Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: +S0fWA7Ss946EngAv86MdMBPlmimtpPcwxiXlaZuaXQ=
Subject key identifier: 0D:3F:30:77:F0:C0:AB:AF:C2:CE:FA:46:C9:65:9B:73:83:DE:BA:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 676B5ED6E25217ED711BB47FC7B07D1A88D0DE2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Tue 20 May 2025 18:31:39 +0000
ROA not before: Tue 20 May 2025 18:31:39 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:6b:5e:d6:e2:52:17:ed:71:1b:b4:7f:c7:b0:7d:1a:88:d0:de:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:31:39 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=80d02988ad12632ef23fad106b0377f4050a7e124437e2d6d5de38672acdf5d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:94:25:64:36:0d:af:2c:ee:c9:a2:64:13:b2:
e1:38:77:f3:7b:b2:b9:16:13:6f:de:d2:e3:ee:cb:
2a:90:7a:3e:be:fc:e7:19:31:a7:6e:e1:de:3d:a4:
39:eb:aa:02:b8:21:4a:08:58:f1:60:86:bb:5b:55:
e7:33:8b:42:3e:47:14:ea:41:9b:1f:3d:a7:64:69:
50:9b:76:ec:61:31:20:f9:93:4f:0c:1a:21:ce:00:
c1:c9:8c:7b:ac:b9:da:74:2d:d3:b8:2a:cc:eb:6b:
ed:b8:7d:ff:57:a8:89:07:3c:97:03:6b:c8:a8:c9:
7d:dd:1a:79:d2:21:73:58:fd:75:9d:15:31:2f:6f:
46:92:18:09:09:f6:55:63:70:8c:6a:af:48:1c:f2:
40:cc:c9:66:3e:42:c5:ef:4f:95:a8:f8:c4:09:43:
6f:49:11:27:b3:f4:d8:b2:6a:6b:5b:28:f6:7b:f2:
07:7a:fb:23:8f:ef:18:0c:fc:c6:78:4f:b1:76:e2:
49:59:a3:b1:4b:06:dd:d2:c8:f2:92:d5:c0:3d:14:
12:54:47:eb:2e:ba:2e:0b:5c:51:bc:5d:d7:6d:58:
e6:76:bc:a3:b4:d9:af:e4:bb:e9:45:2b:be:73:63:
13:b4:bd:b0:00:c5:ff:cd:3a:9f:e6:99:fb:4f:c7:
9e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:3F:30:77:F0:C0:AB:AF:C2:CE:FA:46:C9:65:9B:73:83:DE:BA:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
00:81:00:b0:fc:1c:03:15:a8:6b:e6:bf:ea:39:e0:3d:f8:e6:
a7:6e:d4:2b:ec:88:64:9f:10:2a:3f:20:cd:02:58:a7:ed:ad:
52:b0:bc:8b:87:30:dc:f5:46:2d:31:be:81:e1:a5:43:b6:79:
28:07:cc:7f:61:09:fb:36:e8:ae:93:03:76:3f:03:b7:0e:ee:
1c:e4:01:54:0d:bb:e2:da:5c:6d:60:81:ee:85:fa:41:3b:48:
2d:d9:e9:49:cf:83:0a:18:39:f4:1c:91:de:e2:08:92:37:3d:
dc:bf:f6:5d:5b:47:53:e9:c1:9d:d3:e4:33:5d:97:23:3b:73:
56:6c:d8:4b:4a:a7:b2:77:a2:3e:cd:b6:69:75:d8:56:68:a1:
70:66:23:5f:8c:c5:b6:ef:33:e4:80:12:2d:f5:0f:c6:5f:93:
83:58:36:f9:30:df:39:40:2d:35:dd:f5:77:6f:c0:56:f3:68:
1f:68:55:bd:9c:02:41:4c:78:4c:c5:2d:a3:34:fd:25:b3:f1:
4d:0f:24:70:d3:81:68:8a:4e:12:7c:44:56:d4:81:a0:ff:85:
69:84:ea:e6:13:d2:63:02:84:6c:32:1f:06:09:ce:db:46:fa:
7c:c2:6c:ba:70:ac:03:1f:80:e6:13:32:47:74:36:b3:ae:54:
f3:c1:1e:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ2te1uJSF+1xG7R/x7B9GojQ3i4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMxMzlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwZDAyOTg4YWQxMjYzMmVmMjNmYWQxMDZiMDM3N2Y0MDUwYTdlMTI0NDM3
ZTJkNmQ1ZGUzODY3MmFjZGY1ZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyUJWQ2Da8s7smiZBOy4Th383uyuRYTb97S4+7LKpB6Pr785xkxp27h3j2k
OeuqArghSghY8WCGu1tV5zOLQj5HFOpBmx89p2RpUJt27GExIPmTTwwaIc4AwcmM
e6y52nQt07gqzOtr7bh9/1eoiQc8lwNryKjJfd0aedIhc1j9dZ0VMS9vRpIYCQn2
VWNwjGqvSBzyQMzJZj5Cxe9Plaj4xAlDb0kRJ7P02LJqa1so9nvyB3r7I4/vGAz8
xnhPsXbiSVmjsUsG3dLI8pLVwD0UElRH6y66LgtcUbxd121Y5na8o7TZr+S76UUr
vnNjE7S9sADF/806n+aZ+0/HnjsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQNPzB3
8MCrr8LO+kbJZZtzg966WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEAAIEAsPwcAxWoa+a/6jngPfjmp27UK+yIZJ8Q
Kj8gzQJYp+2tUrC8i4cw3PVGLTG+geGlQ7Z5KAfMf2EJ+zborpMDdj8Dtw7uHOQB
VA274tpcbWCB7oX6QTtILdnpSc+DChg59ByR3uIIkjc93L/2XVtHU+nBndPkM12X
IztzVmzYS0qnsneiPs22aXXYVmihcGYjX4zFtu8z5IASLfUPxl+Tg1g2+TDfOUAt
Nd31d2/AVvNoH2hVvZwCQUx4TMUtozT9JbPxTQ8kcNOBaIpOEnxEVtSBoP+FaYTq
5hPSYwKEbDIfBgnO20b6fMJsunCsAx+A5hMyR3Q2s65U88EeEg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:09 2025 by rpki-client