Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
File: 0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa (raw, json)
Hash identifier: PwD3oh3Dgcv0CMIkfJ788hTzPrBowK/CDY0RC84TCuM=
Subject key identifier: 39:94:B5:22:50:9A:BE:BC:43:50:B4:CE:A9:60:99:9D:6F:BD:B1:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06B89982CBF62991855C77D81A5B8B6A941FC8AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
Signing time: Tue 20 May 2025 18:41:34 +0000
ROA not before: Tue 20 May 2025 18:41:34 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:b8:99:82:cb:f6:29:91:85:5c:77:d8:1a:5b:8b:6a:94:1f:c8:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:34 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=abf9460fcd80dd8666ffe7773b73a9fb1f6d36a8851b3e82ea46855cd2ff30cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:58:99:3e:d3:c7:2f:6f:2f:9f:f1:cc:0e:50:
ef:5e:34:91:7c:1b:fa:7c:1b:37:72:29:91:74:85:
54:72:fa:3e:12:33:76:76:7e:0d:42:66:70:d3:f7:
89:0e:eb:81:a2:31:ab:28:49:4c:2f:82:8a:ac:80:
51:eb:7b:91:a9:b7:36:6a:59:99:2d:aa:be:a6:b3:
93:75:5b:cc:0d:1a:e6:f2:be:46:66:e7:71:93:bf:
43:72:f4:72:62:0b:63:2a:d3:d1:17:bd:bc:c1:44:
8d:fe:cc:4b:8c:c1:eb:f2:a2:38:ec:be:9a:47:51:
ed:3c:83:fb:02:39:4f:0f:8c:82:f5:d0:37:71:54:
ba:25:fe:62:11:84:41:39:a0:4e:ea:97:bd:8b:6f:
5e:53:93:b4:12:70:b5:b5:ca:bf:30:2b:54:66:30:
de:18:c5:dc:85:8b:49:b9:28:de:16:78:ac:c5:79:
a7:e3:15:88:e0:b6:39:f8:d5:8f:47:d2:6c:68:31:
23:ce:62:f1:fc:de:e0:f2:60:78:62:cd:31:70:2b:
b5:d4:c8:8f:4f:3a:1f:97:42:cd:9f:5f:93:68:e7:
32:44:01:c4:07:29:1c:71:2e:4c:70:ed:7c:dd:62:
66:4c:d7:13:36:55:69:24:04:ee:d1:5b:cc:95:78:
27:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:94:B5:22:50:9A:BE:BC:43:50:B4:CE:A9:60:99:9D:6F:BD:B1:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
15:0e:65:fc:dd:90:9f:6c:62:fc:23:49:a4:9d:a5:93:48:da:
da:bc:9c:62:27:9b:8e:24:cb:94:d9:27:66:b1:71:6e:ba:93:
0a:35:20:9b:ae:ca:0e:39:26:43:96:df:08:fd:4e:26:b1:4d:
c9:60:70:e0:ce:bd:bb:2b:ba:2f:69:2c:c1:37:44:ff:82:5f:
60:26:b7:0b:5b:14:2d:64:c0:71:f1:f1:9e:14:c8:4a:1c:41:
e6:c0:87:cb:66:fd:7c:69:b5:67:a6:5d:40:8f:c9:07:67:ca:
57:22:d8:a4:11:87:8e:83:e7:91:55:a3:21:e4:55:28:45:6b:
38:e3:ec:74:60:b9:bf:83:c1:1d:76:1c:9b:95:bf:e6:1d:73:
f4:f0:e6:71:bb:a7:ef:a3:02:40:20:14:42:28:59:13:0b:9e:
1c:78:20:ad:25:be:13:7b:de:a6:05:29:d7:0e:82:fc:82:79:
fd:e8:56:b7:22:cb:13:32:6f:91:8b:eb:e0:ce:a9:f9:7a:d6:
3a:86:d0:02:b5:84:07:29:3f:ab:e9:a9:05:17:ea:b1:24:06:
a0:6d:38:d2:5e:2b:e1:55:04:78:2f:56:ae:b6:a7:4b:b7:de:
20:2b:82:42:97:1d:1a:df:b4:84:f6:7c:d9:4f:2a:07:ec:ce:
f2:00:41:2c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBriZgsv2KZGFXHfYGluLapQfyKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxMzRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiZjk0NjBmY2Q4MGRkODY2NmZmZTc3NzNiNzNhOWZiMWY2ZDM2YTg4NTFi
M2U4MmVhNDY4NTVjZDJmZjMwY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFYmT7Txy9vL5/xzA5Q7140kXwb+nwbN3IpkXSFVHL6PhIzdnZ+DUJmcNP3
iQ7rgaIxqyhJTC+CiqyAUet7kam3NmpZmS2qvqazk3VbzA0a5vK+RmbncZO/Q3L0
cmILYyrT0Re9vMFEjf7MS4zB6/KiOOy+mkdR7TyD+wI5Tw+MgvXQN3FUuiX+YhGE
QTmgTuqXvYtvXlOTtBJwtbXKvzArVGYw3hjF3IWLSbko3hZ4rMV5p+MViOC2OfjV
j0fSbGgxI85i8fze4PJgeGLNMXArtdTIj086H5dCzZ9fk2jnMkQBxAcpHHEuTHDt
fN1iZkzXEzZVaSQE7tFbzJV4J2cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ5lLUi
UJq+vENQtM6pYJmdb72xnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyZTMwOWUtZTlkNC00NTQ2LTg5NjktMmQ3YjRiOWQ1MTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAFQ5l/N2Qn2xi/CNJpJ2lk0ja2rycYiebjiTL
lNknZrFxbrqTCjUgm67KDjkmQ5bfCP1OJrFNyWBw4M69uyu6L2kswTdE/4JfYCa3
C1sULWTAcfHxnhTIShxB5sCHy2b9fGm1Z6ZdQI/JB2fKVyLYpBGHjoPnkVWjIeRV
KEVrOOPsdGC5v4PBHXYcm5W/5h1z9PDmcbun76MCQCAUQihZEwueHHggrSW+E3ve
pgUp1w6C/IJ5/ehWtyLLEzJvkYvr4M6p+XrWOobQArWEByk/q+mpBRfqsSQGoG04
0l4r4VUEeC9WrranS7feICuCQpcdGt+0hPZ82U8qB+zO8gBBLA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:17 2025 by rpki-client