Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0849241f-abaf-4c57-aadb-d881485a0aac.roa
File: 0849241f-abaf-4c57-aadb-d881485a0aac.roa (raw, json)
Hash identifier: 5PkMMyIgXDlbaE+/IPWgIJk976PGbDJ9gvFpwoXijd4=
Subject key identifier: 16:E5:FE:55:9D:7B:7D:CA:2F:6C:46:5D:F0:B9:EC:74:7E:99:47:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15923B985D31E2563571C130A7AAB38AE931F001
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0849241f-abaf-4c57-aadb-d881485a0aac.roa
Signing time: Tue 20 May 2025 20:21:14 +0000
ROA not before: Tue 20 May 2025 20:21:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:92:3b:98:5d:31:e2:56:35:71:c1:30:a7:aa:b3:8a:e9:31:f0:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b441fee89ba032f155c9119e1ec5aada1a7a4474167043cc9d421756cbf6f5a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a1:38:7c:d6:e4:95:0a:56:4c:79:94:05:84:
33:f3:9e:2e:41:2e:eb:5f:d8:15:7b:e7:5f:f7:b9:
c1:c4:50:11:1e:16:3e:58:f0:51:59:bd:cf:71:6c:
1e:f3:a5:da:c5:f6:ae:47:e6:40:37:79:19:5f:63:
bd:9d:2b:ab:81:96:47:14:dd:c4:9d:84:6d:92:85:
56:71:44:27:20:59:a5:64:cc:28:c6:a4:a7:45:40:
20:8f:e8:07:76:e9:f9:65:f7:5e:8b:50:78:ec:b3:
85:04:4f:f9:05:6f:9d:df:e3:28:74:4c:94:d8:62:
9a:bf:81:c2:5d:b7:20:14:a2:ec:58:5c:25:50:71:
e6:86:03:7a:18:14:2c:9e:a3:ff:d9:d6:39:75:0a:
03:c3:7b:c5:30:5c:18:b4:8f:d5:f7:0d:62:59:38:
47:65:f1:6a:9e:e0:0b:9f:7f:39:a2:aa:1f:32:53:
ba:75:db:90:35:51:9e:10:f0:be:ae:57:23:78:15:
c4:d9:38:50:30:95:94:b6:5a:5e:d0:38:66:de:0e:
a0:ce:a1:77:12:fe:59:d8:fb:0c:63:11:04:83:16:
64:2a:6b:4d:0c:9c:37:cf:79:ab:14:16:f5:5f:59:
8b:26:01:aa:e2:32:aa:56:9c:13:a4:1d:31:fe:a2:
4a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:E5:FE:55:9D:7B:7D:CA:2F:6C:46:5D:F0:B9:EC:74:7E:99:47:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0849241f-abaf-4c57-aadb-d881485a0aac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/38
Signature Algorithm: sha256WithRSAEncryption
b1:5a:c3:96:2a:ae:e9:46:6c:ad:80:f8:79:ec:1f:20:73:a8:
ff:55:08:1a:d0:cf:ae:9d:d6:c5:ce:88:0a:c6:35:45:93:df:
69:59:61:5f:f0:26:38:91:1f:16:7a:2e:8a:0e:2a:d9:78:03:
55:9a:12:ad:3e:d4:60:8e:bb:bd:eb:ac:49:6b:19:37:0d:8a:
99:30:cf:90:02:b3:ef:93:a3:e2:8f:e0:1b:50:eb:98:6c:d0:
82:7b:90:19:eb:d6:52:04:80:53:20:dd:15:a0:24:e3:63:63:
cf:bc:fd:94:e1:ae:15:1c:7b:3d:25:b7:32:cc:ce:33:70:4a:
5d:14:fc:fc:c3:a3:fb:7c:46:95:dc:9f:38:77:32:56:73:b6:
8c:8f:5d:dc:2a:ca:f9:b2:db:ec:20:3a:cc:e2:30:9c:33:cb:
dd:aa:7a:bb:0f:69:35:52:87:2b:d3:e7:43:8f:f8:b7:bc:51:
dd:27:4c:cd:98:6e:05:5e:3e:f8:4f:9b:43:24:48:90:39:07:
15:9d:6c:06:bd:46:2a:2a:93:05:84:48:88:55:2e:7f:d5:27:
99:fe:4b:f1:d5:a9:55:1c:36:21:ae:b1:ca:d6:5d:90:d4:4d:
bd:8c:2e:2f:64:2b:f6:82:32:36:a5:0b:ec:e1:df:ac:d4:6d:
da:f0:c5:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFZI7mF0x4lY1ccEwp6qziukx8AEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NDFmZWU4OWJhMDMyZjE1NWM5MTE5ZTFlYzVhYWRhMWE3YTQ0NzQxNjcw
NDNjYzlkNDIxNzU2Y2JmNmY1YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyhOHzW5JUKVkx5lAWEM/OeLkEu61/YFXvnX/e5wcRQER4WPljwUVm9z3Fs
HvOl2sX2rkfmQDd5GV9jvZ0rq4GWRxTdxJ2EbZKFVnFEJyBZpWTMKMakp0VAII/o
B3bp+WX3XotQeOyzhQRP+QVvnd/jKHRMlNhimr+Bwl23IBSi7FhcJVBx5oYDehgU
LJ6j/9nWOXUKA8N7xTBcGLSP1fcNYlk4R2Xxap7gC59/OaKqHzJTunXbkDVRnhDw
vq5XI3gVxNk4UDCVlLZaXtA4Zt4OoM6hdxL+Wdj7DGMRBIMWZCprTQycN895qxQW
9V9ZiyYBquIyqlacE6QdMf6iSrECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQW5f5V
nXt9yi9sRl3wuex0fplH3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDg0OTI0MWYtYWJhZi00YzU3LWFhZGItZDg4MTQ4NWEwYWFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQCxWsOWKq7pRmytgPh57B8gc6j/VQga0M+undbF
zogKxjVFk99pWWFf8CY4kR8Wei6KDirZeANVmhKtPtRgjru966xJaxk3DYqZMM+Q
ArPvk6Pij+AbUOuYbNCCe5AZ69ZSBIBTIN0VoCTjY2PPvP2U4a4VHHs9JbcyzM4z
cEpdFPz8w6P7fEaV3J84dzJWc7aMj13cKsr5stvsIDrM4jCcM8vdqnq7D2k1Uocr
0+dDj/i3vFHdJ0zNmG4FXj74T5tDJEiQOQcVnWwGvUYqKpMFhEiIVS5/1SeZ/kvx
1alVHDYhrrHK1l2Q1E29jC4vZCv2gjI2pQvs4d+s1G3a8MXn
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:46 2025 by rpki-client