Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
File: 1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa (raw, json)
Hash identifier: /Bn9hCsQEXGExFg+/OkREX+BtvDjBaZL9p2WCSEDROw=
Subject key identifier: B9:F8:FD:9D:A2:1E:3F:AE:96:70:71:6C:B6:C5:97:BA:AE:AD:D5:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5117872B8370C3E419DE6DD008DBF6865AD7F6C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
Signing time: Tue 20 May 2025 19:01:30 +0000
ROA not before: Tue 20 May 2025 19:01:30 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:17:87:2b:83:70:c3:e4:19:de:6d:d0:08:db:f6:86:5a:d7:f6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:30 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=9283cafbebdfecd3c09cd7ec5250d2cb1c94ecd414a1d859aa800592ce45d1f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bf:24:8f:31:19:e8:f8:7f:21:85:42:8c:a6:
e3:60:f4:d3:b0:be:d7:54:f1:67:5f:d1:f7:fe:49:
ac:16:88:37:14:fe:be:0e:f6:2d:bb:9b:f9:6c:7f:
9e:14:a9:07:24:eb:cd:cb:99:ca:5e:e9:d5:30:93:
10:91:2c:95:02:d4:4c:22:16:e1:56:02:78:ec:3e:
3a:17:16:1b:53:be:49:2e:e4:ba:84:b3:31:cb:6e:
a8:bf:9a:58:64:58:4e:f7:ab:11:12:8a:72:e5:46:
62:56:b7:41:d7:19:f3:d1:d4:2f:02:28:9d:43:fc:
8a:fb:19:32:74:9c:47:ea:ad:6b:a1:e7:47:66:ca:
77:e6:fe:be:bc:3a:5a:9e:66:e6:1f:95:f7:24:9f:
5b:65:da:f3:25:b5:49:0e:94:96:76:c3:b9:db:23:
ed:05:fd:10:fa:f6:b1:d5:4b:1a:fc:f7:45:2e:70:
71:ca:ba:fa:0c:be:9e:82:a3:ee:c5:d2:5f:3f:b1:
9f:67:d5:52:7b:ac:dd:82:cb:51:c5:f4:ab:62:96:
25:27:3d:61:f9:7e:69:49:18:b1:97:9b:c3:41:cd:
ec:12:68:bf:68:51:13:00:bc:fe:1f:e4:7d:f6:55:
6a:16:a2:e9:ee:33:23:fa:e1:85:2b:ec:2c:fd:c3:
02:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F8:FD:9D:A2:1E:3F:AE:96:70:71:6C:B6:C5:97:BA:AE:AD:D5:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a040::/48
Signature Algorithm: sha256WithRSAEncryption
88:a5:3d:8d:ac:90:51:3d:80:48:48:80:02:ec:70:1c:c0:d6:
d0:ad:74:32:12:5b:cc:a7:7f:52:f9:11:9a:8d:74:52:2c:95:
00:ba:a4:0b:3a:f3:cb:6b:9b:7f:b3:d9:dd:34:dc:d7:a9:5a:
2a:8a:0c:52:25:b0:c6:99:0f:94:b0:52:5c:28:64:44:53:26:
ce:7b:b9:e6:3f:a8:26:71:51:65:b5:2d:92:0c:87:d2:16:78:
2d:ea:55:70:9e:5a:7d:09:63:34:91:02:7e:87:18:a5:2b:41:
bf:4d:40:77:05:b4:5c:6d:a8:9e:b4:12:d5:84:33:32:4e:6f:
d9:58:77:33:cf:8e:ef:cd:f1:e7:2a:c5:ad:fe:a1:42:0c:ea:
e8:8b:99:5a:ab:dd:87:d4:2c:21:1e:d0:9e:8d:ca:0b:54:c0:
06:79:35:89:8b:6c:70:7d:19:19:c0:e7:27:5f:c7:48:ea:59:
24:90:06:73:5a:b1:26:5c:73:e8:30:01:03:17:41:d7:0e:ce:
38:32:91:a9:49:7d:3d:32:89:32:f1:a2:25:2c:21:a7:b0:ff:
ae:58:73:63:a9:b7:3c:cc:80:c9:14:0f:75:04:61:94:87:e8:
c7:96:68:f1:97:b5:50:a4:a7:9c:a4:aa:51:df:b3:0e:1b:32:
c0:1f:78:c4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUReHK4Nww+QZ3m3QCNv2hlrX9sEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMzBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyODNjYWZiZWJkZmVjZDNjMDljZDdlYzUyNTBkMmNiMWM5NGVjZDQxNGEx
ZDg1OWFhODAwNTkyY2U0NWQxZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKO/JI8xGej4fyGFQoym42D007C+11TxZ1/R9/5JrBaINxT+vg72Lbub+Wx/
nhSpByTrzcuZyl7p1TCTEJEslQLUTCIW4VYCeOw+OhcWG1O+SS7kuoSzMctuqL+a
WGRYTverERKKcuVGYla3QdcZ89HULwIonUP8ivsZMnScR+qta6HnR2bKd+b+vrw6
Wp5m5h+V9ySfW2Xa8yW1SQ6UlnbDudsj7QX9EPr2sdVLGvz3RS5wccq6+gy+noKj
7sXSXz+xn2fVUnus3YLLUcX0q2KWJSc9Yfl+aUkYsZebw0HN7BJov2hREwC8/h/k
ffZVahai6e4zI/rhhSvsLP3DAmsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS5+P2d
oh4/rpZwcWy2xZe6rq3VITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM4MWFlODUtYTk3YS00MWM0LTk3ZjctMzMyN2NjZjBkYzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
QDANBgkqhkiG9w0BAQsFAAOCAQEAiKU9jayQUT2ASEiAAuxwHMDW0K10MhJbzKd/
UvkRmo10UiyVALqkCzrzy2ubf7PZ3TTc16laKooMUiWwxpkPlLBSXChkRFMmznu5
5j+oJnFRZbUtkgyH0hZ4LepVcJ5afQljNJECfocYpStBv01AdwW0XG2onrQS1YQz
Mk5v2Vh3M8+O783x5yrFrf6hQgzq6IuZWqvdh9QsIR7Qno3KC1TABnk1iYtscH0Z
GcDnJ1/HSOpZJJAGc1qxJlxz6DABAxdB1w7OODKRqUl9PTKJMvGiJSwhp7D/rlhz
Y6m3PMyAyRQPdQRhlIfox5Zo8Ze1UKSnnKSqUd+zDhsywB94xA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:49 2025 by rpki-client