Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
File: 2d9f3120-fab9-43aa-973f-4142925b1416.roa (raw, json)
Hash identifier: 6F/ihD1wllZaXEmDwTSa/U7aUVj7TEX6J1Np/wsOZcI=
Subject key identifier: 79:3C:20:A7:08:57:E1:06:84:A1:4A:26:2E:35:84:84:4A:DF:05:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E8373551274F640966D63D993BA9D1270126DBB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
Signing time: Tue 20 May 2025 19:11:14 +0000
ROA not before: Tue 20 May 2025 19:11:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:83:73:55:12:74:f6:40:96:6d:63:d9:93:ba:9d:12:70:12:6d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=693c009e35cc0c041300062064075ee0eaa2745b88696fa3c37c0bfb58dfc03d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:83:fc:67:1a:3f:20:5b:e9:2b:08:9c:21:97:
d8:18:a5:83:79:0b:d6:b0:8e:12:04:b2:45:1b:c6:
e4:49:2c:bc:44:c7:0f:22:01:f8:9e:df:47:0c:9e:
75:27:40:1a:df:5c:fe:57:35:e1:be:20:bc:1d:ed:
77:8b:c3:45:12:be:d5:11:a2:ec:23:67:d4:20:d0:
ea:60:55:a1:51:ce:5e:70:ce:96:18:94:cf:83:84:
66:e7:4c:71:25:f4:d4:ec:7b:63:df:01:ab:dc:7a:
bc:5c:7b:46:3f:80:f8:d0:fe:99:75:c4:cc:f4:6d:
d4:df:2d:8b:3d:14:76:56:29:cd:43:f6:21:ee:75:
6b:f3:f1:71:0e:79:e4:57:6b:12:22:24:bf:5e:14:
b0:66:c9:c9:c5:6e:d0:a5:c6:63:52:73:e2:c8:57:
90:1f:3d:fa:e1:db:7f:0f:df:93:4a:49:fe:b0:71:
6d:22:e4:c4:78:88:97:58:cc:10:d4:54:a1:20:d3:
db:7e:2c:14:31:bf:f5:05:96:06:02:72:8f:2b:b6:
71:8f:1b:fa:2c:fc:06:27:9b:15:75:43:e6:f8:8d:
ec:43:7d:59:d9:46:cf:d4:98:94:12:7f:24:28:de:
3b:50:9e:f6:24:d2:13:37:3d:b9:99:ad:56:32:33:
4a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:3C:20:A7:08:57:E1:06:84:A1:4A:26:2E:35:84:84:4A:DF:05:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
0a:91:45:5a:07:d6:9e:dd:38:04:14:3b:08:5b:16:83:b6:53:
f9:df:1b:33:88:4d:a1:f8:54:0a:83:27:4a:e7:c9:7f:92:6a:
53:96:75:8d:8f:65:fd:fc:ef:62:dd:39:58:98:3c:b9:89:f2:
9e:07:5f:61:ba:29:8d:6c:73:f0:44:c2:df:e9:57:56:30:23:
69:88:ad:2a:30:28:ba:7c:58:80:1d:b0:01:22:56:f2:90:37:
ef:2c:b6:09:e0:00:f5:64:f0:9e:31:80:17:e6:05:17:cc:4f:
44:49:9c:1a:cc:13:65:81:db:d4:4d:9d:e2:d9:5c:f2:f6:b4:
e7:3e:7f:91:b6:95:19:71:93:02:76:4c:e0:6e:e4:cf:cf:36:
e9:35:f3:fc:61:92:94:53:36:9e:82:26:1c:3a:ca:1a:05:96:
96:94:60:e8:5b:00:8b:20:bf:ed:52:5b:f5:c5:49:90:3c:43:
4e:a8:51:53:23:e9:9b:c7:d8:5d:aa:2c:59:e1:25:48:9a:72:
0f:7c:2f:fb:9c:5c:60:ec:3e:b7:58:12:48:78:46:70:58:6d:
7b:71:6a:85:6f:97:2d:2c:f9:71:2d:66:e9:88:07:9d:6d:a2:
5a:6c:02:a2:d3:b8:ea:e4:bf:4f:8e:3e:96:58:b2:02:ba:20:
88:e3:f4:f3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHoNzVRJ09kCWbWPZk7qdEnASbbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5M2MwMDllMzVjYzBjMDQxMzAwMDYyMDY0MDc1ZWUwZWFhMjc0NWI4ODY5
NmZhM2MzN2MwYmZiNThkZmMwM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyD/GcaPyBb6SsInCGX2Bilg3kL1rCOEgSyRRvG5EksvETHDyIB+J7fRwye
dSdAGt9c/lc14b4gvB3td4vDRRK+1RGi7CNn1CDQ6mBVoVHOXnDOlhiUz4OEZudM
cSX01Ox7Y98Bq9x6vFx7Rj+A+ND+mXXEzPRt1N8tiz0UdlYpzUP2Ie51a/PxcQ55
5FdrEiIkv14UsGbJycVu0KXGY1Jz4shXkB89+uHbfw/fk0pJ/rBxbSLkxHiIl1jM
ENRUoSDT234sFDG/9QWWBgJyjyu2cY8b+iz8BiebFXVD5viN7EN9WdlGz9SYlBJ/
JCjeO1Ce9iTSEzc9uZmtVjIzStECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR5PCCn
CFfhBoShSiYuNYSESt8FwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmQ5ZjMxMjAtZmFiOS00M2FhLTk3M2YtNDE0MjkyNWIxNDE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
wDANBgkqhkiG9w0BAQsFAAOCAQEACpFFWgfWnt04BBQ7CFsWg7ZT+d8bM4hNofhU
CoMnSufJf5JqU5Z1jY9l/fzvYt05WJg8uYnyngdfYbopjWxz8ETC3+lXVjAjaYit
KjAounxYgB2wASJW8pA37yy2CeAA9WTwnjGAF+YFF8xPREmcGswTZYHb1E2d4tlc
8va05z5/kbaVGXGTAnZM4G7kz8826TXz/GGSlFM2noImHDrKGgWWlpRg6FsAiyC/
7VJb9cVJkDxDTqhRUyPpm8fYXaosWeElSJpyD3wv+5xcYOw+t1gSSHhGcFhte3Fq
hW+XLSz5cS1m6YgHnW2iWmwCotO46uS/T44+lliyArogiOP08w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:27 2025 by rpki-client