Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
File: e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa (raw, json)
Hash identifier: twZG3CzwzBM0NWgwD+DtKjKFopUyLlGF8a7HdMaB7EA=
Subject key identifier: B2:D8:D4:8A:7B:37:EB:13:38:8C:BD:2F:DC:1E:B8:1C:9F:7D:C9:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 784C9F468D391FE9A45EA471ED2C5CD807B11486
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
Signing time: Tue 13 May 2025 18:30:20 +0000
ROA not before: Tue 13 May 2025 18:30:20 +0000
ROA not after: Tue 17 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:4c:9f:46:8d:39:1f:e9:a4:5e:a4:71:ed:2c:5c:d8:07:b1:14:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 13 18:30:20 2025 GMT
Not After : Jun 17 23:59:59 2025 GMT
Subject: serialNumber=76be7fb402b53547cea30cb2f8e8f4fcd76db43e5d14350c304fe3d79ff26419, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e0:88:a1:3d:72:78:f8:bd:15:b8:22:c0:39:
0f:7a:17:6c:5d:11:f9:ba:42:01:7c:60:5f:d8:db:
1f:5e:0a:b5:8c:b9:69:7b:24:26:bc:a8:a3:4a:fe:
db:d6:a1:86:a8:c9:7f:ec:5e:13:bc:49:f3:a2:37:
3a:77:40:81:2c:27:db:e3:d5:76:c3:8c:83:14:39:
2b:79:f5:9f:4e:ef:67:23:76:b6:94:09:20:4c:a7:
0c:07:3f:54:9e:a9:0e:70:57:71:f8:99:b4:b2:c2:
50:ee:7f:55:44:d9:49:30:e7:86:3a:a2:cb:a9:24:
4d:f6:da:77:f0:b1:87:71:19:5e:d1:ad:df:fc:8f:
3f:24:85:7d:da:21:b9:e0:e6:81:8c:a2:88:80:a7:
30:86:27:aa:c9:a4:de:b0:0c:80:3e:b3:b3:cc:ca:
78:0c:ae:c7:f9:e3:49:16:75:ff:50:62:16:6f:eb:
0a:18:2e:e4:67:0c:be:7d:ee:dd:3e:3d:2f:4b:e3:
c8:52:53:4f:28:5a:e2:20:9c:43:99:be:d2:8c:dd:
d9:22:2c:5c:db:03:1f:96:3b:82:02:b4:f6:5a:6c:
06:14:4b:55:df:25:07:26:d1:c6:6c:1e:fc:7e:c2:
08:0f:f8:d6:76:95:4b:51:58:e9:55:1f:98:30:4d:
34:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D8:D4:8A:7B:37:EB:13:38:8C:BD:2F:DC:1E:B8:1C:9F:7D:C9:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:98:34:98:f2:6f:19:65:09:64:bf:ad:ed:8f:b5:de:0e:96:
bc:fb:bc:2f:91:41:2d:f9:36:be:88:6c:d8:e3:99:5f:76:9e:
01:b7:34:3e:32:d9:53:ba:e5:06:f0:03:74:3d:cf:a6:7e:6e:
74:48:8c:cb:40:83:87:aa:56:e7:2c:42:68:f7:66:42:65:bc:
61:be:8f:59:53:74:79:d8:91:ec:93:48:64:d8:74:9c:c3:74:
99:72:55:ac:08:30:0d:ca:e7:2f:78:a3:49:16:2b:e3:9c:31:
3b:eb:bd:f8:99:92:70:4a:c4:c6:34:85:34:72:41:21:77:60:
4f:9f:b9:23:b3:ef:ce:8e:d3:93:af:7c:5c:49:95:28:78:67:
6c:69:ec:30:a1:d9:9e:a6:2e:bd:b6:cc:e5:37:8b:f3:11:09:
2c:70:44:bd:d1:aa:33:7b:47:47:7d:e0:4a:41:d7:f0:4b:39:
59:f3:0a:38:2e:4d:b7:00:7e:d6:fa:34:5c:a8:d3:12:2d:b0:
70:01:79:72:08:38:45:bd:84:d9:15:a0:b8:e3:90:2e:a5:3e:
15:a6:f5:99:08:15:e0:94:ca:4b:02:b0:a2:29:c0:96:0b:27:
28:69:42:26:32:00:ad:c1:21:13:e4:01:82:ce:0b:f1:87:78:
0d:3c:0e:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeEyfRo05H+mkXqRx7Sxc2AexFIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTMxODMwMjBaFw0yNTA2MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2YmU3ZmI0MDJiNTM1NDdjZWEzMGNiMmY4ZThmNGZjZDc2ZGI0M2U1ZDE0
MzUwYzMwNGZlM2Q3OWZmMjY0MTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7giKE9cnj4vRW4IsA5D3oXbF0R+bpCAXxgX9jbH14KtYy5aXskJryoo0r+
29ahhqjJf+xeE7xJ86I3OndAgSwn2+PVdsOMgxQ5K3n1n07vZyN2tpQJIEynDAc/
VJ6pDnBXcfiZtLLCUO5/VUTZSTDnhjqiy6kkTfbad/Cxh3EZXtGt3/yPPySFfdoh
ueDmgYyiiICnMIYnqsmk3rAMgD6zs8zKeAyux/njSRZ1/1BiFm/rChgu5GcMvn3u
3T49L0vjyFJTTyha4iCcQ5m+0ozd2SIsXNsDH5Y7ggK09lpsBhRLVd8lBybRxmwe
/H7CCA/41naVS1FY6VUfmDBNNL8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSy2NSK
ezfrEziMvS/cHrgcn33JDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTYxNWZlYTMtMzgyNi00YzU5LTk1NzQtNzJmYjZjYzhmMmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hag
MA0GCSqGSIb3DQEBCwUAA4IBAQDBmDSY8m8ZZQlkv63tj7XeDpa8+7wvkUEt+Ta+
iGzY45lfdp4BtzQ+MtlTuuUG8AN0Pc+mfm50SIzLQIOHqlbnLEJo92ZCZbxhvo9Z
U3R52JHsk0hk2HScw3SZclWsCDANyucveKNJFivjnDE76734mZJwSsTGNIU0ckEh
d2BPn7kjs+/OjtOTr3xcSZUoeGdsaewwodmepi69tszlN4vzEQkscES90aoze0dH
feBKQdfwSzlZ8wo4Lk23AH7W+jRcqNMSLbBwAXlyCDhFvYTZFaC445AupT4VpvWZ
CBXglMpLArCiKcCWCycoaUImMgCtwSET5AGCzgvxh3gNPA6P
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:57 2025 by rpki-client