Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
File: 191b6a6c-2595-4848-a6b3-22a230649f67.roa (raw, json)
Hash identifier: Cx5mycd35h22+9upLNEm2Bfj2jXkjb1CZh6xAuiLmpo=
Subject key identifier: D6:A0:AD:5E:67:6A:1F:94:9A:F6:D7:74:D8:95:9F:35:49:A2:BE:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BDC0E3A4ACE0A17F6BC71356278D5746031546E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
Signing time: Tue 20 May 2025 19:40:47 +0000
ROA not before: Tue 20 May 2025 19:40:47 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:dc:0e:3a:4a:ce:0a:17:f6:bc:71:35:62:78:d5:74:60:31:54:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:47 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=44df5bbcf8a5082a1fb8bf01a442f5a1a6a89a2bad01ea252bd956bdb71b605a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:87:b6:1a:8c:9b:b0:5f:05:05:a4:a1:fc:50:
68:2b:9c:68:6b:de:66:db:6a:b1:2a:3d:37:6e:c3:
48:a6:38:ac:a9:4f:46:58:07:0b:c5:59:82:61:d1:
7c:66:78:fc:22:82:03:65:47:d4:f6:04:dc:a6:e3:
c2:35:c6:85:f1:21:fc:d6:9b:1a:95:a4:81:fa:7f:
84:c6:38:48:32:a1:ec:dd:93:b9:40:29:d9:30:c4:
a4:31:da:b7:a9:ec:6c:9d:25:01:52:99:d8:90:0b:
0e:c1:98:41:ee:e4:8a:ae:fd:f4:2b:5c:68:cd:89:
9b:ae:75:4f:0a:c5:d6:8f:30:67:93:3e:8b:6b:e4:
22:89:6b:16:73:8f:40:74:c1:4b:9a:4e:bd:ef:a0:
1b:b2:f2:f6:2d:4a:5d:08:f2:f4:23:b6:a3:44:b8:
59:45:64:47:b5:27:84:de:88:f1:5a:c8:3b:72:8a:
1c:26:50:a9:09:a9:c9:eb:52:52:a7:12:a7:18:82:
a3:b6:6f:87:9f:c1:47:12:70:e8:07:db:d7:62:b5:
c5:86:07:23:ba:a5:98:c7:37:48:0f:1e:89:8b:54:
79:01:20:fc:61:29:a8:e8:0c:37:d5:a3:79:29:6d:
65:40:3b:44:6f:58:fb:36:86:47:f9:17:33:9e:79:
cd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A0:AD:5E:67:6A:1F:94:9A:F6:D7:74:D8:95:9F:35:49:A2:BE:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:5040::/46
Signature Algorithm: sha256WithRSAEncryption
7c:eb:60:20:f8:95:df:d8:28:ba:14:3c:62:58:52:49:1a:71:
8c:c7:47:fd:b6:1e:96:9a:0e:6b:ca:15:19:14:6f:a1:d3:5f:
49:23:3d:f3:10:98:ea:49:7a:a2:a0:a1:29:96:8c:f3:cd:72:
e0:90:25:25:56:5e:12:d0:2c:f8:68:27:21:82:79:54:1a:75:
84:9b:1b:eb:8a:80:c7:5f:ac:ce:b2:b3:6c:ed:b4:b3:ba:35:
a1:ca:cf:86:66:3f:93:30:30:b9:3b:95:29:0f:90:af:66:4e:
4d:7f:96:26:6e:52:a2:83:6a:4f:12:74:38:c8:7b:0d:8e:01:
cb:ca:13:0b:15:ee:0a:09:07:05:b3:5e:0c:2d:a4:d5:92:e1:
d5:2d:9e:15:56:18:29:40:bf:15:00:31:ac:dc:43:94:ae:75:
6c:c2:d5:34:54:ac:59:7b:64:d7:46:40:0a:63:b7:dc:7a:57:
4d:fd:f0:b1:94:7e:79:6b:28:40:b5:5d:ef:ca:05:4a:92:2a:
c4:ff:c7:b6:34:c2:f6:02:57:88:54:05:51:70:06:e7:5b:e5:
e6:35:dd:d3:0d:19:d0:99:19:95:94:a6:83:04:b7:14:f6:00:
43:25:6f:dc:52:f8:a2:21:63:54:4b:ff:94:2a:42:96:2e:06:
c6:53:67:da
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUG9wOOkrOChf2vHE1YnjVdGAxVG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwNDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0ZGY1YmJjZjhhNTA4MmExZmI4YmYwMWE0NDJmNWExYTZhODlhMmJhZDAx
ZWEyNTJiZDk1NmJkYjcxYjYwNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOHthqMm7BfBQWkofxQaCucaGveZttqsSo9N27DSKY4rKlPRlgHC8VZgmHR
fGZ4/CKCA2VH1PYE3KbjwjXGhfEh/NabGpWkgfp/hMY4SDKh7N2TuUAp2TDEpDHa
t6nsbJ0lAVKZ2JALDsGYQe7kiq799CtcaM2Jm651TwrF1o8wZ5M+i2vkIolrFnOP
QHTBS5pOve+gG7Ly9i1KXQjy9CO2o0S4WUVkR7UnhN6I8VrIO3KKHCZQqQmpyetS
UqcSpxiCo7Zvh5/BRxJw6Afb12K1xYYHI7qlmMc3SA8eiYtUeQEg/GEpqOgMN9Wj
eSltZUA7RG9Y+zaGR/kXM555zasCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTWoK1e
Z2oflJr213TYlZ81SaK+jTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkxYjZhNmMtMjU5NS00ODQ4LWE2YjMtMjJhMjMwNjQ5ZjY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAfOtgIPiV39gouhQ8YlhSSRpxjMdH/bYelpoO
a8oVGRRvodNfSSM98xCY6kl6oqChKZaM881y4JAlJVZeEtAs+GgnIYJ5VBp1hJsb
64qAx1+szrKzbO20s7o1ocrPhmY/kzAwuTuVKQ+Qr2ZOTX+WJm5SooNqTxJ0OMh7
DY4By8oTCxXuCgkHBbNeDC2k1ZLh1S2eFVYYKUC/FQAxrNxDlK51bMLVNFSsWXtk
10ZACmO33HpXTf3wsZR+eWsoQLVd78oFSpIqxP/HtjTC9gJXiFQFUXAG51vl5jXd
0w0Z0JkZlZSmgwS3FPYAQyVv3FL4oiFjVEv/lCpCli4GxlNn2g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:04 2025 by rpki-client