Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ab48d39-178e-4855-83a6-895690a81d28.roa
File: 0ab48d39-178e-4855-83a6-895690a81d28.roa (raw, json)
Hash identifier: l3DO8jwXdNk6NAkq+qV7y2GWuE5/9VnOlepTmVZ3tLc=
Subject key identifier: C2:3E:D8:CC:AD:BD:43:59:D9:6B:92:26:C4:64:22:87:43:83:55:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A6E9F0A29296D75BF222FFAE94B47D19C429845
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ab48d39-178e-4855-83a6-895690a81d28.roa
Signing time: Tue 20 May 2025 19:41:08 +0000
ROA not before: Tue 20 May 2025 19:41:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:a080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:6e:9f:0a:29:29:6d:75:bf:22:2f:fa:e9:4b:47:d1:9c:42:98:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:41:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e85de082bd6fe03d6613e7a30ddc6e6e272ba4d87ca9f85394a9dbad3be46d26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cf:7e:3f:a6:bc:4e:29:b5:db:89:0e:8c:0e:
0e:60:80:86:d7:6d:6f:91:8d:04:6c:32:cd:36:ed:
1d:83:8c:94:79:cc:4c:82:39:9b:12:45:64:c8:18:
dc:d4:60:3a:5a:94:2d:6f:5d:3b:cf:7b:96:b7:94:
7c:d5:0e:c4:cf:8c:1b:f6:60:eb:d5:25:01:ee:5a:
21:c1:0f:f4:09:ea:d5:99:61:a8:ce:a3:c0:64:86:
fa:25:ad:68:17:d2:df:5a:c1:4a:db:e0:1b:a7:79:
17:35:d1:4c:00:ce:0e:ad:00:2e:fb:56:8e:69:ab:
61:80:9c:c5:27:45:61:c3:81:b1:18:79:6c:6c:90:
bc:88:d1:fb:ff:b3:b8:36:37:23:3c:10:04:28:87:
0e:e4:53:21:51:89:d5:ab:6c:58:5a:8d:3b:18:c8:
57:5f:49:34:b5:7c:95:24:14:1b:64:80:de:9d:a0:
a8:0b:aa:d1:5c:b1:d7:10:13:87:8b:89:1c:00:1a:
3d:20:1f:f6:cd:0f:f8:90:c5:60:56:92:41:01:b3:
e4:48:d1:47:d1:71:86:c1:3f:4b:a6:85:ac:30:6a:
84:07:9a:4d:c7:08:a1:11:ad:cc:d0:fc:9f:7c:50:
68:01:ed:f4:c3:f2:43:4b:33:41:f7:32:cf:89:d8:
9d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:3E:D8:CC:AD:BD:43:59:D9:6B:92:26:C4:64:22:87:43:83:55:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ab48d39-178e-4855-83a6-895690a81d28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:a080::/46
Signature Algorithm: sha256WithRSAEncryption
31:6e:c4:77:c4:83:1a:c2:46:69:02:ae:00:39:e3:2d:bd:bd:
81:3c:99:05:4e:a9:72:f7:b3:8d:b6:35:c6:ec:3f:df:53:40:
6f:01:ee:0a:6a:f3:af:a1:c5:d2:42:35:89:d5:df:43:fb:1d:
97:b9:27:2c:f3:91:25:61:f0:57:57:45:6b:d2:13:1f:5b:55:
a2:dc:e7:d9:15:0f:1a:d8:27:97:1f:09:dd:a7:80:7f:20:71:
e5:6f:99:7a:b2:0a:be:a4:99:c1:8b:67:8b:d1:8c:4b:d7:91:
d1:be:20:b7:88:00:24:8d:9e:e4:91:92:8d:1c:4e:f0:0d:cc:
57:ec:f3:4f:a2:6e:7d:46:67:7c:47:39:04:9c:98:8b:5d:7c:
87:b3:ef:e1:51:c8:b3:08:e4:9e:99:0a:ca:33:e9:5a:90:0a:
9f:67:06:bd:c9:12:7f:09:3f:ae:6c:af:1c:3c:ed:e3:dc:b4:
61:10:00:66:cf:51:9e:28:39:09:63:f8:a0:fe:2c:38:87:db:
31:7c:f8:92:42:e2:1c:29:1c:00:73:2b:97:f4:39:e3:b1:5b:
a9:9e:20:3c:bd:7e:7a:0e:6f:82:c6:90:e4:35:bd:ad:0a:31:
d4:24:8d:03:a2:91:75:48:b4:2d:e1:f6:e1:21:34:3f:5f:e7:
a6:9c:17:74
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKm6fCikpbXW/Ii/66UtH0ZxCmEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQxMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4NWRlMDgyYmQ2ZmUwM2Q2NjEzZTdhMzBkZGM2ZTZlMjcyYmE0ZDg3Y2E5
Zjg1Mzk0YTlkYmFkM2JlNDZkMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzPfj+mvE4ptduJDowODmCAhtdtb5GNBGwyzTbtHYOMlHnMTII5mxJFZMgY
3NRgOlqULW9dO897lreUfNUOxM+MG/Zg69UlAe5aIcEP9Anq1ZlhqM6jwGSG+iWt
aBfS31rBStvgG6d5FzXRTADODq0ALvtWjmmrYYCcxSdFYcOBsRh5bGyQvIjR+/+z
uDY3IzwQBCiHDuRTIVGJ1atsWFqNOxjIV19JNLV8lSQUG2SA3p2gqAuq0Vyx1xAT
h4uJHAAaPSAf9s0P+JDFYFaSQQGz5EjRR9FxhsE/S6aFrDBqhAeaTccIoRGtzND8
n3xQaAHt9MPyQ0szQfcyz4nYnbcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTCPtjM
rb1DWdlrkibEZCKHQ4NVDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGFiNDhkMzktMTc4ZS00ODU1LTgzYTYtODk1NjkwYTgxZDI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Heg
gDANBgkqhkiG9w0BAQsFAAOCAQEAMW7Ed8SDGsJGaQKuADnjLb29gTyZBU6pcvez
jbY1xuw/31NAbwHuCmrzr6HF0kI1idXfQ/sdl7knLPORJWHwV1dFa9ITH1tVotzn
2RUPGtgnlx8J3aeAfyBx5W+ZerIKvqSZwYtni9GMS9eR0b4gt4gAJI2e5JGSjRxO
8A3MV+zzT6JufUZnfEc5BJyYi118h7Pv4VHIswjknpkKyjPpWpAKn2cGvckSfwk/
rmyvHDzt49y0YRAAZs9Rnig5CWP4oP4sOIfbMXz4kkLiHCkcAHMrl/Q547FbqZ4g
PL1+eg5vgsaQ5DW9rQox1CSNA6KRdUi0LeH24SE0P1/nppwXdA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:34 2025 by rpki-client