Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
File: 11758a9b-0e07-4929-92b2-ff867af4fa4f.roa (raw, json)
Hash identifier: 1wh6vjRBw0IkNrIRtA4XKPoCIEkkeDn4ueLlXNNt3YM=
Subject key identifier: 9D:44:B6:6A:53:33:20:87:E6:E0:76:F3:4D:F5:19:DE:96:AC:DB:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 056D701791D7542C36E74955B9871E32406AF093
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
Signing time: Fri 06 Jun 2025 15:10:15 +0000
ROA not before: Fri 06 Jun 2025 15:10:15 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:6d:70:17:91:d7:54:2c:36:e7:49:55:b9:87:1e:32:40:6a:f0:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:15 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=14a691213235c07b87e40f82facf161118e7d354f76e6bb49974fca868f88499, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9a:bc:c4:69:63:07:ef:c7:e7:f2:72:17:28:
cb:b2:68:39:d3:3c:84:ad:3a:93:b1:b8:6c:f3:18:
2c:10:df:3c:90:0d:d1:42:c7:f0:85:4f:3d:75:b3:
1c:10:1a:9a:1c:93:df:e7:37:f3:5f:04:46:62:33:
26:50:ba:31:a0:74:f9:68:7e:85:8a:d6:10:7c:fa:
3a:8c:3b:25:a7:f2:8c:7e:e5:87:c0:fe:2a:61:13:
50:91:46:72:5d:f4:4d:d2:69:71:d6:15:c7:8f:3d:
59:01:fc:5f:47:db:05:08:68:92:eb:76:b1:f0:29:
5c:90:a5:8e:13:c7:9b:93:d5:1f:9a:42:fc:f8:f6:
0f:73:36:6a:3d:9a:53:8d:ba:e7:78:d5:ad:6f:6a:
34:f5:24:ff:bb:77:20:d1:d4:dc:0d:1c:73:ff:9e:
bb:d6:66:53:72:b3:05:29:18:4c:20:13:41:67:91:
fc:52:a1:a0:0b:0b:9c:97:a5:e1:56:cd:ab:f3:49:
dd:a5:23:47:10:41:df:b8:2b:76:96:36:61:e7:2a:
8a:59:09:13:53:aa:00:1f:4d:9f:3a:d1:f0:6e:05:
4f:25:a9:f8:97:90:c8:7d:44:6f:a8:a4:04:46:53:
e8:b0:34:0b:3b:01:79:44:bf:10:8d:2c:fe:fd:47:
3a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:44:B6:6A:53:33:20:87:E6:E0:76:F3:4D:F5:19:DE:96:AC:DB:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:eb:69:1e:79:be:a9:fa:04:4d:cc:62:32:83:78:6f:d7:1e:
ac:f8:01:35:9e:e5:1b:b2:13:b8:85:0e:af:a6:26:f9:63:26:
d9:96:74:11:dd:50:60:81:52:12:b6:6f:c0:c8:c5:0d:66:dc:
33:25:e3:aa:9c:2e:07:30:7c:b1:c6:88:5a:18:3a:43:6c:17:
f9:12:e0:31:f3:f9:4d:f9:2c:e8:47:72:fe:50:d5:a0:03:21:
c9:c0:3c:9c:ef:37:41:2d:e7:9b:a0:56:6f:b8:0d:c8:75:b3:
04:35:13:6f:63:97:4b:69:4b:25:1f:c6:5c:5b:5b:cb:9a:79:
05:ae:90:fa:8a:cb:9f:2a:01:5a:01:41:3b:b9:64:e2:4b:2e:
56:8b:60:38:82:33:05:63:29:2a:05:bf:d1:6f:ce:50:f1:5c:
f5:56:19:af:5c:eb:9d:59:99:5e:23:7e:7b:92:bd:02:f1:e8:
3f:5d:91:aa:ae:1c:9e:46:bb:9e:44:e0:9e:83:2e:b5:88:58:
db:9c:d9:a4:3c:df:4e:05:14:55:e5:54:ca:20:67:58:9b:df:
77:56:ea:a2:34:3e:21:ff:ad:c5:40:31:98:f8:30:75:f1:49:
10:8e:25:aa:c5:a5:2d:a7:0f:43:52:d9:4d:2f:50:52:73:90:
fc:c6:d0:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBW1wF5HXVCw250lVuYceMkBq8JMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMTVaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0YTY5MTIxMzIzNWMwN2I4N2U0MGY4MmZhY2YxNjExMThlN2QzNTRmNzZl
NmJiNDk5NzRmY2E4NjhmODg0OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJiavMRpYwfvx+fychcoy7JoOdM8hK06k7G4bPMYLBDfPJAN0ULH8IVPPXWz
HBAamhyT3+c3818ERmIzJlC6MaB0+Wh+hYrWEHz6Oow7JafyjH7lh8D+KmETUJFG
cl30TdJpcdYVx489WQH8X0fbBQhokut2sfApXJCljhPHm5PVH5pC/Pj2D3M2aj2a
U42653jVrW9qNPUk/7t3INHU3A0cc/+eu9ZmU3KzBSkYTCATQWeR/FKhoAsLnJel
4VbNq/NJ3aUjRxBB37grdpY2YecqilkJE1OqAB9NnzrR8G4FTyWp+JeQyH1Eb6ik
BEZT6LA0CzsBeUS/EI0s/v1HOm0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSdRLZq
UzMgh+bgdvNN9RnelqzbxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3NThhOWItMGUwNy00OTI5LTkyYjItZmY4NjdhZjRmYTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCn62keeb6p+gRNzGIyg3hv1x6s+AE1nuUbshO4
hQ6vpib5YybZlnQR3VBggVIStm/AyMUNZtwzJeOqnC4HMHyxxohaGDpDbBf5EuAx
8/lN+SzoR3L+UNWgAyHJwDyc7zdBLeeboFZvuA3IdbMENRNvY5dLaUslH8ZcW1vL
mnkFrpD6isufKgFaAUE7uWTiSy5Wi2A4gjMFYykqBb/Rb85Q8Vz1VhmvXOudWZle
I357kr0C8eg/XZGqrhyeRrueROCegy61iFjbnNmkPN9OBRRV5VTKIGdYm993Vuqi
ND4h/63FQDGY+DB18UkQjiWqxaUtpw9DUtlNL1BSc5D8xtDS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:13 2025 by rpki-client