Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
File: 0f3fbd71-85b4-48a7-8479-e942c9578262.roa (raw, json)
Hash identifier: J/hGJSj+OnODG/OklBW/920z4qxlqOnRZXUnhNmdBE8=
Subject key identifier: F9:1B:5E:93:29:A2:15:1D:21:49:06:B7:6F:C2:CE:1E:D5:3A:67:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F1C7E993DA97B81A03312C8782CC40763C47B9C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
Signing time: Tue 20 May 2025 20:11:28 +0000
ROA not before: Tue 20 May 2025 20:11:28 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:1c:7e:99:3d:a9:7b:81:a0:33:12:c8:78:2c:c4:07:63:c4:7b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:28 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=bd1b297ab65b58505ee4301a92db9220628d68c52be927d1579879614a98aca7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:87:d1:a3:3a:21:f3:f0:04:c7:60:9d:de:
25:aa:35:d6:98:e3:2e:e4:40:27:b7:f8:48:79:40:
f6:84:6d:51:7a:72:f1:4e:10:1d:60:20:bd:05:95:
ac:33:6c:a7:1b:5c:8b:9b:38:74:34:84:ba:a5:a2:
8a:43:ff:ec:eb:2b:c3:b9:f6:f1:b3:7f:cf:d9:c3:
6c:f3:bd:f0:ac:ab:79:01:3f:39:b0:25:3c:1d:c6:
e5:75:dc:a6:61:ff:6c:2d:62:a6:d4:e7:b5:e3:42:
8b:8a:26:03:c0:de:88:06:50:78:c7:a2:77:3e:b6:
49:d8:e9:29:2e:3e:4f:ad:8d:c9:40:63:f0:f5:d8:
a1:9c:7f:4b:9c:1a:0d:8c:ae:2c:c7:78:5e:07:85:
73:95:a6:91:93:17:e2:c2:70:fd:ed:aa:55:dc:ef:
88:8d:40:8e:3c:fa:94:a0:73:86:de:26:a1:f6:d6:
4b:b4:a0:5e:85:81:64:1e:2f:b1:7c:a5:90:d8:43:
8b:f3:f6:f2:7e:eb:e9:15:a3:e2:9a:59:d0:1e:08:
9e:83:8b:9b:87:3a:75:67:1c:bd:44:b9:64:eb:94:
8b:c9:b4:44:6b:fa:b7:c4:76:00:70:dc:44:14:c8:
8e:48:dd:76:69:d2:5f:3d:1c:8c:d1:d8:d6:13:97:
5e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1B:5E:93:29:A2:15:1D:21:49:06:B7:6F:C2:CE:1E:D5:3A:67:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:1000::/40
Signature Algorithm: sha256WithRSAEncryption
00:9d:24:5a:4a:14:9e:bb:0e:cb:50:36:34:3c:95:ac:17:36:
8b:02:97:a0:d1:b6:0b:83:68:56:0f:a9:83:22:6f:cf:98:67:
27:dd:1f:55:64:47:f4:61:61:cb:e6:37:03:64:7f:15:99:39:
50:b3:07:e3:41:19:2e:51:ff:77:f6:7b:a3:66:2c:24:27:3e:
19:90:e6:d5:5f:27:8e:cf:06:11:71:3e:5a:98:44:32:08:d7:
7b:2a:b3:13:7a:ae:28:37:5a:af:b5:e8:77:c1:b7:75:12:6f:
cb:94:f6:99:59:da:e0:61:01:c6:59:4a:8f:38:90:05:13:30:
38:2d:df:63:2f:02:59:54:97:31:72:07:85:44:9c:e8:2d:b8:
ac:06:30:99:81:dc:df:0f:37:60:d1:b2:eb:27:28:12:48:ca:
ba:1e:28:e2:1f:d5:59:0f:e2:c1:10:d6:e6:5f:83:a5:67:70:
1f:be:60:47:90:f5:d8:67:a0:78:8b:76:8e:f3:54:57:ca:23:
74:06:8d:ba:f4:43:1f:45:39:24:22:66:aa:89:ce:e1:ac:ae:
04:5b:83:b4:56:f0:ba:52:23:02:19:f9:8c:02:a3:32:5b:56:
2e:c3:19:36:7f:d0:6c:34:10:42:16:6c:15:f3:33:3c:94:6e:
3b:dd:2d:c8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbxx+mT2pe4GgMxLIeCzEB2PEe5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMjhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMWIyOTdhYjY1YjU4NTA1ZWU0MzAxYTkyZGI5MjIwNjI4ZDY4YzUyYmU5
MjdkMTU3OTg3OTYxNGE5OGFjYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/Ah9GjOiHz8ATHYJ3eJao11pjjLuRAJ7f4SHlA9oRtUXpy8U4QHWAgvQWV
rDNspxtci5s4dDSEuqWiikP/7Osrw7n28bN/z9nDbPO98KyreQE/ObAlPB3G5XXc
pmH/bC1iptTnteNCi4omA8DeiAZQeMeidz62SdjpKS4+T62NyUBj8PXYoZx/S5wa
DYyuLMd4XgeFc5WmkZMX4sJw/e2qVdzviI1Ajjz6lKBzht4mofbWS7SgXoWBZB4v
sXylkNhDi/P28n7r6RWj4ppZ0B4InoOLm4c6dWccvUS5ZOuUi8m0RGv6t8R2AHDc
RBTIjkjddmnSXz0cjNHY1hOXXt0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5G16T
KaIVHSFJBrdvws4e1TpnJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGYzZmJkNzEtODViNC00OGE3LTg0NzktZTk0MmM5NTc4MjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAAnSRaShSeuw7LUDY0PJWsFzaLApeg0bYLg2hW
D6mDIm/PmGcn3R9VZEf0YWHL5jcDZH8VmTlQswfjQRkuUf939nujZiwkJz4ZkObV
XyeOzwYRcT5amEQyCNd7KrMTeq4oN1qvteh3wbd1Em/LlPaZWdrgYQHGWUqPOJAF
EzA4Ld9jLwJZVJcxcgeFRJzoLbisBjCZgdzfDzdg0bLrJygSSMq6HijiH9VZD+LB
ENbmX4OlZ3AfvmBHkPXYZ6B4i3aO81RXyiN0Bo269EMfRTkkImaqic7hrK4EW4O0
VvC6UiMCGfmMAqMyW1Yuwxk2f9BsNBBCFmwV8zM8lG473S3I
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:08 2025 by rpki-client