Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
File: dec4a7df-5727-45ab-92fb-7078e26fd54d.roa (raw, json)
Hash identifier: 5s8tWxDZRjb4sw0skwoO0v3nszxPGwBHcVkyMD4QI5g=
Subject key identifier: A9:70:8F:E4:2C:07:F1:07:70:87:75:F1:89:F2:46:E4:F3:6A:85:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1644346F3F958AD5E7E013855C8F7FDBD54F1E3F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
Signing time: Tue 20 May 2025 20:10:15 +0000
ROA not before: Tue 20 May 2025 20:10:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:44:34:6f:3f:95:8a:d5:e7:e0:13:85:5c:8f:7f:db:d5:4f:1e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1fe10d9ccf7fbda883b56862196d0dbd6b3cab3addf631f05b75891493c05012, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:37:42:c6:f3:39:e7:33:c4:75:ee:b1:c3:8e:
88:9a:09:a7:c8:bb:0c:36:2e:f1:be:24:ad:e7:43:
f6:a9:5a:b0:81:1f:47:f3:fe:1a:ba:a2:77:88:79:
61:6e:02:b4:aa:f7:c9:3a:f7:07:44:26:ac:04:9b:
08:21:5b:b1:33:97:28:b5:0a:10:33:03:60:05:a1:
df:39:51:ee:94:c0:f6:8d:ed:3f:1e:e4:25:57:98:
8c:77:54:7a:b9:ad:be:3b:f9:8c:d5:4b:71:12:e2:
09:9c:ed:82:77:9c:80:c3:56:90:f4:04:d2:72:61:
0e:69:25:3f:18:ee:89:7b:86:e6:d2:33:4e:d8:ba:
18:91:2a:e4:97:a0:fe:de:ce:aa:b2:87:f2:82:69:
3f:48:65:ab:45:b1:ab:91:ac:49:15:73:79:4e:05:
65:20:25:ec:6b:6e:b2:0a:5f:24:c6:7f:b0:a2:88:
55:bf:0b:18:c3:c6:b1:6c:79:ed:cd:64:62:5e:0e:
65:a6:4c:3b:1b:cc:9b:0b:2e:e1:86:ee:b5:0b:f9:
59:69:fe:3d:98:8a:93:5e:ea:ca:3f:5b:95:5a:5c:
37:6c:a1:e9:a8:02:86:d3:9e:7e:db:72:a5:a1:1c:
cb:bc:93:b4:b4:61:f9:fa:49:9b:d5:f2:5a:33:68:
ec:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:70:8F:E4:2C:07:F1:07:70:87:75:F1:89:F2:46:E4:F3:6A:85:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076::/32
Signature Algorithm: sha256WithRSAEncryption
b0:6b:75:49:e5:d1:cf:da:ee:4d:14:3d:cd:3d:27:1b:1a:1c:
1c:2c:e9:73:d9:97:25:af:0f:38:11:70:d3:37:d1:fd:e6:d1:
4d:5a:01:5c:bb:97:c7:df:f1:fe:ca:a2:72:d6:b6:34:07:f1:
b6:c1:c2:69:33:77:c8:8b:c8:56:7e:7e:5f:5c:49:22:4e:20:
f7:64:19:a4:97:03:8c:9b:b3:cb:a6:15:0c:d1:68:63:07:71:
38:8e:a6:16:76:94:03:c9:5d:af:8c:65:ae:99:fc:dd:62:41:
05:41:5b:4a:63:c0:2f:6e:79:20:8e:c3:2d:7c:ef:cb:a8:0a:
ea:55:58:52:df:ec:17:5a:39:76:ac:cc:94:36:dc:82:30:e3:
2a:0d:8b:64:f9:67:ff:a3:e8:b8:70:ba:8b:f1:83:85:0f:db:
d4:b3:99:bd:cf:cc:aa:98:d2:f2:aa:47:95:ae:f0:47:00:8c:
58:10:45:85:3d:e5:4d:2a:15:bd:b8:15:d0:0a:e3:d0:12:07:
02:51:a4:cc:0c:5a:e5:fd:79:8c:59:6f:1b:4b:9f:4f:a8:9f:
0a:21:76:51:a4:f2:36:92:5e:43:ea:fa:88:c4:8b:63:15:9d:
58:b1:33:08:88:58:07:e6:8e:cc:06:7f:b7:45:9d:ff:c9:01:
86:76:51:12
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUFkQ0bz+VitXn4BOFXI9/29VPHj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmZTEwZDljY2Y3ZmJkYTg4M2I1Njg2MjE5NmQwZGJkNmIzY2FiM2FkZGY2
MzFmMDViNzU4OTE0OTNjMDUwMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO43QsbzOeczxHXuscOOiJoJp8i7DDYu8b4kredD9qlasIEfR/P+Grqid4h5
YW4CtKr3yTr3B0QmrASbCCFbsTOXKLUKEDMDYAWh3zlR7pTA9o3tPx7kJVeYjHdU
ermtvjv5jNVLcRLiCZztgnecgMNWkPQE0nJhDmklPxjuiXuG5tIzTti6GJEq5Jeg
/t7OqrKH8oJpP0hlq0Wxq5GsSRVzeU4FZSAl7GtusgpfJMZ/sKKIVb8LGMPGsWx5
7c1kYl4OZaZMOxvMmwsu4YbutQv5WWn+PZiKk17qyj9blVpcN2yh6agChtOeftty
paEcy7yTtLRh+fpJm9XyWjNo7CkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSpcI/k
LAfxB3CHdfGJ8kbk82qFFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjNGE3ZGYtNTcyNy00NWFiLTkyZmItNzA3OGUyNmZkNTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HYw
DQYJKoZIhvcNAQELBQADggEBALBrdUnl0c/a7k0UPc09JxsaHBws6XPZlyWvDzgR
cNM30f3m0U1aAVy7l8ff8f7KonLWtjQH8bbBwmkzd8iLyFZ+fl9cSSJOIPdkGaSX
A4ybs8umFQzRaGMHcTiOphZ2lAPJXa+MZa6Z/N1iQQVBW0pjwC9ueSCOwy1878uo
CupVWFLf7BdaOXaszJQ23IIw4yoNi2T5Z/+j6Lhwuovxg4UP29Szmb3PzKqY0vKq
R5Wu8EcAjFgQRYU95U0qFb24FdAK49ASBwJRpMwMWuX9eYxZbxtLn0+onwohdlGk
8jaSXkPq+ojEi2MVnVixMwiIWAfmjswGf7dFnf/JAYZ2URI=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:24 2025 by rpki-client