Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
File: fc452689-b0a6-4816-a48a-8c8854d225f8.roa (raw, json)
Hash identifier: 82hCDxbOhQJh15iAt8YIQOMrLaVUkLaa814SVA7UKrc=
Subject key identifier: CF:1F:55:DA:9E:77:DF:E7:45:69:FE:7A:90:F2:98:D2:27:05:07:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1484FFBCE9D0133679A56AEC0BAF4647E03C5ECD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
Signing time: Tue 03 Jun 2025 20:53:52 +0000
ROA not before: Tue 03 Jun 2025 20:53:52 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:84:ff:bc:e9:d0:13:36:79:a5:6a:ec:0b:af:46:47:e0:3c:5e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 20:53:52 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=1e536b2d6ff812afe6d53629521f233790f28a931f9dcd45591f14a92b466b52, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cd:56:78:94:fd:01:ed:31:d8:70:9a:6e:cf:
1e:64:30:d4:8b:0f:29:e1:a8:ac:26:89:f2:50:4c:
d0:73:fc:30:2d:2a:c9:33:c3:b2:b4:b1:e2:b6:fd:
71:b1:94:05:11:18:3f:3f:24:92:36:d3:6a:31:f2:
3a:f7:12:cb:87:eb:41:a3:63:5d:93:5a:8c:7d:ed:
b7:a0:e1:b1:4f:09:cd:34:72:37:99:52:11:f7:9c:
e2:4f:5a:e1:e6:c8:53:1a:38:8b:a9:f2:59:de:c6:
b0:9a:ad:bf:82:4a:d1:c3:b3:21:40:b4:88:15:a0:
40:01:f3:25:d1:6e:43:c2:30:13:6e:11:eb:bc:52:
a6:c2:65:92:7c:b4:ac:15:b8:81:33:de:8f:fe:6b:
53:2b:1d:54:47:9b:35:39:4b:c5:f6:04:d8:23:54:
27:99:39:43:46:22:bd:19:28:0f:77:34:fd:b2:15:
a9:e8:db:2a:cb:a8:70:05:5a:d3:11:ca:eb:a6:f1:
83:fc:17:2b:8a:a3:44:c5:fe:1b:73:ff:bb:43:6d:
22:b1:b9:27:0b:a5:51:fc:f0:8f:2e:b3:4b:69:48:
07:ad:1b:ee:e6:6c:dc:84:5f:ca:de:80:1e:57:0b:
8f:2d:74:a6:6c:64:e4:9b:cf:2f:3d:c9:28:1d:1a:
da:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1F:55:DA:9E:77:DF:E7:45:69:FE:7A:90:F2:98:D2:27:05:07:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
61:90:55:34:c8:1d:d2:a3:8a:ff:43:ab:be:e3:91:34:a5:68:
c2:f0:97:5b:c8:03:fd:d0:22:8b:f9:17:09:d1:85:eb:51:54:
86:09:d7:3e:8a:d0:f8:9a:7d:e4:a4:30:66:ad:f5:09:8b:b8:
86:73:90:25:a2:e6:7e:09:eb:34:a7:a5:31:b7:d2:56:f2:97:
65:02:9f:2f:7f:42:fa:51:3d:c6:c2:33:21:ca:44:f0:8a:e0:
4e:b9:fb:94:1b:00:09:44:dc:94:5a:3d:0d:5d:a0:5f:b0:db:
6e:38:84:a5:67:09:6e:a0:20:3c:03:8c:69:36:26:5b:dd:7b:
0b:96:c5:6e:89:34:69:d9:93:cc:77:e1:d7:b8:f8:a8:6f:e4:
7f:7f:ec:a0:2a:c8:33:3d:ee:15:7f:1e:ee:cd:98:f7:bf:11:
2a:d9:3a:85:d9:da:78:18:5d:a6:a7:a2:3c:1d:3d:d6:25:4c:
45:79:d7:fd:5c:09:26:15:dc:7a:33:1f:77:2b:fd:8f:e8:01:
e1:29:be:c1:96:34:8f:7e:20:d9:85:4c:2b:01:30:5b:7c:c7:
1d:86:2f:3d:85:51:c5:41:1d:91:d6:12:20:f0:80:66:3f:74:
6b:95:67:57:64:33:42:a9:94:20:82:8e:31:dd:d6:c7:b9:7b:
cc:ee:e3:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFIT/vOnQEzZ5pWrsC69GR+A8Xs0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMyMDUzNTJaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlNTM2YjJkNmZmODEyYWZlNmQ1MzYyOTUyMWYyMzM3OTBmMjhhOTMxZjlk
Y2Q0NTU5MWYxNGE5MmI0NjZiNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/NVniU/QHtMdhwmm7PHmQw1IsPKeGorCaJ8lBM0HP8MC0qyTPDsrSx4rb9
cbGUBREYPz8kkjbTajHyOvcSy4frQaNjXZNajH3tt6DhsU8JzTRyN5lSEfec4k9a
4ebIUxo4i6nyWd7GsJqtv4JK0cOzIUC0iBWgQAHzJdFuQ8IwE24R67xSpsJlkny0
rBW4gTPej/5rUysdVEebNTlLxfYE2CNUJ5k5Q0YivRkoD3c0/bIVqejbKsuocAVa
0xHK66bxg/wXK4qjRMX+G3P/u0NtIrG5JwulUfzwjy6zS2lIB60b7uZs3IRfyt6A
HlcLjy10pmxk5JvPLz3JKB0a2n8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPH1Xa
nnff50Vp/nqQ8pjSJwUHrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0NTI2ODktYjBhNi00ODE2LWE0OGEtOGM4ODU0ZDIyNWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQBhkFU0yB3So4r/Q6u+45E0pWjC8JdbyAP90CKL
+RcJ0YXrUVSGCdc+itD4mn3kpDBmrfUJi7iGc5AlouZ+Ces0p6Uxt9JW8pdlAp8v
f0L6UT3GwjMhykTwiuBOufuUGwAJRNyUWj0NXaBfsNtuOISlZwluoCA8A4xpNiZb
3XsLlsVuiTRp2ZPMd+HXuPiob+R/f+ygKsgzPe4Vfx7uzZj3vxEq2TqF2dp4GF2m
p6I8HT3WJUxFedf9XAkmFdx6Mx93K/2P6AHhKb7BljSPfiDZhUwrATBbfMcdhi89
hVHFQR2R1hIg8IBmP3RrlWdXZDNCqZQggo4x3dbHuXvM7uNF
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:14:01 2025 by rpki-client