Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa
File: 424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa (raw, json)
Hash identifier: ogU5S1hhC7i2xaBXuqH7u9d1kMLviQuTxX10CwkQej8=
Subject key identifier: 1F:AC:4D:10:15:53:81:29:3D:5A:84:F9:11:B1:4F:0D:69:9E:B6:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59D90C52C6D1A2A44C4448673D37F4D549A5BEF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa
Signing time: Tue 20 May 2025 19:30:20 +0000
ROA not before: Tue 20 May 2025 19:30:20 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d9:0c:52:c6:d1:a2:a4:4c:44:48:67:3d:37:f4:d5:49:a5:be:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:30:20 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d5888ddc206618747ac946a8b37db0f801b48c0be25633fd4104885cf4fd367c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e8:11:23:ef:81:3c:18:f9:37:18:17:5b:f4:
68:23:4a:70:88:53:79:a6:fb:6b:d6:3d:d3:64:78:
cc:ec:95:46:88:70:14:0e:49:ae:bd:79:14:9c:b0:
5e:4e:b6:ae:32:4f:e2:95:14:1b:19:4d:c1:9b:1f:
17:4f:68:fc:b2:10:40:92:30:37:2d:60:2b:9e:cf:
2f:97:ef:fd:ab:50:b8:33:aa:d1:78:65:97:cd:e4:
db:b8:12:73:89:6d:7d:e7:ab:8a:01:02:ef:f2:6c:
67:1e:2c:9b:e2:a9:a0:0f:09:a2:47:13:79:58:6f:
db:e1:5e:80:49:33:ef:e0:b2:4e:41:ed:fb:7c:bf:
27:b7:88:48:d3:08:32:0f:c0:ce:fe:6d:23:ec:36:
7f:10:17:c7:a7:00:0d:d8:90:dd:00:5d:32:03:cc:
9b:b4:67:50:04:4f:e4:2e:d9:2e:80:53:4a:b5:b9:
9b:a8:b3:9c:5e:93:52:88:ed:a1:ea:92:d6:39:d2:
14:b5:9b:92:7c:a8:6d:1b:71:58:d6:25:37:14:c0:
34:83:06:ff:f9:be:99:52:fc:32:34:98:f2:68:d7:
a4:cf:17:0c:39:cb:96:9d:35:a2:54:55:a0:f8:f3:
6f:f6:dd:b4:a8:b1:ed:e2:cd:8f:92:78:96:12:73:
d9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AC:4D:10:15:53:81:29:3D:5A:84:F9:11:B1:4F:0D:69:9E:B6:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:9040::/46
Signature Algorithm: sha256WithRSAEncryption
1b:b0:e4:d2:1d:64:57:96:d3:69:09:6c:e7:7d:26:f6:b7:fe:
74:25:f6:ec:b1:b0:dc:52:16:03:84:fa:c5:4c:07:5a:b9:b6:
21:e3:2c:ed:e8:77:d4:a4:8f:fd:a3:85:db:a4:91:05:a0:2a:
28:c2:a0:59:32:27:bd:32:be:80:4d:db:9a:d4:bb:0b:3d:3c:
11:69:75:80:31:66:df:09:0a:5f:7c:26:ca:8d:dc:b3:85:c3:
02:9c:77:f3:52:c8:d2:91:6b:be:7c:56:e6:7e:f5:b0:40:3a:
f1:ca:cf:f5:d2:e2:99:37:dc:5c:13:58:56:a9:bc:0d:63:9c:
f5:d2:81:89:4a:9e:32:16:f9:68:06:85:57:98:03:b6:c1:72:
d2:fb:cc:1d:e9:b6:62:dd:8f:e0:c4:69:e4:19:90:30:ce:d5:
a9:f6:af:f3:5e:e8:aa:2f:ac:84:82:ad:6f:32:d9:25:de:c1:
05:95:ec:c1:c8:cc:57:8a:c8:4a:87:85:78:a3:78:a3:77:b2:
38:22:d2:a4:d8:11:a9:d2:fd:7c:ad:d0:70:6e:92:95:ca:fc:
78:35:d2:55:a5:18:82:ac:bb:a8:15:10:a2:3f:c8:d9:2e:42:
76:88:8e:63:79:a6:55:af:b1:4e:39:64:fb:b0:21:86:0e:f3:
1b:28:59:dd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWdkMUsbRoqRMREhnPTf01UmlvvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMwMjBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ODg4ZGRjMjA2NjE4NzQ3YWM5NDZhOGIzN2RiMGY4MDFiNDhjMGJlMjU2
MzNmZDQxMDQ4ODVjZjRmZDM2N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLoESPvgTwY+TcYF1v0aCNKcIhTeab7a9Y902R4zOyVRohwFA5Jrr15FJyw
Xk62rjJP4pUUGxlNwZsfF09o/LIQQJIwNy1gK57PL5fv/atQuDOq0Xhll83k27gS
c4ltfeerigEC7/JsZx4sm+KpoA8JokcTeVhv2+FegEkz7+CyTkHt+3y/J7eISNMI
Mg/Azv5tI+w2fxAXx6cADdiQ3QBdMgPMm7RnUARP5C7ZLoBTSrW5m6iznF6TUojt
oeqS1jnSFLWbknyobRtxWNYlNxTANIMG//m+mVL8MjSY8mjXpM8XDDnLlp01olRV
oPjzb/bdtKix7eLNj5J4lhJz2f0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfrE0Q
FVOBKT1ahPkRsU8NaZ62kDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDI0YzQwZDQtOWUxYy00Y2YyLWE3YmQtMTA0NzViMGMyODM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAG7Dk0h1kV5bTaQls530m9rf+dCX27LGw3FIW
A4T6xUwHWrm2IeMs7eh31KSP/aOF26SRBaAqKMKgWTInvTK+gE3bmtS7Cz08EWl1
gDFm3wkKX3wmyo3cs4XDApx381LI0pFrvnxW5n71sEA68crP9dLimTfcXBNYVqm8
DWOc9dKBiUqeMhb5aAaFV5gDtsFy0vvMHem2Yt2P4MRp5BmQMM7Vqfav817oqi+s
hIKtbzLZJd7BBZXswcjMV4rISoeFeKN4o3eyOCLSpNgRqdL9fK3QcG6Slcr8eDXS
VaUYgqy7qBUQoj/I2S5CdoiOY3mmVa+xTjlk+7Ahhg7zGyhZ3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:51 2025 by rpki-client