Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
File: 21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa (raw, json)
Hash identifier: qxL5JND3i4oaoUXOU+Ajwgt9Vk+YehxiB/kNFKHyAyw=
Subject key identifier: 44:80:99:C7:8F:7B:34:6D:B8:0D:F5:A6:CD:8F:43:4F:8F:10:BE:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68EEF2711D53F9EDE9F320FAD42E81153B73E554
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
Signing time: Tue 20 May 2025 20:11:05 +0000
ROA not before: Tue 20 May 2025 20:11:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:ee:f2:71:1d:53:f9:ed:e9:f3:20:fa:d4:2e:81:15:3b:73:e5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=318d69f2000b24b2f59c3533ecc5a266bcdd07109b57e91ef5f5249b93f5dc8e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:81:89:e5:8e:6b:cf:58:11:6f:c2:11:54:89:
c9:cd:86:f6:32:1e:e5:09:f8:26:c6:c6:fb:1f:00:
37:a3:ee:cb:78:7a:18:a9:b5:ea:c0:57:29:b5:29:
08:03:5f:ee:c7:c7:ed:ae:64:3d:a5:e5:b7:eb:e9:
fc:ed:59:d3:66:1f:3c:29:2d:1e:6a:b2:c3:50:7f:
b2:6f:c7:b7:03:06:3b:be:55:da:cf:6a:81:cb:75:
ef:e0:77:89:2b:c9:c4:b1:15:74:85:5e:b0:40:78:
98:be:7c:0c:60:d4:7b:98:87:3f:e7:02:d4:ba:4e:
e6:e4:26:1b:3a:97:5d:2f:6f:9c:fc:b8:cb:97:00:
08:cf:b6:61:3d:2d:8c:f8:62:0e:15:64:67:4f:30:
49:82:db:a3:18:b1:6f:9b:dc:71:f5:ae:10:79:f9:
f3:5a:d8:ad:35:8d:e7:6f:4c:dd:91:7e:36:78:de:
41:82:0d:01:11:ef:4b:14:e2:cc:ec:f8:52:e0:98:
35:3e:f0:0b:c4:34:07:7c:df:c0:bb:29:8e:1e:f0:
c9:63:e3:cb:43:2d:19:e4:93:e8:15:c4:74:d5:5c:
0f:ca:88:d5:c2:3d:33:d4:3e:03:39:f2:3e:0a:02:
9e:e1:fd:6b:3c:1d:2c:88:dc:25:cd:c2:5a:39:4a:
ae:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:80:99:C7:8F:7B:34:6D:B8:0D:F5:A6:CD:8F:43:4F:8F:10:BE:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:4000::/40
Signature Algorithm: sha256WithRSAEncryption
43:8c:32:05:fb:31:71:72:8b:65:7a:4f:63:38:01:e6:0d:b3:
f2:e3:c5:60:18:f1:7f:52:45:25:b6:29:4e:1e:41:4c:40:43:
77:e5:12:5f:89:7d:25:b7:e3:6d:66:aa:0e:0f:4c:c5:df:93:
6a:f5:25:e7:2e:82:ae:51:51:0a:8e:81:fe:b0:b1:f6:54:59:
48:8e:0c:a7:96:4d:ac:1b:f9:2e:ad:0c:72:16:62:1d:51:3d:
b0:9f:d3:66:99:69:af:65:a7:90:f0:22:c2:cf:93:34:70:ed:
24:bc:e6:ee:44:d5:fe:59:d5:bd:ba:93:69:79:56:37:90:83:
5f:31:e5:2f:ee:68:b9:8a:8a:24:e7:ec:a0:c0:7e:75:74:4d:
09:15:5f:07:f6:cd:fb:93:9a:27:55:cb:2c:31:86:e8:57:c3:
52:7e:7a:13:e2:91:9f:c0:88:d0:e5:51:c1:d1:97:14:a4:b6:
e4:92:48:1f:ee:c5:a4:d6:5b:a2:cf:2f:a7:e6:8a:45:db:87:
11:dc:9a:09:b2:ae:da:a7:00:db:3e:f8:82:5e:ba:04:70:ee:
2f:ca:a5:0b:d7:66:0e:93:10:5a:33:fc:0c:ab:0d:10:f7:a9:
5e:a6:92:8a:50:8d:2a:73:ec:2b:be:77:63:36:15:d9:d8:84:
9c:9b:c0:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaO7ycR1T+e3p8yD61C6BFTtz5VQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxOGQ2OWYyMDAwYjI0YjJmNTljMzUzM2VjYzVhMjY2YmNkZDA3MTA5YjU3
ZTkxZWY1ZjUyNDliOTNmNWRjOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaBieWOa89YEW/CEVSJyc2G9jIe5Qn4JsbG+x8AN6Puy3h6GKm16sBXKbUp
CANf7sfH7a5kPaXlt+vp/O1Z02YfPCktHmqyw1B/sm/HtwMGO75V2s9qgct17+B3
iSvJxLEVdIVesEB4mL58DGDUe5iHP+cC1LpO5uQmGzqXXS9vnPy4y5cACM+2YT0t
jPhiDhVkZ08wSYLboxixb5vccfWuEHn581rYrTWN529M3ZF+NnjeQYINARHvSxTi
zOz4UuCYNT7wC8Q0B3zfwLspjh7wyWPjy0MtGeST6BXEdNVcD8qI1cI9M9Q+Azny
PgoCnuH9azwdLIjcJc3CWjlKrq0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREgJnH
j3s0bbgN9abNj0NPjxC+yzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjFlMmY1YzgtZTAxMi00NGQwLWE2ZjItYzRhMDY1YjNiOTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRA
MA0GCSqGSIb3DQEBCwUAA4IBAQBDjDIF+zFxcotlek9jOAHmDbPy48VgGPF/UkUl
tilOHkFMQEN35RJfiX0lt+NtZqoOD0zF35Nq9SXnLoKuUVEKjoH+sLH2VFlIjgyn
lk2sG/kurQxyFmIdUT2wn9NmmWmvZaeQ8CLCz5M0cO0kvObuRNX+WdW9upNpeVY3
kINfMeUv7mi5iook5+ygwH51dE0JFV8H9s37k5onVcssMYboV8NSfnoT4pGfwIjQ
5VHB0ZcUpLbkkkgf7sWk1luizy+n5opF24cR3JoJsq7apwDbPviCXroEcO4vyqUL
12YOkxBaM/wMqw0Q96leppKKUI0qc+wrvndjNhXZ2IScm8Ax
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:24 2025 by rpki-client