Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
File: 1fb46240-1c3f-4b2f-9927-3470c9898890.roa (raw, json)
Hash identifier: AHNDAsBxo4ZZkeOI/8U2FK9rnykOgxu2NNwgK1usxto=
Subject key identifier: 35:2D:E6:3C:A1:A0:33:E8:3E:87:77:07:BF:B9:10:0B:1C:41:C8:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CEB591DC1FBB07A7B561902A8C236A18F7D2B9F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
Signing time: Tue 20 May 2025 19:01:05 +0000
ROA not before: Tue 20 May 2025 19:01:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:eb:59:1d:c1:fb:b0:7a:7b:56:19:02:a8:c2:36:a1:8f:7d:2b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=78ff270a8d1be80acb655aa597a924f0080fd061e0c7ea2ca9f9c25ab09e218a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a4:53:c6:39:d7:d3:c5:50:3f:ec:8b:47:95:
ab:6c:16:be:f7:5d:90:43:6a:e4:b3:b4:bd:af:d4:
90:ac:0a:7c:c1:58:a8:c1:91:7d:7f:96:2d:52:ae:
52:42:3a:b6:98:11:ed:c5:8b:94:68:e8:e1:d0:c8:
43:8c:cd:4b:26:ec:e2:bd:a2:1f:2b:ae:f7:5b:31:
8d:3c:98:34:54:f8:49:23:2d:54:0d:c4:db:fa:2b:
8e:d2:af:7a:f8:5e:34:3a:2e:ed:a1:42:87:bc:2a:
6a:87:5f:c0:6c:a0:68:4e:97:6e:07:85:07:34:f5:
89:dd:ab:93:60:2b:85:1d:0c:8e:2d:ef:a6:a4:0e:
c0:8a:0e:6e:e7:27:3b:a7:69:86:2d:7a:85:39:10:
9a:8c:2c:2a:bb:48:68:26:ca:68:e7:b3:e3:eb:24:
61:3f:a4:4b:bb:02:61:8b:37:84:6f:f3:4f:30:27:
04:23:e9:b1:0b:63:1d:70:66:34:da:57:56:03:8b:
f4:9d:70:8e:08:b6:3d:c3:63:1e:8a:8e:49:7f:ea:
57:ed:92:01:fe:6a:48:d4:77:38:66:f6:ba:4a:4f:
e5:89:a9:6f:8f:3d:11:d5:6d:fe:12:83:62:99:f7:
3f:c3:f0:2d:23:c7:63:4d:42:8c:98:0d:37:26:d5:
8b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2D:E6:3C:A1:A0:33:E8:3E:87:77:07:BF:B9:10:0B:1C:41:C8:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
a1:ae:ec:95:75:0e:34:b3:42:fc:7f:c3:4a:44:5d:0b:0a:1c:
14:1d:2b:70:53:a4:64:25:fd:ae:2e:5a:8b:da:96:b3:7e:d5:
00:33:ea:ad:3d:14:3d:80:ac:c6:08:9b:7f:1e:e2:99:f6:45:
c0:d5:1b:2c:03:60:8b:78:11:05:9c:f2:6d:26:9b:90:32:f9:
0d:5b:48:99:0d:51:10:7b:0a:d4:e8:52:99:06:1d:1a:36:06:
e5:21:c7:dd:ee:26:bc:57:4a:a0:e1:02:78:a8:81:c6:ca:08:
25:a2:f4:b9:c8:4a:4d:8b:ae:44:38:cc:cb:c6:79:74:e7:19:
57:ca:cc:d3:f3:d7:08:df:7a:a3:ca:5f:5c:e7:20:68:87:1b:
9a:16:7f:7f:fc:29:db:27:95:3e:a7:1c:b3:49:ac:1c:75:ee:
ac:21:3f:75:87:5b:e9:4c:47:57:8c:f9:ff:aa:b7:9b:00:65:
b8:8e:1a:85:34:d3:7a:a4:31:59:a9:93:35:52:82:ab:a0:db:
11:83:d8:a1:2f:06:c6:d8:80:8b:c3:64:83:74:c1:c3:76:52:
1d:6e:f2:76:e8:c7:fe:a0:6d:49:be:16:75:44:f2:d7:5a:43:
94:ba:30:85:a4:e2:90:d5:1d:fd:bf:13:02:76:29:f0:0a:b5:
6f:be:01:4d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPOtZHcH7sHp7VhkCqMI2oY99K58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4ZmYyNzBhOGQxYmU4MGFjYjY1NWFhNTk3YTkyNGYwMDgwZmQwNjFlMGM3
ZWEyY2E5ZjljMjVhYjA5ZTIxOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmkU8Y519PFUD/si0eVq2wWvvddkENq5LO0va/UkKwKfMFYqMGRfX+WLVKu
UkI6tpgR7cWLlGjo4dDIQ4zNSybs4r2iHyuu91sxjTyYNFT4SSMtVA3E2/orjtKv
evheNDou7aFCh7wqaodfwGygaE6XbgeFBzT1id2rk2ArhR0Mji3vpqQOwIoObucn
O6dphi16hTkQmowsKrtIaCbKaOez4+skYT+kS7sCYYs3hG/zTzAnBCPpsQtjHXBm
NNpXVgOL9J1wjgi2PcNjHoqOSX/qV+2SAf5qSNR3OGb2ukpP5Ympb489EdVt/hKD
Ypn3P8PwLSPHY01CjJgNNybVixsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ1LeY8
oaAz6D6Hdwe/uRALHEHIlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWZiNDYyNDAtMWMzZi00YjJmLTk5MjctMzQ3MGM5ODk4ODkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
oDANBgkqhkiG9w0BAQsFAAOCAQEAoa7slXUONLNC/H/DSkRdCwocFB0rcFOkZCX9
ri5ai9qWs37VADPqrT0UPYCsxgibfx7imfZFwNUbLANgi3gRBZzybSabkDL5DVtI
mQ1REHsK1OhSmQYdGjYG5SHH3e4mvFdKoOECeKiBxsoIJaL0uchKTYuuRDjMy8Z5
dOcZV8rM0/PXCN96o8pfXOcgaIcbmhZ/f/wp2yeVPqccs0msHHXurCE/dYdb6UxH
V4z5/6q3mwBluI4ahTTTeqQxWamTNVKCq6DbEYPYoS8GxtiAi8Nkg3TBw3ZSHW7y
dujH/qBtSb4WdUTy11pDlLowhaTikNUd/b8TAnYp8Aq1b74BTQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:15 2025 by rpki-client