Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
File: 2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa (raw, json)
Hash identifier: I+cDxM/WOEDxnto/SUg/KjobikEwpwDcf2s1TmW+E9o=
Subject key identifier: C8:0C:9B:97:92:79:12:40:DD:66:6F:DA:12:93:75:94:E4:D5:6C:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02FBE2E5F333887042D6559AA3D347CEC39FB8DB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
Signing time: Tue 20 May 2025 19:21:08 +0000
ROA not before: Tue 20 May 2025 19:21:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:fb:e2:e5:f3:33:88:70:42:d6:55:9a:a3:d3:47:ce:c3:9f:b8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=de4b19cf322ef717fd60540c8fa520e08cd236017c78b722501c5987c63687ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b0:d1:a7:64:da:44:67:27:31:85:e0:3f:ad:
28:d5:f3:d2:91:f6:ba:aa:d9:f8:b2:30:b2:78:ac:
f4:9f:d7:d7:e9:eb:13:1c:47:87:e2:b8:36:0f:c4:
18:6b:6e:4e:1b:bd:e2:6a:90:2a:fa:74:90:39:15:
db:68:56:56:22:5d:3a:cd:7c:16:96:39:c6:71:5f:
9a:f9:89:ab:93:e0:5c:43:51:64:57:f3:8a:26:0f:
34:50:c8:8d:75:a0:13:18:dc:87:e1:f7:39:52:17:
62:c0:92:3f:7d:ed:d9:80:bb:6c:27:61:5f:47:67:
32:dd:60:4e:80:ce:c7:ca:c6:e4:b1:8b:68:cc:af:
c1:3b:be:a0:6b:88:78:0c:29:5e:01:bf:f5:b2:4a:
b6:74:52:79:90:c1:eb:33:e5:54:f1:80:98:29:c0:
6f:ee:b2:07:4f:f9:38:21:c1:70:5e:cd:d4:7c:85:
72:83:64:68:2e:2f:73:25:f3:f3:21:df:29:84:df:
d4:36:a4:1e:35:07:46:fe:32:9c:44:df:da:05:48:
6e:41:8b:13:59:bb:b7:43:f2:6f:c0:cc:83:1e:46:
51:6b:56:e2:bb:fd:6a:b7:3a:ed:41:60:b6:60:19:
cd:35:5a:78:db:60:69:47:72:5c:02:b3:3c:2a:48:
fd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:0C:9B:97:92:79:12:40:DD:66:6F:DA:12:93:75:94:E4:D5:6C:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9080::/46
Signature Algorithm: sha256WithRSAEncryption
21:1a:76:1b:f2:af:92:3e:ea:b3:a2:35:90:af:1c:e5:e1:9a:
c3:d1:1e:c4:a4:5d:72:ff:b9:4c:6f:56:b5:6b:05:4d:0c:1f:
bf:17:8c:89:3d:5f:75:94:54:c4:43:b1:fa:5c:ea:7e:9a:62:
2e:0f:4a:9d:40:c6:ce:38:70:04:5d:bc:a6:d3:b4:06:e4:55:
03:f4:d4:e0:ee:61:01:53:18:d3:a4:36:b4:bc:b0:fb:fd:75:
1b:3c:64:5d:61:9f:57:05:9e:ef:84:2a:26:76:98:36:6c:fd:
db:59:5e:2c:3d:fa:5d:07:f8:54:62:7c:a8:54:ae:ae:d4:b6:
d4:9d:84:1f:09:6d:f2:09:6d:11:30:d4:c7:c0:c6:f8:42:5e:
a5:8e:54:c5:42:6f:74:9b:8a:fb:4d:c3:35:b3:fa:ed:f1:0a:
3a:e7:4f:b4:2d:50:9b:5a:79:70:34:8f:ab:e2:ad:96:84:60:
6e:f4:c7:a7:3c:f5:ad:00:52:84:37:df:a1:c5:09:c9:2c:28:
ea:f4:99:65:da:eb:bb:ad:d1:53:98:b6:55:60:60:54:72:1b:
e8:d5:4e:b3:50:18:3a:5c:83:94:71:f0:61:3d:99:7b:1e:b5:
89:80:13:68:15:71:61:cf:09:03:71:87:49:77:c3:56:a2:26:
60:1a:d8:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAvvi5fMziHBC1lWao9NHzsOfuNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlNGIxOWNmMzIyZWY3MTdmZDYwNTQwYzhmYTUyMGUwOGNkMjM2MDE3Yzc4
YjcyMjUwMWM1OTg3YzYzNjg3ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6w0adk2kRnJzGF4D+tKNXz0pH2uqrZ+LIwsnis9J/X1+nrExxHh+K4Ng/E
GGtuThu94mqQKvp0kDkV22hWViJdOs18FpY5xnFfmvmJq5PgXENRZFfziiYPNFDI
jXWgExjch+H3OVIXYsCSP33t2YC7bCdhX0dnMt1gToDOx8rG5LGLaMyvwTu+oGuI
eAwpXgG/9bJKtnRSeZDB6zPlVPGAmCnAb+6yB0/5OCHBcF7N1HyFcoNkaC4vcyXz
8yHfKYTf1DakHjUHRv4ynETf2gVIbkGLE1m7t0Pyb8DMgx5GUWtW4rv9arc67UFg
tmAZzTVaeNtgaUdyXAKzPCpI/VcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTIDJuX
knkSQN1mb9oSk3WU5NVsjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjEzM2E5ZTEtOWYzYy00NjYyLWIzYzMtNWNlYTBjOTQwNmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAIRp2G/Kvkj7qs6I1kK8c5eGaw9EexKRdcv+5
TG9WtWsFTQwfvxeMiT1fdZRUxEOx+lzqfppiLg9KnUDGzjhwBF28ptO0BuRVA/TU
4O5hAVMY06Q2tLyw+/11GzxkXWGfVwWe74QqJnaYNmz921leLD36XQf4VGJ8qFSu
rtS21J2EHwlt8gltETDUx8DG+EJepY5UxUJvdJuK+03DNbP67fEKOudPtC1Qm1p5
cDSPq+KtloRgbvTHpzz1rQBShDffocUJySwo6vSZZdrru63RU5i2VWBgVHIb6NVO
s1AYOlyDlHHwYT2Zex61iYATaBVxYc8JA3GHSXfDVqImYBrYvQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:14 2025 by rpki-client