Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
File: 1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa (raw, json)
Hash identifier: 0chZRjmmpJIWErwf0CgPK7Ee/XHu2i5meNvnuu+hiPc=
Subject key identifier: E8:99:0C:84:AB:D8:97:C3:8D:FC:DA:5D:83:BD:7E:7F:34:56:9A:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 346972467FDAB26912DD0CEC15CA3A7BB2E196FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
Signing time: Tue 20 May 2025 19:10:11 +0000
ROA not before: Tue 20 May 2025 19:10:11 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:69:72:46:7f:da:b2:69:12:dd:0c:ec:15:ca:3a:7b:b2:e1:96:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:11 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5f2f00117978ffb9a8c9c665a5a5f92cc140cf383ecc4842ec93527264947bd8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:0b:3f:72:03:a9:eb:97:20:d6:ad:be:ba:
28:08:e3:c3:92:0e:70:40:ba:bd:1b:6e:8f:87:2c:
67:cd:5f:f9:b8:d3:f7:1c:a6:af:4b:ae:e0:54:05:
3c:e5:be:4c:14:f4:23:af:8a:08:1b:2c:9d:39:f5:
b0:dc:bc:76:08:d3:76:a6:26:c3:7b:d9:0f:fb:56:
ab:0f:5f:2a:f6:55:97:8b:81:38:b3:3c:dc:cd:ff:
b0:5b:43:8a:2e:f0:f6:0b:64:9f:4b:a0:66:cd:6b:
bd:6b:d0:a9:ba:38:78:37:17:69:64:57:61:ee:ec:
ec:9a:d0:c6:ac:42:cc:23:fb:50:60:75:67:0d:57:
28:78:71:8e:25:51:7d:64:b0:11:35:45:58:34:f9:
f2:2f:cd:64:90:a1:36:13:88:ba:5a:51:60:50:71:
34:fa:3e:e4:59:23:16:c1:44:76:89:66:83:d5:ab:
12:eb:05:46:9c:72:bd:19:48:fc:36:f6:bb:4e:9b:
f8:e4:c8:6b:a5:cd:48:b7:bc:36:43:88:5d:c6:f3:
04:03:6f:7b:ef:06:a1:0e:5a:19:8a:77:e3:13:ee:
a3:25:6c:75:d8:e5:13:b1:67:8e:d5:47:3c:14:26:
78:4f:50:27:c3:58:d5:82:48:49:40:3d:da:8e:54:
55:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:99:0C:84:AB:D8:97:C3:8D:FC:DA:5D:83:BD:7E:7F:34:56:9A:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8080::/48
Signature Algorithm: sha256WithRSAEncryption
c1:50:e8:e5:1a:28:bc:b3:a0:ed:e6:7a:a9:2a:7b:41:cd:36:
eb:78:d7:3f:2e:24:bd:36:4c:8d:12:d8:67:5c:b2:ec:81:63:
71:c2:91:7c:25:67:2e:e2:ff:0d:f8:6d:37:1d:eb:c6:bb:8a:
72:3c:73:dd:fc:3c:07:9e:9e:1e:3e:a7:a8:54:ed:cd:1c:71:
2d:48:c0:0c:03:f4:60:51:ed:40:a2:db:19:ce:e7:b8:aa:1c:
98:41:e9:f4:22:c0:d5:5c:1e:17:95:2c:54:1e:f5:c8:e3:79:
f1:b9:7d:be:f4:a0:bc:ba:11:11:b7:12:ee:da:71:f9:46:d4:
96:cf:0f:d2:2c:94:cd:d3:78:e7:d2:c9:d1:03:1a:8b:46:8e:
e9:fd:f6:43:16:a7:48:6e:dd:1d:b5:46:d6:36:51:8e:6e:47:
04:ba:87:be:72:2f:f4:69:2b:47:55:0a:98:c9:f8:1f:3d:20:
24:0e:a3:8d:c2:08:3c:c6:76:ad:66:c4:a2:3d:1d:74:2c:88:
9e:d7:ec:9a:06:80:b9:66:18:59:58:93:6e:de:6b:e5:78:a5:
74:50:ab:94:93:0b:aa:95:8a:f3:2f:56:e6:55:44:5d:a1:6a:
35:1e:53:08:c3:74:fc:0b:1b:b1:fd:92:46:17:8d:98:49:e0:
1b:a0:db:7d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNGlyRn/asmkS3QzsFco6e7LhlvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMTFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmMmYwMDExNzk3OGZmYjlhOGM5YzY2NWE1YTVmOTJjYzE0MGNmMzgzZWNj
NDg0MmVjOTM1MjcyNjQ5NDdiZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXLCz9yA6nrlyDWrb66KAjjw5IOcEC6vRtuj4csZ81f+bjT9xymr0uu4FQF
POW+TBT0I6+KCBssnTn1sNy8dgjTdqYmw3vZD/tWqw9fKvZVl4uBOLM83M3/sFtD
ii7w9gtkn0ugZs1rvWvQqbo4eDcXaWRXYe7s7JrQxqxCzCP7UGB1Zw1XKHhxjiVR
fWSwETVFWDT58i/NZJChNhOIulpRYFBxNPo+5FkjFsFEdolmg9WrEusFRpxyvRlI
/Db2u06b+OTIa6XNSLe8NkOIXcbzBANve+8GoQ5aGYp34xPuoyVsddjlE7FnjtVH
PBQmeE9QJ8NY1YJISUA92o5UVe0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTomQyE
q9iXw4382l2DvX5/NFaafTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4ZDllMTQtY2ZhOS00NDAwLWFmYTgtYjhjMGQ5ZWVlNGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
gDANBgkqhkiG9w0BAQsFAAOCAQEAwVDo5RoovLOg7eZ6qSp7Qc0263jXPy4kvTZM
jRLYZ1yy7IFjccKRfCVnLuL/DfhtNx3rxruKcjxz3fw8B56eHj6nqFTtzRxxLUjA
DAP0YFHtQKLbGc7nuKocmEHp9CLA1VweF5UsVB71yON58bl9vvSgvLoREbcS7tpx
+UbUls8P0iyUzdN459LJ0QMai0aO6f32QxanSG7dHbVG1jZRjm5HBLqHvnIv9Gkr
R1UKmMn4Hz0gJA6jjcIIPMZ2rWbEoj0ddCyIntfsmgaAuWYYWViTbt5r5XildFCr
lJMLqpWK8y9W5lVEXaFqNR5TCMN0/Asbsf2SRheNmEngG6DbfQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:30 2025 by rpki-client