Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
File: 248ea861-facc-4167-976d-1e65c556b074.roa (raw, json)
Hash identifier: 6UpuiuE09dXx/jmGl/LKSEVCIJJaqLtrFfuurUwgvLw=
Subject key identifier: 20:85:B5:46:0A:6B:85:36:1E:41:AC:85:AC:7D:30:9C:83:9A:43:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16E4F7B0B6113B8A6FB7149A31A7F5EA0F5E3B22
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
Signing time: Tue 20 May 2025 20:10:08 +0000
ROA not before: Tue 20 May 2025 20:10:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:e4:f7:b0:b6:11:3b:8a:6f:b7:14:9a:31:a7:f5:ea:0f:5e:3b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2222b2e0322184008aebb7ffc36e79968aaa7e15de4c51a70276157f361285c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:25:a0:66:98:ed:43:7f:24:3c:05:e7:f6:be:
89:65:76:f2:23:f5:78:89:c1:fe:56:76:94:39:1b:
9e:d5:7d:30:f8:81:f6:43:9b:0c:b3:ea:3f:fd:a2:
c2:35:32:b8:81:9b:64:1d:5d:37:58:ce:9e:da:e0:
60:c7:8a:69:f3:a4:d6:b7:aa:64:4a:56:e0:9e:67:
27:1e:aa:6b:52:40:81:15:6c:c2:2e:30:ef:1f:eb:
59:67:0f:8d:f6:cf:d7:ff:49:88:e7:c2:e4:73:67:
e7:d2:ee:bd:51:af:46:7c:6a:0c:d1:c7:f5:e9:78:
c8:84:e5:35:aa:bf:74:86:63:13:9b:b2:7d:b6:d7:
23:76:58:e6:cd:ad:2d:0f:a2:fd:c1:db:d7:92:35:
65:c9:d5:2b:f8:fd:fa:90:59:ed:e5:57:b4:fb:b7:
88:57:b7:8a:f5:6b:07:0f:0b:72:84:1c:3d:19:0d:
f3:05:95:3e:5a:e1:a1:b6:a4:85:11:fe:23:f7:7f:
fc:38:20:a6:be:0c:2e:e1:32:75:a4:8c:95:26:e6:
21:6e:df:5a:d6:be:2d:b5:a0:33:e6:b8:0c:58:48:
1a:66:c9:35:ff:d8:a0:88:35:1e:74:d4:59:f8:ae:
3c:8d:a9:0e:e5:20:31:16:81:e1:3d:1a:19:d6:97:
4b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:85:B5:46:0A:6B:85:36:1E:41:AC:85:AC:7D:30:9C:83:9A:43:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:1000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:fb:26:4d:5f:db:be:bf:8f:8c:12:6e:2b:4b:0f:df:cc:25:
b6:6a:07:49:84:b7:2c:8f:33:8f:ab:ba:a9:f7:e8:b9:99:cd:
e0:68:94:08:0c:31:b8:4f:9d:08:e4:62:a1:c0:30:35:e0:5d:
0e:c1:16:55:82:84:78:3f:6e:24:fb:ab:02:9e:bb:30:d2:b1:
49:81:fd:48:ae:67:d2:8e:e6:ef:53:c0:88:9c:7e:ec:7b:e2:
26:32:25:df:4b:b7:2f:6d:34:3a:c5:71:c0:7f:d9:65:88:22:
ac:06:c7:e1:75:48:a3:1a:ea:05:6f:e2:cf:d4:2b:ea:f7:4f:
02:ee:4b:ac:e2:77:37:11:b8:fd:2d:cd:35:b5:5b:66:f4:9f:
8c:5c:82:f4:9a:05:75:bc:60:d7:ab:38:d7:d2:bd:87:dc:20:
10:cb:e4:09:22:26:f1:62:f3:9e:42:72:c6:0e:9c:5f:64:7c:
df:37:02:c0:2c:42:95:fd:28:39:cf:39:68:ac:66:c7:cf:f9:
ab:9e:9a:94:16:58:56:52:26:d2:7b:9d:e8:2f:ba:ae:da:86:
5a:9b:2c:11:6b:02:85:e4:40:18:cb:ae:60:6b:52:d5:28:18:
e0:b2:aa:34:6b:0d:36:5d:dc:5b:f6:a4:4b:b6:41:2f:50:1b:
58:ab:c5:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFuT3sLYRO4pvtxSaMaf16g9eOyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyMjJiMmUwMzIyMTg0MDA4YWViYjdmZmMzNmU3OTk2OGFhYTdlMTVkZTRj
NTFhNzAyNzYxNTdmMzYxMjg1YzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAloGaY7UN/JDwF5/a+iWV28iP1eInB/lZ2lDkbntV9MPiB9kObDLPqP/2i
wjUyuIGbZB1dN1jOntrgYMeKafOk1reqZEpW4J5nJx6qa1JAgRVswi4w7x/rWWcP
jfbP1/9JiOfC5HNn59LuvVGvRnxqDNHH9el4yITlNaq/dIZjE5uyfbbXI3ZY5s2t
LQ+i/cHb15I1ZcnVK/j9+pBZ7eVXtPu3iFe3ivVrBw8LcoQcPRkN8wWVPlrhobak
hRH+I/d//Dggpr4MLuEydaSMlSbmIW7fWta+LbWgM+a4DFhIGmbJNf/YoIg1HnTU
WfiuPI2pDuUgMRaB4T0aGdaXS5ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQghbVG
CmuFNh5BrIWsfTCcg5pDIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ4ZWE4NjEtZmFjYy00MTY3LTk3NmQtMWU2NWM1NTZiMDc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBe+yZNX9u+v4+MEm4rSw/fzCW2agdJhLcsjzOP
q7qp9+i5mc3gaJQIDDG4T50I5GKhwDA14F0OwRZVgoR4P24k+6sCnrsw0rFJgf1I
rmfSjubvU8CInH7se+ImMiXfS7cvbTQ6xXHAf9lliCKsBsfhdUijGuoFb+LP1Cvq
908C7kus4nc3Ebj9Lc01tVtm9J+MXIL0mgV1vGDXqzjX0r2H3CAQy+QJIibxYvOe
QnLGDpxfZHzfNwLALEKV/Sg5zzlorGbHz/mrnpqUFlhWUibSe53oL7qu2oZamywR
awKF5EAYy65ga1LVKBjgsqo0aw02Xdxb9qRLtkEvUBtYq8Vr
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:12 2025 by rpki-client