Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
File: 3ef5e7b8-24ad-41af-8334-2eff292a769d.roa (raw, json)
Hash identifier: IT3eoC58cpkZA6YunlmBzgodNsM62NBFnEjFv/wHL1g=
Subject key identifier: 56:E3:6B:FA:A2:D9:16:BB:1C:E9:F7:05:A8:57:A7:E9:C4:D9:4B:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B515A73D61E39A5689F01C8D6C2C16B1BD2701B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
Signing time: Tue 20 May 2025 19:01:02 +0000
ROA not before: Tue 20 May 2025 19:01:02 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:51:5a:73:d6:1e:39:a5:68:9f:01:c8:d6:c2:c1:6b:1b:d2:70:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:02 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=531b7768399928b698d85256443a0a3c61a8d01a538ef393d2cfc0c32c8e850d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e4:00:5c:1e:12:71:a9:f7:14:40:c2:a7:64:
ad:c3:0d:85:d9:c6:6c:ec:c9:c2:0e:98:b9:c1:1b:
2d:15:ea:3e:dd:58:eb:6a:01:20:23:2c:12:cf:76:
f6:0e:07:e3:3d:5d:5a:26:3b:14:38:e7:f6:a6:04:
8d:34:51:8d:f3:68:aa:37:99:ed:e3:10:1b:34:d4:
4c:ab:9b:63:c6:1e:51:b6:2b:37:84:02:0a:7a:c5:
4a:f7:c8:08:33:f3:db:77:ed:ba:7c:aa:a6:ca:6b:
dc:3d:6f:73:6c:b6:93:41:37:a3:7b:69:de:90:6a:
db:65:3a:bf:ec:72:b1:57:8f:c5:0d:a4:30:ca:db:
88:36:eb:9a:5e:76:bb:ce:3b:0d:90:47:1c:af:5d:
e9:51:26:d9:5c:81:2a:bf:c3:93:a4:dc:7d:82:4e:
d0:46:d9:57:fd:22:e8:af:ff:c7:ef:46:be:74:5b:
94:18:0c:73:d1:40:3f:b7:70:a2:30:37:f6:ee:a1:
3a:ec:2b:e9:cc:4d:fb:1b:7f:a9:9d:f9:98:a0:14:
34:ae:fb:34:7a:15:73:41:f5:fa:df:48:8b:1a:9c:
e3:c4:05:3e:c0:5b:3f:c2:39:eb:98:e2:b4:94:63:
9c:d7:b5:05:b8:cc:ab:57:97:d7:df:2c:dc:96:36:
68:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E3:6B:FA:A2:D9:16:BB:1C:E9:F7:05:A8:57:A7:E9:C4:D9:4B:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
5a:30:21:d0:30:3b:80:1f:76:60:7b:5c:75:64:a7:1b:3c:0a:
ed:6c:2b:5f:2c:71:b8:d9:7e:15:22:1a:a6:bb:80:1c:89:ad:
4b:21:89:6d:71:66:3d:42:17:f2:ab:c7:82:81:4c:43:5b:76:
e5:89:1e:a1:49:e3:c5:57:b0:ea:ce:75:23:ed:f9:68:6f:57:
aa:27:50:87:28:4d:94:e5:dd:58:97:a1:bf:8e:09:ff:6b:e8:
bb:91:a3:db:f7:08:9c:ca:02:a4:41:71:b5:c4:7a:4f:a6:b7:
04:cd:cb:32:2c:2f:95:c3:2f:e7:6d:e7:b1:00:d0:89:c1:3b:
54:15:8e:af:1b:62:2e:bc:3e:29:d8:24:59:cd:a7:3f:d1:4d:
85:04:c9:82:0e:15:0e:29:e4:3c:d0:71:5a:24:24:dc:1b:73:
09:ed:c5:b7:30:f7:10:b6:63:69:f2:27:2e:f1:26:1c:b0:56:
d2:2a:a8:bf:c3:4d:f8:49:a6:48:78:03:33:45:52:2c:1d:60:
b4:07:8c:58:dd:34:17:b8:8f:3d:20:02:77:a8:71:8b:a0:f4:
f8:bc:00:62:8d:bf:12:f4:29:6e:cb:53:ea:8e:85:fa:3c:ab:
ba:dd:3d:29:f6:bc:74:62:3c:37:0b:04:b9:55:4a:69:99:dd:
84:47:25:dc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUG1Fac9YeOaVonwHI1sLBaxvScBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMWI3NzY4Mzk5OTI4YjY5OGQ4NTI1NjQ0M2EwYTNjNjFhOGQwMWE1Mzhl
ZjM5M2QyY2ZjMGMzMmM4ZTg1MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnkAFweEnGp9xRAwqdkrcMNhdnGbOzJwg6YucEbLRXqPt1Y62oBICMsEs92
9g4H4z1dWiY7FDjn9qYEjTRRjfNoqjeZ7eMQGzTUTKubY8YeUbYrN4QCCnrFSvfI
CDPz23ftunyqpspr3D1vc2y2k0E3o3tp3pBq22U6v+xysVePxQ2kMMrbiDbrml52
u847DZBHHK9d6VEm2VyBKr/Dk6TcfYJO0EbZV/0i6K//x+9GvnRblBgMc9FAP7dw
ojA39u6hOuwr6cxN+xt/qZ35mKAUNK77NHoVc0H1+t9Iixqc48QFPsBbP8I565ji
tJRjnNe1BbjMq1eX198s3JY2aB8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRW42v6
otkWuxzp9wWoV6fpxNlL0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2VmNWU3YjgtMjRhZC00MWFmLTgzMzQtMmVmZjI5MmE3NjlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
wDANBgkqhkiG9w0BAQsFAAOCAQEAWjAh0DA7gB92YHtcdWSnGzwK7WwrXyxxuNl+
FSIapruAHImtSyGJbXFmPUIX8qvHgoFMQ1t25YkeoUnjxVew6s51I+35aG9XqidQ
hyhNlOXdWJehv44J/2vou5Gj2/cInMoCpEFxtcR6T6a3BM3LMiwvlcMv523nsQDQ
icE7VBWOrxtiLrw+KdgkWc2nP9FNhQTJgg4VDinkPNBxWiQk3BtzCe3FtzD3ELZj
afInLvEmHLBW0iqov8NN+EmmSHgDM0VSLB1gtAeMWN00F7iPPSACd6hxi6D0+LwA
Yo2/EvQpbstT6o6F+jyrut09Kfa8dGI8NwsEuVVKaZndhEcl3A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:34 2025 by rpki-client