Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
File: 3d4529a1-3c28-42b4-b071-aa7474560d24.roa (raw, json)
Hash identifier: LZEUjBaQopfVuTILLChakRYkdc05t2DsOo1Wt6DY8o8=
Subject key identifier: 20:78:B1:39:22:DA:3B:49:1E:BA:D2:68:53:3E:5B:4E:DF:B0:B7:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F6B727118B4BA580BBCA5075D336275BC077192
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
Signing time: Tue 10 Jun 2025 17:20:46 +0000
ROA not before: Tue 10 Jun 2025 17:20:46 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:6b:72:71:18:b4:ba:58:0b:bc:a5:07:5d:33:62:75:bc:07:71:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:46 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=8c97ba3e9a6de761f3704992fe23bac18ddbbd817c85466ed2349576e7ab5a85, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5a:70:c2:24:49:59:3d:10:b0:06:7c:17:5e:
d8:ae:bd:91:20:13:6e:62:6f:70:2c:50:f0:04:8d:
97:6a:e4:f5:08:d3:f9:04:24:c4:b9:7e:01:b8:7d:
86:5a:d7:ac:5c:72:a6:54:bb:35:ba:d2:1e:99:7c:
dc:13:5b:5b:7b:42:b4:a7:9d:bc:0f:3f:7a:7a:5e:
e6:f6:94:a6:25:e6:59:a2:8d:91:ad:2c:37:90:b6:
34:19:e8:4b:e7:af:f3:d1:ae:60:90:48:89:53:0f:
4c:a5:43:6f:08:e2:8a:72:f7:c6:37:4f:bc:2a:af:
4b:c9:92:9c:92:0d:5a:23:0f:00:57:50:7b:6f:12:
30:b9:ef:ad:22:37:db:82:cf:84:23:89:31:67:fc:
5b:46:5a:05:fc:d3:fa:33:e4:a4:1a:25:c9:4d:35:
fd:83:15:90:05:d7:1c:8f:7b:fd:94:98:15:3d:a4:
57:12:ec:b8:f3:c9:0c:1e:d4:8e:bc:23:65:07:91:
89:5a:d9:8e:c6:00:26:5e:b1:6f:81:cd:bb:73:96:
8c:f1:db:3c:f6:b8:18:da:ba:cf:f8:a5:d6:97:e0:
e6:2d:32:25:18:bf:9e:14:dd:7b:41:55:79:49:75:
da:1c:bd:4b:bb:ca:46:b1:db:e8:ef:0b:86:2a:51:
cf:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:78:B1:39:22:DA:3B:49:1E:BA:D2:68:53:3E:5B:4E:DF:B0:B7:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:840::/46
Signature Algorithm: sha256WithRSAEncryption
b5:e6:1e:ef:75:02:a6:03:88:1d:05:3c:e5:85:77:00:8f:65:
ad:bb:8a:b2:a4:af:85:83:05:3d:57:0d:45:44:13:a9:f8:e4:
4b:c6:e9:5a:32:df:72:e7:07:e1:8c:b2:6d:f9:bb:64:a0:c7:
ec:58:f7:90:2e:ba:80:0a:2d:38:0f:d8:b2:4b:6e:6e:0c:0e:
b5:1d:49:4b:2e:48:22:60:c5:b4:57:23:20:28:78:a8:3b:e3:
e5:35:78:ba:0d:6d:98:f4:34:11:e4:2f:d2:51:89:91:6d:0a:
8a:d5:07:2b:60:d5:57:a5:97:52:55:31:58:f5:fc:ff:a8:0a:
11:9f:b0:d2:27:25:e1:16:d4:5c:97:54:b2:d0:0d:ed:0a:67:
c3:2f:34:e2:e2:1e:db:51:d9:b2:1c:2c:74:8e:a2:b6:0c:51:
35:7b:da:13:84:34:e7:da:db:99:dc:4f:9d:60:94:7d:34:65:
b4:42:17:cd:3c:86:42:8c:42:04:d9:84:99:e2:4a:62:df:fa:
02:6a:e5:0e:d1:c5:c2:24:96:f3:36:d8:29:f7:ad:c0:fa:d3:
d0:4a:d0:d7:a5:2e:8b:e7:a6:ab:83:2e:bb:3f:aa:85:da:8b:
50:fd:33:66:4f:3e:34:81:b8:b0:55:75:a5:ad:ca:6b:d8:7a:
c8:a7:1f:1e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX2tycRi0ulgLvKUHXTNidbwHcZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwNDZaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjOTdiYTNlOWE2ZGU3NjFmMzcwNDk5MmZlMjNiYWMxOGRkYmJkODE3Yzg1
NDY2ZWQyMzQ5NTc2ZTdhYjVhODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRacMIkSVk9ELAGfBde2K69kSATbmJvcCxQ8ASNl2rk9QjT+QQkxLl+Abh9
hlrXrFxyplS7NbrSHpl83BNbW3tCtKedvA8/enpe5vaUpiXmWaKNka0sN5C2NBno
S+ev89GuYJBIiVMPTKVDbwjiinL3xjdPvCqvS8mSnJINWiMPAFdQe28SMLnvrSI3
24LPhCOJMWf8W0ZaBfzT+jPkpBolyU01/YMVkAXXHI97/ZSYFT2kVxLsuPPJDB7U
jrwjZQeRiVrZjsYAJl6xb4HNu3OWjPHbPPa4GNq6z/il1pfg5i0yJRi/nhTde0FV
eUl12hy9S7vKRrHb6O8LhipRz6sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQgeLE5
Ito7SR660mhTPltO37C3ZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Q0NTI5YTEtM2MyOC00MmI0LWIwNzEtYWE3NDc0NTYwZDI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HcI
QDANBgkqhkiG9w0BAQsFAAOCAQEAteYe73UCpgOIHQU85YV3AI9lrbuKsqSvhYMF
PVcNRUQTqfjkS8bpWjLfcucH4Yyybfm7ZKDH7Fj3kC66gAotOA/YsktubgwOtR1J
Sy5IImDFtFcjICh4qDvj5TV4ug1tmPQ0EeQv0lGJkW0KitUHK2DVV6WXUlUxWPX8
/6gKEZ+w0icl4RbUXJdUstAN7Qpnwy804uIe21HZshwsdI6itgxRNXvaE4Q059rb
mdxPnWCUfTRltEIXzTyGQoxCBNmEmeJKYt/6AmrlDtHFwiSW8zbYKfetwPrT0ErQ
16Uui+emq4Muuz+qhdqLUP0zZk8+NIG4sFV1pa3Ka9h6yKcfHg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:47 2025 by rpki-client