Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
File: 19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa (raw, json)
Hash identifier: 7AxHijhEr9IM1FLyzAl3nkIDbFa3czq7Wfm7nS3Fnfk=
Subject key identifier: 4D:AC:94:6A:90:C6:C5:BA:06:44:20:8F:54:F7:B9:4E:17:BD:60:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3239F56FA14B9A1B70CA225F3E8CA8243A79D5CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
Signing time: Tue 20 May 2025 18:30:44 +0000
ROA not before: Tue 20 May 2025 18:30:44 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:39:f5:6f:a1:4b:9a:1b:70:ca:22:5f:3e:8c:a8:24:3a:79:d5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:44 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c61d124ef4cce5a8661f37b37973db84268d0317abe7cd89c3379efeeb56abea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1e:d1:b2:a6:72:13:75:f9:4e:bc:7c:f8:5f:
fe:a9:82:ef:ea:5f:8c:e1:fa:21:60:79:59:c7:a8:
b8:a7:9e:2d:0c:c9:52:f3:f7:10:52:7e:3e:53:04:
f5:97:d7:bd:88:28:2f:dd:4f:64:9c:e9:d7:f8:88:
22:33:d7:d3:c5:4c:96:2c:3f:43:06:22:d0:39:08:
2a:7a:2a:95:08:12:f6:d8:05:99:11:f2:d2:cd:b2:
b9:ef:f7:ce:dd:5b:4b:c4:30:67:99:a4:b1:ce:84:
c6:77:a9:23:9e:fa:72:01:e4:d9:9e:25:5c:3b:ef:
76:64:ec:0b:c2:14:6a:1d:de:4a:f5:41:c2:2a:c4:
59:1e:c1:30:09:89:d0:3d:40:25:da:c8:43:d4:eb:
a2:a5:a6:b7:60:bf:0e:b8:e9:9c:18:a9:b2:05:af:
54:6f:5d:79:a6:72:5b:25:b8:f3:cf:53:df:1a:04:
ee:d5:96:80:0b:88:ad:bd:ef:df:4c:ef:a4:45:0d:
a4:0b:02:2a:8d:a0:2c:58:23:d8:f2:41:06:b1:bf:
5e:2c:a3:8c:b3:aa:e1:d5:35:ab:f2:c5:7a:cc:97:
ec:83:5e:37:8b:a5:23:b1:ca:4d:4f:b0:89:51:b6:
37:ff:21:01:21:f4:44:99:61:10:4b:51:0b:4c:5e:
04:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AC:94:6A:90:C6:C5:BA:06:44:20:8F:54:F7:B9:4E:17:BD:60:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5080::/48
Signature Algorithm: sha256WithRSAEncryption
31:7e:33:ea:dc:55:1b:f6:5e:93:9b:cd:1b:89:37:5b:30:e1:
c1:64:a6:1e:1f:94:3c:a9:cd:b7:d5:e9:03:c8:56:58:43:36:
a4:9a:d3:f1:da:1a:1d:7a:1a:53:26:75:26:53:13:62:11:1d:
87:33:84:fa:ac:54:63:78:66:50:ed:62:f7:9d:cb:6a:51:fa:
0b:a5:7e:0d:b2:fc:0a:c9:fb:9b:e9:45:a7:c9:7e:a0:21:f1:
7c:f5:f8:96:f8:88:f8:64:c6:0b:73:b7:60:72:5a:71:6f:4f:
74:ca:c9:19:5b:af:5c:40:95:46:09:70:54:97:b7:b7:64:56:
b0:d1:29:7d:0c:fe:25:67:a9:ca:19:e9:b7:34:85:03:9b:fb:
9e:c8:90:a5:fa:55:04:91:a1:41:9a:76:39:ac:e2:2e:32:2d:
e0:9f:5c:f8:71:59:70:bc:28:67:56:f5:00:5e:1a:28:ee:d6:
2e:c9:0e:05:37:d7:c7:63:6f:bb:81:65:4e:6c:38:6d:3c:a4:
01:42:41:60:50:96:d7:1c:d2:d1:1f:76:6e:53:ed:a3:76:ac:
95:38:99:50:86:34:fa:e6:53:6d:eb:81:d3:04:30:97:85:af:
05:b5:82:78:82:45:b7:c5:78:43:30:df:04:09:a5:ed:b8:4a:
84:f5:8a:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMjn1b6FLmhtwyiJfPoyoJDp51cswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwNDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2MWQxMjRlZjRjY2U1YTg2NjFmMzdiMzc5NzNkYjg0MjY4ZDAzMTdhYmU3
Y2Q4OWMzMzc5ZWZlZWI1NmFiZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIoe0bKmchN1+U68fPhf/qmC7+pfjOH6IWB5WceouKeeLQzJUvP3EFJ+PlME
9ZfXvYgoL91PZJzp1/iIIjPX08VMliw/QwYi0DkIKnoqlQgS9tgFmRHy0s2yue/3
zt1bS8QwZ5mksc6ExnepI576cgHk2Z4lXDvvdmTsC8IUah3eSvVBwirEWR7BMAmJ
0D1AJdrIQ9TroqWmt2C/DrjpnBipsgWvVG9deaZyWyW4889T3xoE7tWWgAuIrb3v
30zvpEUNpAsCKo2gLFgj2PJBBrG/XiyjjLOq4dU1q/LFesyX7INeN4ulI7HKTU+w
iVG2N/8hASH0RJlhEEtRC0xeBMkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRNrJRq
kMbFugZEII9U97lOF71g4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjdkOWYtM2NjOS00YWM0LTlhZmItMzk5ZjY2YmVlNjBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAMX4z6txVG/Zek5vNG4k3WzDhwWSmHh+UPKnN
t9XpA8hWWEM2pJrT8doaHXoaUyZ1JlMTYhEdhzOE+qxUY3hmUO1i953LalH6C6V+
DbL8Csn7m+lFp8l+oCHxfPX4lviI+GTGC3O3YHJacW9PdMrJGVuvXECVRglwVJe3
t2RWsNEpfQz+JWepyhnptzSFA5v7nsiQpfpVBJGhQZp2OaziLjIt4J9c+HFZcLwo
Z1b1AF4aKO7WLskOBTfXx2Nvu4FlTmw4bTykAUJBYFCW1xzS0R92blPto3aslTiZ
UIY0+uZTbeuB0wQwl4WvBbWCeIJFt8V4QzDfBAml7bhKhPWKzg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:32 2025 by rpki-client