Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
File: 27140a0d-612c-4da4-a60a-55c28faff6fe.roa (raw, json)
Hash identifier: BN8QJpi1dOUPJ6sTcfio5kWtE11/gXpFtb2wSg9m46A=
Subject key identifier: 14:B0:68:55:2B:60:BF:22:53:91:3A:4C:86:11:38:BC:B0:D8:BA:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7318C27B0CED8003F5B0A48F01D95605250CECA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
Signing time: Tue 17 Jun 2025 00:40:52 +0000
ROA not before: Tue 17 Jun 2025 00:40:52 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:18:c2:7b:0c:ed:80:03:f5:b0:a4:8f:01:d9:56:05:25:0c:ec:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:52 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=61ba70eeecec408487e620877a894e51332aeb9fe1977886add72355a51a8d79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b8:96:19:4a:ae:f9:e8:36:e7:c6:3a:28:57:
c0:53:fd:51:a4:3e:5b:78:37:98:3c:27:25:d4:6b:
99:e7:ad:71:cb:2b:70:c9:06:92:ed:14:a4:b1:3a:
13:92:72:4e:db:60:47:26:26:df:35:07:d4:49:06:
34:7a:07:4a:60:7d:09:28:90:dd:84:21:98:3e:52:
ea:f4:b5:2c:79:c9:6c:38:f2:a6:04:5c:57:b0:a3:
66:fa:c9:5d:81:74:d4:c7:6e:40:43:02:e2:32:78:
5e:24:96:cd:4a:82:d4:a7:e6:0e:7d:7b:10:f9:46:
6d:93:b0:9a:2a:ac:a0:48:40:d6:11:6b:b9:01:38:
7b:f2:14:28:1a:38:6c:53:9a:da:6d:83:ca:6d:df:
2a:ee:5d:21:ed:93:a0:af:85:d6:c0:1d:cc:8c:44:
8a:0d:a4:d0:64:6a:50:7f:99:b2:45:b9:5d:e8:a8:
14:1a:23:83:59:6e:09:eb:39:76:86:03:d1:84:2f:
b0:a8:f4:dc:91:72:92:52:ec:9e:ca:49:ae:1f:2d:
80:4f:3f:6a:fd:db:24:b1:8c:b0:92:5b:0e:cb:67:
92:fd:62:d6:2e:89:7b:5f:39:d9:d4:92:07:36:dc:
83:5b:50:12:07:f5:cf:93:66:7f:85:77:c2:eb:33:
44:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B0:68:55:2B:60:BF:22:53:91:3A:4C:86:11:38:BC:B0:D8:BA:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:d9:59:e5:fa:af:17:5c:a7:da:f1:6b:db:b1:42:db:fe:f5:
3c:f5:50:3e:43:5c:01:1d:6b:98:9d:e1:e6:f0:39:c0:ca:c4:
d4:52:ca:bd:28:33:b8:06:b2:64:20:13:8f:e9:cd:89:91:9c:
a4:16:e1:20:5e:54:79:ba:6b:36:ae:a0:06:89:81:a8:46:e1:
f0:a3:91:32:14:50:fa:d3:e2:39:61:d3:d1:e5:96:92:c8:fe:
d6:2d:fe:0b:df:ed:9d:ed:48:06:88:cd:aa:b0:37:28:1e:1a:
f4:9d:fb:a2:72:90:ef:2c:75:f9:49:e1:0b:c0:5b:8b:5f:16:
35:0e:1b:6f:a8:c7:ee:59:4e:14:c0:69:20:58:ab:c8:8f:03:
f9:c8:3e:39:ab:d4:ec:d6:b7:05:0a:c4:ba:b4:19:ec:8c:fb:
f3:3a:e1:fe:39:d2:3a:2d:70:a1:04:48:32:98:df:a8:6b:31:
d0:c4:50:1e:01:21:df:b5:65:8f:ae:ca:ae:6e:02:46:80:b5:
71:a8:75:69:9c:6b:79:a4:b5:79:cf:ff:46:aa:40:4c:ee:70:
4a:04:95:9b:b1:7d:de:8f:e8:3c:63:01:61:05:25:55:c6:fe:
fe:d9:45:35:13:76:4f:87:23:23:b6:23:42:f7:2a:9f:79:db:
82:8f:9a:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcxjCewztgAP1sKSPAdlWBSUM7KMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwNTJaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxYmE3MGVlZWNlYzQwODQ4N2U2MjA4NzdhODk0ZTUxMzMyYWViOWZlMTk3
Nzg4NmFkZDcyMzU1YTUxYThkNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+4lhlKrvnoNufGOihXwFP9UaQ+W3g3mDwnJdRrmeetccsrcMkGku0UpLE6
E5JyTttgRyYm3zUH1EkGNHoHSmB9CSiQ3YQhmD5S6vS1LHnJbDjypgRcV7CjZvrJ
XYF01MduQEMC4jJ4XiSWzUqC1KfmDn17EPlGbZOwmiqsoEhA1hFruQE4e/IUKBo4
bFOa2m2Dym3fKu5dIe2ToK+F1sAdzIxEig2k0GRqUH+ZskW5XeioFBojg1luCes5
doYD0YQvsKj03JFyklLsnspJrh8tgE8/av3bJLGMsJJbDstnkv1i1i6Je1852dSS
Bzbcg1tQEgf1z5Nmf4V3wuszRD0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQUsGhV
K2C/IlOROkyGETi8sNi6LDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjcxNDBhMGQtNjEyYy00ZGE0LWE2MGEtNTVjMjhmYWZmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAb2Vnl+q8XXKfa8WvbsULb/vU89VA+Q1wBHWuY
neHm8DnAysTUUsq9KDO4BrJkIBOP6c2JkZykFuEgXlR5ums2rqAGiYGoRuHwo5Ey
FFD60+I5YdPR5ZaSyP7WLf4L3+2d7UgGiM2qsDcoHhr0nfuicpDvLHX5SeELwFuL
XxY1DhtvqMfuWU4UwGkgWKvIjwP5yD45q9Ts1rcFCsS6tBnsjPvzOuH+OdI6LXCh
BEgymN+oazHQxFAeASHftWWPrsqubgJGgLVxqHVpnGt5pLV5z/9GqkBM7nBKBJWb
sX3ej+g8YwFhBSVVxv7+2UU1E3ZPhyMjtiNC9yqfeduCj5pZ
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:23:46 2025 by rpki-client