Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/031fdd48-d66d-4cba-8375-4bf3f56ae206.roa
File: 031fdd48-d66d-4cba-8375-4bf3f56ae206.roa (raw, json)
Hash identifier: NAQIfltE19oTJU6AMeI1IOQryVKjKGEgQ4DRdZBrGNg=
Subject key identifier: 4C:0F:2A:80:88:68:A7:AB:6A:12:FE:65:86:15:5C:32:1B:DA:D2:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16C735015B993432DCE3B00BD8A91C25A6BE922E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/031fdd48-d66d-4cba-8375-4bf3f56ae206.roa
Signing time: Tue 20 May 2025 19:51:08 +0000
ROA not before: Tue 20 May 2025 19:51:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:c7:35:01:5b:99:34:32:dc:e3:b0:0b:d8:a9:1c:25:a6:be:92:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1449a671292bbe4b954e3179ae3caf99058ade1ae0dc1fe922faccecc8aedcf6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:59:e0:aa:5e:11:81:38:90:dd:cc:bc:a6:6e:
3d:d1:bf:71:e6:d3:7c:a0:84:3a:c7:d8:1c:98:50:
f2:f6:59:6d:33:b3:10:6e:82:f5:20:86:b1:60:e2:
d0:09:e2:e8:84:96:23:0d:94:44:d9:15:e8:98:f5:
88:47:11:15:5f:8a:5f:47:02:26:6e:45:f3:e7:a2:
40:9b:5d:50:31:ec:3d:dd:14:84:19:4a:5b:c8:b9:
d8:2a:47:52:0c:db:a4:73:9e:cb:61:40:45:66:5f:
d9:b6:f5:c1:d4:1e:8c:0b:2a:ef:61:84:41:e4:b6:
63:eb:71:ac:26:c3:11:b4:83:ae:e5:b1:77:7a:37:
13:f2:11:e2:aa:7e:6a:92:45:f5:08:08:31:ee:00:
fe:1c:9a:a6:40:39:be:e7:20:3c:c7:ae:3f:f8:e7:
2e:86:86:62:b2:ae:b0:3d:5b:d8:de:20:91:e1:13:
ea:0a:a3:9d:f8:db:11:bf:30:0c:55:40:22:c7:95:
b1:85:4c:27:8d:4c:c6:16:29:fb:c0:1b:f8:83:8b:
35:23:e5:e5:01:50:e7:4d:bb:82:65:0b:e8:4d:01:
12:6d:b8:cf:2e:56:20:fe:e3:d9:cd:4d:ad:ad:d3:
cf:3d:bf:ab:bc:d6:22:90:36:df:d1:1f:9b:03:80:
85:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:0F:2A:80:88:68:A7:AB:6A:12:FE:65:86:15:5C:32:1B:DA:D2:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/031fdd48-d66d-4cba-8375-4bf3f56ae206.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c080::/46
Signature Algorithm: sha256WithRSAEncryption
bb:72:6b:bf:b5:01:8d:dc:70:91:3d:98:dc:d7:e8:2b:3c:de:
8f:00:76:1a:13:85:ae:01:d9:30:c8:06:fe:5d:5b:ac:c3:95:
19:9c:2f:f2:40:aa:1c:af:6d:4a:81:39:e4:4d:11:2d:7a:c1:
2a:43:ff:59:c2:33:f1:0d:17:68:73:83:4f:6a:ae:56:51:12:
67:c3:36:e6:32:e7:43:1d:b9:df:55:83:ad:4e:a2:4a:1c:04:
06:7a:4f:5e:a0:50:1c:d4:5b:3d:75:13:fe:9b:ac:ae:0a:b8:
2f:5a:cb:f8:d9:dc:33:6f:42:0a:77:d2:9e:dc:e3:6a:e3:a7:
40:7d:49:ce:ca:68:2a:4f:fa:9b:30:7b:0d:52:de:83:f4:17:
5f:f6:a4:88:56:c7:3d:54:4f:54:3d:59:e7:b8:d5:83:ae:4b:
85:6c:58:3a:b8:ca:da:a5:3e:a4:a7:87:b0:17:bd:86:c0:46:
aa:17:7f:f7:a4:2f:af:84:40:11:3b:ee:ee:7a:55:03:be:50:
a1:db:6c:c9:d8:27:fa:23:8c:91:a8:c0:5f:89:07:d3:75:5b:
00:f1:91:02:71:58:d4:a3:22:eb:01:9c:2f:2c:c0:7e:07:0d:
fb:d2:b3:c9:4b:d9:0d:78:91:8f:38:df:a5:b7:4c:8a:30:5b:
3f:fd:fa:de
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFsc1AVuZNDLc47AL2KkcJaa+ki4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0NDlhNjcxMjkyYmJlNGI5NTRlMzE3OWFlM2NhZjk5MDU4YWRlMWFlMGRj
MWZlOTIyZmFjY2VjYzhhZWRjZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpZ4KpeEYE4kN3MvKZuPdG/cebTfKCEOsfYHJhQ8vZZbTOzEG6C9SCGsWDi
0Ani6ISWIw2URNkV6Jj1iEcRFV+KX0cCJm5F8+eiQJtdUDHsPd0UhBlKW8i52CpH
UgzbpHOey2FARWZf2bb1wdQejAsq72GEQeS2Y+txrCbDEbSDruWxd3o3E/IR4qp+
apJF9QgIMe4A/hyapkA5vucgPMeuP/jnLoaGYrKusD1b2N4gkeET6gqjnfjbEb8w
DFVAIseVsYVMJ41MxhYp+8Ab+IOLNSPl5QFQ5027gmUL6E0BEm24zy5WIP7j2c1N
ra3Tzz2/q7zWIpA239EfmwOAhZ0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMDyqA
iGinq2oS/mWGFVwyG9rS3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDMxZmRkNDgtZDY2ZC00Y2JhLTgzNzUtNGJmM2Y1NmFlMjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HfA
gDANBgkqhkiG9w0BAQsFAAOCAQEAu3Jrv7UBjdxwkT2Y3NfoKzzejwB2GhOFrgHZ
MMgG/l1brMOVGZwv8kCqHK9tSoE55E0RLXrBKkP/WcIz8Q0XaHODT2quVlESZ8M2
5jLnQx2531WDrU6iShwEBnpPXqBQHNRbPXUT/pusrgq4L1rL+NncM29CCnfSntzj
auOnQH1JzspoKk/6mzB7DVLeg/QXX/akiFbHPVRPVD1Z57jVg65LhWxYOrjK2qU+
pKeHsBe9hsBGqhd/96Qvr4RAETvu7npVA75Qodtsydgn+iOMkajAX4kH03VbAPGR
AnFY1KMi6wGcLyzAfgcN+9KzyUvZDXiRjzjfpbdMijBbP/363g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:22 2025 by rpki-client