Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
File: 09a66d07-54a4-4c26-8a49-e43710070e4d.roa (raw, json)
Hash identifier: p2v0GgBfE61Mjbx5GncLaQDZU2eMxJTt8eWwdlT7bco=
Subject key identifier: 3A:1C:8C:80:00:50:93:2C:49:11:A5:4A:FD:EE:B9:31:A2:AE:C8:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AF767F87D5AC1B6A21328C674A7D52029711610
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
Signing time: Tue 20 May 2025 19:00:54 +0000
ROA not before: Tue 20 May 2025 19:00:54 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:f7:67:f8:7d:5a:c1:b6:a2:13:28:c6:74:a7:d5:20:29:71:16:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:54 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cbbb59f58b77b73e30020222349eafe017e0ba0b524a2fcdb30c4ee3aa756ba4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:40:60:00:b7:dd:74:1a:b9:ed:c5:3c:68:74:
1c:bd:24:b8:01:b8:60:8a:01:ca:f3:f9:64:40:9a:
8b:81:78:f6:58:08:42:73:3d:89:ef:30:68:2f:bc:
1d:5a:3c:29:d4:08:00:bb:16:b8:d5:fd:31:b8:91:
c2:8d:6a:cb:a2:ee:7c:70:97:fc:57:d4:bd:da:63:
30:0c:1a:fd:3a:99:ca:b8:09:05:ac:fd:45:9a:6c:
8a:78:4b:be:f8:1f:b8:c7:2e:f1:29:b9:3d:a2:57:
12:6d:bc:58:9e:c9:25:b4:c4:80:13:9b:81:9f:88:
e1:af:84:30:f7:e8:25:b4:80:d1:b2:02:bd:b0:ff:
44:e9:a7:48:1b:99:a1:21:62:07:d1:6c:89:5f:e4:
f1:78:c1:56:bb:42:97:7c:d2:e7:3e:d6:ba:bf:f4:
8f:b0:68:d6:bb:9a:7f:7d:83:b0:15:99:ce:5a:33:
a0:17:d4:6c:b8:2e:6c:7a:72:e1:00:6d:c3:97:98:
4e:fc:51:78:83:1f:79:1e:52:86:2e:e6:a1:89:49:
51:00:96:8a:80:23:02:7c:3e:03:2a:a8:4e:67:99:
36:07:72:19:f9:a4:88:15:27:c8:f9:08:dd:e5:8a:
74:6b:bc:36:b0:96:fb:63:8e:48:9f:41:5c:5c:4e:
5a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1C:8C:80:00:50:93:2C:49:11:A5:4A:FD:EE:B9:31:A2:AE:C8:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1080::/48
Signature Algorithm: sha256WithRSAEncryption
36:71:0a:99:f8:98:ea:5c:67:61:6d:b0:ad:83:04:41:39:c6:
e6:2d:51:70:24:0d:2c:5e:ed:a2:41:18:55:3e:14:67:79:5c:
ea:c0:5c:05:4c:f6:82:73:b8:94:88:dd:b8:89:ed:f2:cd:02:
3a:a6:9a:0d:e0:a5:49:f4:af:4e:24:12:7a:24:3e:84:ed:d0:
91:59:c9:16:51:97:e7:49:ca:c8:75:51:e8:87:6e:51:10:c8:
dc:b4:64:df:f0:99:98:ce:24:76:63:df:a8:61:1e:fa:6e:0f:
6c:4a:ed:4b:3a:5c:48:13:55:4a:a7:64:cc:a8:01:ef:3c:61:
5b:64:e3:07:88:3b:81:f1:f2:b2:c6:f7:19:27:72:b8:e8:03:
fc:36:8f:8d:be:26:72:33:8a:ac:99:70:2a:a2:e1:de:aa:0b:
f5:32:2b:a5:da:8e:7b:d2:e7:f7:db:5c:c6:fd:9c:e1:5d:cf:
33:86:43:d1:50:57:36:fa:3f:0f:3d:0d:84:ca:5a:11:e1:c5:
b4:d6:ca:bd:5d:06:21:c2:53:d6:e4:68:26:69:a6:6d:5e:e0:
ac:e2:de:24:98:bc:9b:c0:1f:4c:44:0d:82:98:3c:2b:83:12:
fb:ff:82:54:2f:ca:88:48:d9:f5:05:9f:dd:96:24:26:41:20:
dc:54:92:c3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSvdn+H1awbaiEyjGdKfVIClxFhAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwNTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYmI1OWY1OGI3N2I3M2UzMDAyMDIyMjM0OWVhZmUwMTdlMGJhMGI1MjRh
MmZjZGIzMGM0ZWUzYWE3NTZiYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVAYAC33XQaue3FPGh0HL0kuAG4YIoByvP5ZECai4F49lgIQnM9ie8waC+8
HVo8KdQIALsWuNX9MbiRwo1qy6LufHCX/FfUvdpjMAwa/TqZyrgJBaz9RZpsinhL
vvgfuMcu8Sm5PaJXEm28WJ7JJbTEgBObgZ+I4a+EMPfoJbSA0bICvbD/ROmnSBuZ
oSFiB9FsiV/k8XjBVrtCl3zS5z7Wur/0j7Bo1ruaf32DsBWZzlozoBfUbLgubHpy
4QBtw5eYTvxReIMfeR5Shi7moYlJUQCWioAjAnw+AyqoTmeZNgdyGfmkiBUnyPkI
3eWKdGu8NrCW+2OOSJ9BXFxOWjcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ6HIyA
AFCTLEkRpUr97rkxoq7IrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlhNjZkMDctNTRhNC00YzI2LThhNDktZTQzNzEwMDcwZTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
gDANBgkqhkiG9w0BAQsFAAOCAQEANnEKmfiY6lxnYW2wrYMEQTnG5i1RcCQNLF7t
okEYVT4UZ3lc6sBcBUz2gnO4lIjduInt8s0COqaaDeClSfSvTiQSeiQ+hO3QkVnJ
FlGX50nKyHVR6IduURDI3LRk3/CZmM4kdmPfqGEe+m4PbErtSzpcSBNVSqdkzKgB
7zxhW2TjB4g7gfHyssb3GSdyuOgD/DaPjb4mcjOKrJlwKqLh3qoL9TIrpdqOe9Ln
99tcxv2c4V3PM4ZD0VBXNvo/Dz0NhMpaEeHFtNbKvV0GIcJT1uRoJmmmbV7grOLe
JJi8m8AfTEQNgpg8K4MS+/+CVC/KiEjZ9QWf3ZYkJkEg3FSSww==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:50 2025 by rpki-client