Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
File: 28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa (raw, json)
Hash identifier: jel7jsTdyIDPqNcpnTV5ULDddkpDdHTipVwqDAkRWPw=
Subject key identifier: 92:F3:0C:9D:4E:2F:A6:09:BB:0B:FE:C3:7D:AA:04:FD:2D:E8:95:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28B39BFC3F9656BA08DF6636875F448D2C349B1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
Signing time: Tue 20 May 2025 19:11:08 +0000
ROA not before: Tue 20 May 2025 19:11:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:b3:9b:fc:3f:96:56:ba:08:df:66:36:87:5f:44:8d:2c:34:9b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1e69fd7a4ef08a4ac307171ab576dbdd69babbdbbf64a3363c58a3298927962a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f6:5d:8d:99:8f:72:95:d4:17:bf:32:d4:fb:
82:3b:41:d3:99:f9:a5:6a:9c:01:3e:a4:52:f2:83:
2b:1d:a9:f2:99:57:54:4e:99:3a:7a:1e:a9:0e:41:
7f:ae:ef:2c:82:8b:2b:45:13:95:63:4c:b6:4b:0d:
47:03:36:ad:90:65:78:61:c0:14:e1:87:7c:78:1e:
37:0a:33:63:78:bd:cd:de:2f:fa:3a:41:e3:bb:38:
47:6a:7e:ea:da:c3:84:3d:fd:ed:6a:7e:02:91:42:
2c:15:77:b5:7e:b9:7a:38:55:8e:1f:41:05:42:19:
47:4f:4a:b7:f1:71:42:f9:93:66:81:2c:f1:7a:03:
a7:63:d1:16:6b:df:a6:c4:bc:b4:c7:12:54:f9:82:
80:97:bd:1e:2b:54:7e:dd:dd:4d:cf:98:fd:32:11:
d1:2c:79:f6:f4:40:2f:d5:23:c0:ad:70:d1:14:22:
5b:03:1d:ec:26:30:98:52:27:fb:ec:13:89:d3:d6:
c3:e8:b6:5a:0c:c1:94:7a:a5:af:e7:35:79:57:f8:
56:40:e6:b9:00:b8:a6:09:de:d7:84:6f:cb:a1:f7:
30:39:70:3b:6c:eb:14:e9:ab:d5:aa:c9:01:0c:20:
3a:ee:0c:e1:4d:87:b2:23:ce:6a:66:47:c9:d9:a9:
3c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F3:0C:9D:4E:2F:A6:09:BB:0B:FE:C3:7D:AA:04:FD:2D:E8:95:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
09:b4:5b:5e:0b:54:a1:fb:14:2e:8a:45:41:64:3c:74:c2:a7:
4e:59:ad:95:fb:4d:2a:4e:0a:67:29:55:5f:ac:66:e7:18:9c:
2c:db:dc:53:02:5d:41:01:bf:d5:74:74:2f:92:83:09:84:dd:
7b:df:f2:a4:ca:10:a8:43:e8:01:8f:f2:c3:32:fd:f7:76:0b:
a8:ba:da:d1:4d:48:30:6b:c9:f9:a8:b4:1a:29:48:38:26:83:
40:3a:2a:ca:6e:90:72:75:83:dc:25:f9:6f:22:17:32:d0:85:
fe:a8:e2:4c:6f:15:9d:27:a8:ae:3e:0d:fe:f9:51:ff:6f:c4:
2d:d8:7b:43:d2:39:34:a1:b6:a3:66:f4:df:bb:03:c5:2c:1b:
43:ec:e9:1a:55:07:99:c2:b0:a1:5f:c4:a5:c8:72:4a:4a:bd:
a9:81:a9:87:db:91:76:20:90:ae:79:ec:fb:d9:20:6d:a9:8f:
95:fd:2a:6c:7e:9c:c2:39:2b:70:8a:d5:3a:a4:db:f0:d8:34:
11:83:3e:76:a3:8a:7c:9a:aa:20:84:33:7b:86:7d:62:41:bf:
83:4d:25:c6:38:7d:41:c0:2b:ac:b1:cf:cf:cd:d5:0c:6c:fc:
c6:4b:51:82:bf:be:e1:87:03:87:ef:0f:3f:8c:54:c3:40:48:
72:d7:0d:fa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKLOb/D+WVroI32Y2h19EjSw0mx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlNjlmZDdhNGVmMDhhNGFjMzA3MTcxYWI1NzZkYmRkNjliYWJiZGJiZjY0
YTMzNjNjNThhMzI5ODkyNzk2MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAID2XY2Zj3KV1Be/MtT7gjtB05n5pWqcAT6kUvKDKx2p8plXVE6ZOnoeqQ5B
f67vLIKLK0UTlWNMtksNRwM2rZBleGHAFOGHfHgeNwozY3i9zd4v+jpB47s4R2p+
6trDhD397Wp+ApFCLBV3tX65ejhVjh9BBUIZR09Kt/FxQvmTZoEs8XoDp2PRFmvf
psS8tMcSVPmCgJe9HitUft3dTc+Y/TIR0Sx59vRAL9UjwK1w0RQiWwMd7CYwmFIn
++wTidPWw+i2WgzBlHqlr+c1eVf4VkDmuQC4pgne14Rvy6H3MDlwO2zrFOmr1arJ
AQwgOu4M4U2HsiPOamZHydmpPGkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSS8wyd
Ti+mCbsL/sN9qgT9LeiV7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjhmYzQzYWQtMGMzYi00ZDc3LWFhMzItNWVmYzQzMWU2OWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
4DANBgkqhkiG9w0BAQsFAAOCAQEACbRbXgtUofsULopFQWQ8dMKnTlmtlftNKk4K
ZylVX6xm5xicLNvcUwJdQQG/1XR0L5KDCYTde9/ypMoQqEPoAY/ywzL993YLqLra
0U1IMGvJ+ai0GilIOCaDQDoqym6QcnWD3CX5byIXMtCF/qjiTG8VnSeorj4N/vlR
/2/ELdh7Q9I5NKG2o2b037sDxSwbQ+zpGlUHmcKwoV/EpchySkq9qYGph9uRdiCQ
rnns+9kgbamPlf0qbH6cwjkrcIrVOqTb8Ng0EYM+dqOKfJqqIIQze4Z9YkG/g00l
xjh9QcArrLHPz83VDGz8xktRgr++4YcDh+8PP4xUw0BIctcN+g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:22 2025 by rpki-client