6b:b0:27:fd:53:b5:a9:96:b5:c8:
dc:42:c9:ab:bf:29:c8:2f:a7:1e:e2:53:cb:75:14:
ec:15:bf:33:6e:14:06:07:ef:0e:24:c3:17:7f:b9:
2a:11:80:2d:18:b2:0d:95:2a:0f:80:90:bb:ca:92:
c9:5c:97:c0:c1:a4:f8:af:0a:4f:0a:1a:0b:bd:e2:
41:55:80:59:c7:d2:cd:fb:17:9e:ba:7c:f6:f5:e7:
7f:28:b2:d4:f5:86:ab:1a:28:ab:bc:0b:d8:1a:48:
78:4c:5b:61:b8:72:90:b5:16:42:8b:5b:e2:af:5f:
1e:1e:5f:d1:bf:f8:20:4b:fc:92:7c:2a:58:4f:8c:
62:87:01:15:58:8d:a1:3b:7a:67:51:c6:2f:36:84:
3c:f5:95:76:f9:61:a3:a6:35:c9:e5:92:ed:87:c7:
16:55:f5:5a:04:8a:0c:1d:90:d8:0d:15:90:24:24:
0d:1a:f8:86:4f:39:c3:5d:e0:6d:c9:03:ad:8b:96:
90:8c:67:84:7f:6d:3b:fb:74:56:45:8b:38:ce:00:
b4:74:4b:2f:84:85:4f:92:06:8f:37:a2:fa:d9:d9:
5a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C1:F9:50:EB:11:EB:8A:A4:98:DA:12:5B:80:80:6B:F6:2C:B7:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4000::/40
Signature Algorithm: sha256WithRSAEncryption
36:11:3d:23:0f:0c:b7:59:d6:b7:af:46:40:a3:a2:3c:f0:9e:
6b:6c:0f:ca:2d:83:ed:33:8e:f2:09:51:13:4e:9d:af:c0:15:
fb:ec:aa:47:b7:70:54:80:0a:fb:99:ff:af:2e:67:c4:25:c6:
db:b9:7d:05:f6:05:a1:1e:6b:60:c8:cf:24:2e:64:73:ef:8a:
52:09:cf:35:d7:7e:a1:bd:40:e8:8c:c2:e9:c6:02:04:91:66:
af:92:f2:12:b5:df:00:f0:98:c1:3e:ea:0b:ab:bb:7a:c5:df:
ce:2a:8f:43:32:a9:2c:c5:e1:27:27:ab:19:19:c0:01:22:5c:
17:c4:13:7d:12:4a:3a:4d:dd:4a:e4:76:98:d9:0e:88:ee:c0:
8d:d7:38:bf:da:7b:6c:66:35:41:62:db:cc:0b:8a:61:4f:60:
4f:c5:18:ef:ac:74:24:8d:4a:4e:26:08:b3:b7:9c:fd:e6:80:
35:1d:81:78:46:c2:9e:21:0e:cc:74:9b:e6:a9:96:ff:a7:02:
c1:41:68:1b:08:17:22:36:c0:e0:c0:28:3d:9f:e7:e9:33:bd:
54:fe:f6:d0:d6:41:9d:6b:81:85:77:9e:42:1f:11:27:f5:bb:
61:2d:99:8e:5b:a7:09:2d:15:e5:58:be:46:ff:c3:b6:72:95:
5b:35:81:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXMRSFmHzzunmeWs7p7h5QUWeBAcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1M2Y0NDM1OTUzMWEzYjI1NjM5ODlkM2UzYjQ5NTY3YjkyNWE4Y2MzNTVl
ODk2M2FhMzYyMzU3Yzc5YTdmZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkgiA6fXVitGMvwlpyFgo16mmazpDvrhT5LSi8nFwICDI9rsCf9U7WplrXI
3ELJq78pyC+nHuJTy3UU7BW/M24UBgfvDiTDF3+5KhGALRiyDZUqD4CQu8qSyVyX
wMGk+K8KTwoaC73iQVWAWcfSzfsXnrp89vXnfyiy1PWGqxooq7wL2BpIeExbYbhy
kLUWQotb4q9fHh5f0b/4IEv8knwqWE+MYocBFViNoTt6Z1HGLzaEPPWVdvlho6Y1
yeWS7YfHFlX1WgSKDB2Q2A0VkCQkDRr4hk85w13gbckDrYuWkIxnhH9tO/t0VkWL
OM4AtHRLL4SFT5IGjzei+tnZWnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSXwflQ
6xHriqSY2hJbgIBr9iy3tTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJkMmQ1NmEtYjY5OS00YjMzLWExNTMtZmE4MjZiNmI4MGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABA
MA0GCSqGSIb3DQEBCwUAA4IBAQA2ET0jDwy3Wda3r0ZAo6I88J5rbA/KLYPtM47y
CVETTp2vwBX77KpHt3BUgAr7mf+vLmfEJcbbuX0F9gWhHmtgyM8kLmRz74pSCc81
136hvUDojMLpxgIEkWavkvIStd8A8JjBPuoLq7t6xd/OKo9DMqksxeEnJ6sZGcAB
IlwXxBN9Eko6Td1K5HaY2Q6I7sCN1zi/2ntsZjVBYtvMC4phT2BPxRjvrHQkjUpO
Jgizt5z95oA1HYF4RsKeIQ7MdJvmqZb/pwLBQWgbCBciNsDgwCg9n+fpM71U/vbQ
1kGda4GFd55CHxEn9bthLZmOW6cJLRXlWL5G/8O2cpVbNYH5
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:34 2025 by rpki-client