Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
File: 16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa (raw, json)
Hash identifier: TQk6khOMrlPd155E+S7hqcXjptntebPXJOoRiCER5lg=
Subject key identifier: 04:5B:E2:AA:69:FD:F2:1F:13:B2:F2:6D:37:FC:E5:BD:01:E7:54:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39490977BE9B32EE54261E3C4A5DD8C57F72584A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
Signing time: Tue 20 May 2025 20:11:08 +0000
ROA not before: Tue 20 May 2025 20:11:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:49:09:77:be:9b:32:ee:54:26:1e:3c:4a:5d:d8:c5:7f:72:58:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=3a34acf81f481af9b47eeb5dfcfda8ee833dfb8ed3c80a84ed050269a56e4993, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4a:59:32:60:a8:d8:d4:98:e3:c4:c3:67:db:
44:c7:b9:06:6a:19:e6:1c:23:37:59:ef:cc:be:22:
77:5c:2f:34:37:bb:2b:ca:a5:5f:64:93:0f:dd:f2:
b1:28:3d:6e:27:8b:94:0f:db:38:8c:01:59:26:19:
b1:28:d6:ea:00:bd:7f:b8:08:94:d3:61:1a:1c:5b:
e5:08:eb:1d:51:61:e6:9c:39:03:69:5f:b7:c5:8b:
d0:3a:20:74:8d:1f:a3:43:98:a0:9b:24:c3:5c:0c:
1c:b8:34:ae:1d:4d:bf:e6:78:d4:fa:4d:ce:7a:a8:
fa:50:5c:59:be:d3:83:0c:ed:63:94:7b:ca:57:e8:
dd:09:0f:b1:ae:44:e3:0f:60:13:34:1e:41:5e:4e:
7f:7f:26:93:00:43:8a:64:b8:68:ae:2e:33:9c:65:
12:ee:8b:2d:0a:6c:a4:ec:e6:57:c9:f8:64:43:e9:
f5:e3:d2:07:5e:b7:d4:7e:f5:18:fd:b1:31:13:92:
e5:d3:cc:77:77:c4:92:21:91:42:bc:33:60:3a:11:
12:e2:99:00:70:01:5d:ef:08:07:eb:ff:3c:9e:f8:
0e:34:65:10:40:61:fb:87:7c:40:e1:93:d8:d8:8d:
da:96:50:7d:27:77:49:bf:6c:e9:0c:9b:d0:5f:6d:
24:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5B:E2:AA:69:FD:F2:1F:13:B2:F2:6D:37:FC:E5:BD:01:E7:54:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:b000::/40
Signature Algorithm: sha256WithRSAEncryption
49:a7:0e:6e:ab:8c:ce:cf:72:6e:01:ae:80:33:30:f0:e6:84:
f5:a8:70:93:b0:fa:8c:1b:53:fd:c5:b4:51:40:4c:9c:ae:00:
95:bf:ad:0d:7e:3b:f0:45:8c:5e:f1:13:9b:c8:9d:cb:e8:86:
ad:5b:37:1d:ee:ff:6a:8b:88:5f:d5:0f:66:30:b1:f6:2d:b7:
27:20:0b:16:59:92:69:38:bf:30:95:31:dd:17:c1:b6:dd:15:
8f:75:74:c8:3d:1f:8e:ee:42:30:83:e5:38:16:05:80:1c:87:
66:f6:52:fe:fc:1a:91:83:19:98:3d:ae:09:09:64:a8:96:2d:
7c:95:29:62:60:6d:70:8d:4c:66:95:87:3b:e9:51:f6:d7:b0:
c3:bb:4e:77:ba:49:2d:3f:1c:32:74:1c:e7:21:5a:fc:66:17:
a1:c3:b6:87:22:c3:fb:0c:cd:1e:2f:f8:b9:ef:7c:07:bb:57:
a9:66:1c:27:86:a1:d0:3f:f9:26:38:ba:f8:cc:88:c7:4d:8d:
1e:0a:b3:4a:06:7c:38:bc:1c:95:a8:f3:96:89:d0:63:b3:5f:
a5:7a:bf:a6:27:25:d1:23:4c:79:e7:24:0a:03:fe:3b:ab:ae:
ec:1f:2d:fc:62:c9:5d:f0:65:bd:86:ea:78:33:e3:f4:fc:ea:
3d:de:d2:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOUkJd76bMu5UJh48Sl3YxX9yWEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhMzRhY2Y4MWY0ODFhZjliNDdlZWI1ZGZjZmRhOGVlODMzZGZiOGVkM2M4
MGE4NGVkMDUwMjY5YTU2ZTQ5OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9KWTJgqNjUmOPEw2fbRMe5BmoZ5hwjN1nvzL4id1wvNDe7K8qlX2STD93y
sSg9bieLlA/bOIwBWSYZsSjW6gC9f7gIlNNhGhxb5QjrHVFh5pw5A2lft8WL0Dog
dI0fo0OYoJskw1wMHLg0rh1Nv+Z41PpNznqo+lBcWb7TgwztY5R7ylfo3QkPsa5E
4w9gEzQeQV5Of38mkwBDimS4aK4uM5xlEu6LLQpspOzmV8n4ZEPp9ePSB1631H71
GP2xMROS5dPMd3fEkiGRQrwzYDoREuKZAHABXe8IB+v/PJ74DjRlEEBh+4d8QOGT
2NiN2pZQfSd3Sb9s6Qyb0F9tJFcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEW+Kq
af3yHxOy8m03/OW9AedUbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTZlODNkODktOWMyOS00ZDcwLTlkMWQtODVlNGRjN2UzZDZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hiw
MA0GCSqGSIb3DQEBCwUAA4IBAQBJpw5uq4zOz3JuAa6AMzDw5oT1qHCTsPqMG1P9
xbRRQEycrgCVv60NfjvwRYxe8RObyJ3L6IatWzcd7v9qi4hf1Q9mMLH2LbcnIAsW
WZJpOL8wlTHdF8G23RWPdXTIPR+O7kIwg+U4FgWAHIdm9lL+/BqRgxmYPa4JCWSo
li18lSliYG1wjUxmlYc76VH217DDu053ukktPxwydBznIVr8Zhehw7aHIsP7DM0e
L/i573wHu1epZhwnhqHQP/kmOLr4zIjHTY0eCrNKBnw4vByVqPOWidBjs1+ler+m
JyXRI0x55yQKA/47q67sHy38Ysld8GW9hup4M+P0/Oo93tJP
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:48 2025 by rpki-client