Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json)
Hash identifier: /XVMZLCfK+L7Qk5gBZjgxdjXA3UvpTJ1Jdy0v65GOYk=
Subject key identifier: BA:3B:0E:41:74:51:76:1C:3C:A6:10:1B:62:9E:26:97:DB:29:5C:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70170CD2FE747D9986C43AE1D66C96798D8FFF18
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
Signing time: Tue 20 May 2025 18:50:20 +0000
ROA not before: Tue 20 May 2025 18:50:20 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:17:0c:d2:fe:74:7d:99:86:c4:3a:e1:d6:6c:96:79:8d:8f:ff:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:20 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=82955ec3f468dec6d97d02faef737dadf299de8712d7b049804492282b6c6b84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:29:fb:50:31:53:8e:2c:56:15:f5:62:db:e0:
34:08:a7:67:19:69:c6:43:65:4e:ae:7c:b1:f2:18:
28:c1:a4:42:d8:42:80:14:62:16:8a:ca:08:25:2a:
35:64:0a:f4:a8:41:4b:3d:4a:a6:91:27:17:05:15:
fd:87:0d:63:01:f0:41:bf:b0:2b:26:d8:a9:dc:26:
5f:81:af:d0:ba:a6:9b:70:25:bd:3a:90:cc:6c:49:
d9:41:9a:0a:8a:e1:4d:91:35:41:79:fd:9c:19:02:
1e:75:5e:46:15:0e:d3:2c:40:52:7b:c8:56:98:9e:
6a:03:6d:9e:c3:00:ad:96:cc:93:41:b8:1f:2e:c2:
19:4f:80:17:27:18:bd:8e:90:3f:90:52:bd:91:34:
ac:a1:05:1c:9b:09:50:14:c4:2c:8e:4d:26:e6:3e:
67:82:57:c3:c5:05:b2:8f:83:01:3e:42:f1:50:26:
57:98:3b:86:48:36:7a:08:e9:12:d4:da:39:f3:84:
e0:45:cb:0b:80:d3:4c:1e:2a:9e:b3:af:07:ca:86:
1b:6f:25:94:76:1e:f8:95:d4:0c:7e:58:72:c1:b7:
3f:ed:ca:27:9b:67:64:d6:fd:5e:7e:1a:3e:e2:88:
c7:db:1f:6c:0b:25:51:d2:ac:70:28:77:28:db:1d:
3f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3B:0E:41:74:51:76:1C:3C:A6:10:1B:62:9E:26:97:DB:29:5C:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8020::/48
Signature Algorithm: sha256WithRSAEncryption
96:93:8f:46:df:d6:18:e4:bd:a1:fe:64:bc:69:d4:3e:21:a6:
e0:61:64:92:9f:9b:39:ab:92:20:b2:9d:53:2a:cb:a5:94:9f:
43:b8:f9:32:8e:6b:df:63:31:83:90:c6:0c:fc:dd:00:cb:ed:
10:e1:3c:15:f1:f6:ea:78:ba:26:b4:ca:c9:12:8c:07:d4:45:
02:b5:78:3e:0c:87:9d:87:2c:a6:f4:d1:6c:77:a0:92:31:5d:
b9:d8:cc:04:b5:b9:cf:b8:7d:50:6c:20:f4:22:ee:2a:37:5a:
95:0f:fe:18:3c:41:2a:79:23:32:ac:6d:fe:82:0c:49:30:49:
b4:a4:51:85:38:61:44:71:ef:df:65:3a:8f:73:61:07:18:4c:
2a:0c:aa:e0:c0:6b:1e:ac:ed:5a:69:23:81:dc:10:f0:71:ac:
99:2b:a8:5b:81:d2:60:d2:08:fc:b4:52:22:a0:bc:d2:a9:02:
09:f0:bb:ed:30:d6:bb:40:fd:2f:f3:04:c0:04:45:86:bb:ef:
f2:0b:7c:f6:ed:f0:cd:d9:f1:7e:69:04:3f:26:89:0d:b4:d0:
30:08:29:41:d3:99:0c:b4:3d:94:1b:5d:7a:e9:6f:f8:ed:dd:
75:25:27:43:ce:f2:00:96:c4:15:03:e0:31:f3:ef:5a:d1:79:
90:3c:47:c1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcBcM0v50fZmGxDrh1myWeY2P/xgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwMjBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyOTU1ZWMzZjQ2OGRlYzZkOTdkMDJmYWVmNzM3ZGFkZjI5OWRlODcxMmQ3
YjA0OTgwNDQ5MjI4MmI2YzZiODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8p+1AxU44sVhX1YtvgNAinZxlpxkNlTq58sfIYKMGkQthCgBRiForKCCUq
NWQK9KhBSz1KppEnFwUV/YcNYwHwQb+wKybYqdwmX4Gv0Lqmm3AlvTqQzGxJ2UGa
CorhTZE1QXn9nBkCHnVeRhUO0yxAUnvIVpieagNtnsMArZbMk0G4Hy7CGU+AFycY
vY6QP5BSvZE0rKEFHJsJUBTELI5NJuY+Z4JXw8UFso+DAT5C8VAmV5g7hkg2egjp
EtTaOfOE4EXLC4DTTB4qnrOvB8qGG28llHYe+JXUDH5YcsG3P+3KJ5tnZNb9Xn4a
PuKIx9sfbAslUdKscCh3KNsdPxUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6Ow5B
dFF2HDymEBtiniaX2ylchzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
IDANBgkqhkiG9w0BAQsFAAOCAQEAlpOPRt/WGOS9of5kvGnUPiGm4GFkkp+bOauS
ILKdUyrLpZSfQ7j5Mo5r32Mxg5DGDPzdAMvtEOE8FfH26ni6JrTKyRKMB9RFArV4
PgyHnYcspvTRbHegkjFdudjMBLW5z7h9UGwg9CLuKjdalQ/+GDxBKnkjMqxt/oIM
STBJtKRRhThhRHHv32U6j3NhBxhMKgyq4MBrHqztWmkjgdwQ8HGsmSuoW4HSYNII
/LRSIqC80qkCCfC77TDWu0D9L/MEwARFhrvv8gt89u3wzdnxfmkEPyaJDbTQMAgp
QdOZDLQ9lBtdeulv+O3ddSUnQ87yAJbEFQPgMfPvWtF5kDxHwQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:53 2025 by rpki-client