Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: SCv2WBDjY1ppQowtzUfvDd8FwwCwOASnBOOwPY9D45Q=
Subject key identifier: A9:7E:77:89:60:40:F8:F6:D2:10:30:41:58:CA:9A:C2:A0:CE:F6:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67BC248BF141777C2A729CE5412A8DE530CDDFE2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Tue 20 May 2025 19:01:07 +0000
ROA not before: Tue 20 May 2025 19:01:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:bc:24:8b:f1:41:77:7c:2a:72:9c:e5:41:2a:8d:e5:30:cd:df:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=00cb98e6a9c0ed3d10107c914d5722058c4e6461b16f92978231a74f88f8f795, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:77:3d:aa:48:9e:92:cf:56:e2:5c:f4:9d:42:
f9:0f:7b:f9:c9:33:af:86:27:17:2f:9c:02:d8:96:
f8:ed:ba:36:d9:d3:8e:b6:69:e3:97:1c:2a:74:27:
7b:47:63:60:6d:e4:97:38:84:e0:2a:17:b3:5c:b2:
91:10:d3:f2:7d:e8:14:66:84:37:02:6e:2f:68:39:
dc:a8:df:db:82:eb:56:75:a0:1e:56:86:04:a5:c3:
bd:7c:fb:b6:14:f9:3d:35:bf:37:ce:92:68:62:66:
29:d1:7b:f5:60:38:6d:d5:c8:c6:07:2a:ae:d7:2c:
b8:5f:1a:99:5d:fd:48:b9:25:7c:e2:b9:37:42:60:
9e:7f:b4:c4:67:82:0f:35:ad:81:b1:63:e8:e0:b7:
ed:1c:ff:3a:29:23:6a:6a:eb:56:73:a0:71:90:e7:
7d:94:51:12:d2:fe:04:28:d5:e9:e9:02:4a:e4:37:
ee:98:e7:5b:52:f0:65:3c:2c:6b:26:13:af:6c:f7:
51:38:2e:21:59:63:c2:99:23:a0:8d:bd:f9:cc:54:
a3:61:5b:70:79:be:85:3f:1a:03:3a:d7:1c:91:9b:
e2:41:4d:d0:9b:6f:49:07:59:7e:af:b5:65:2e:1d:
8a:3c:08:b3:2f:8f:97:79:c1:9f:f8:d4:32:24:a9:
09:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:7E:77:89:60:40:F8:F6:D2:10:30:41:58:CA:9A:C2:A0:CE:F6:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
b1:c8:be:bb:ed:d7:85:9a:8c:0e:d7:c6:83:f8:a1:a4:9e:68:
87:63:5e:ce:eb:75:17:7a:d9:bc:7d:59:9d:71:e4:ab:73:0e:
b8:f2:bf:60:fb:3d:15:fa:13:1f:db:a2:a8:82:ba:40:7c:29:
6a:11:73:a9:67:2f:58:3b:5e:38:44:85:bc:c8:20:26:71:b2:
59:c1:f6:c2:9d:dd:d9:92:cb:1c:00:bc:87:30:f1:8f:54:d7:
08:7f:a8:a7:8a:35:5b:61:50:41:a0:c2:6e:12:8e:57:d4:36:
14:57:a5:ba:b9:1f:8b:4d:cc:26:55:99:2e:d1:3c:50:70:5c:
50:d4:d3:19:04:2f:9a:75:aa:02:66:39:bd:27:a1:8a:3b:65:
0d:3f:89:2f:1b:04:e7:c8:59:be:57:88:d1:ec:9e:bc:d4:ae:
a5:ee:59:d8:fe:36:60:81:de:cb:b9:07:da:3f:95:0e:43:1c:
c9:3e:91:1a:fd:dd:44:ad:c5:ac:76:6c:1a:fd:af:a5:f3:c4:
0e:a3:c9:11:78:5d:e6:b9:b4:78:47:c3:79:18:d8:96:7e:59:
32:e7:ff:d2:38:bc:ca:5e:a5:7f:9b:e7:ad:eb:e4:20:e2:f4:
5f:91:e6:71:5f:38:71:d1:04:b4:ef:9a:9e:2f:7b:b0:3c:ae:
29:74:32:18
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ7wki/FBd3wqcpzlQSqN5TDN3+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwY2I5OGU2YTljMGVkM2QxMDEwN2M5MTRkNTcyMjA1OGM0ZTY0NjFiMTZm
OTI5NzgyMzFhNzRmODhmOGY3OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMR3PapInpLPVuJc9J1C+Q97+ckzr4YnFy+cAtiW+O26NtnTjrZp45ccKnQn
e0djYG3klziE4CoXs1yykRDT8n3oFGaENwJuL2g53Kjf24LrVnWgHlaGBKXDvXz7
thT5PTW/N86SaGJmKdF79WA4bdXIxgcqrtcsuF8amV39SLklfOK5N0Jgnn+0xGeC
DzWtgbFj6OC37Rz/OikjamrrVnOgcZDnfZRREtL+BCjV6ekCSuQ37pjnW1LwZTws
ayYTr2z3UTguIVljwpkjoI29+cxUo2FbcHm+hT8aAzrXHJGb4kFN0JtvSQdZfq+1
ZS4dijwIsy+Pl3nBn/jUMiSpCTcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSpfneJ
YED49tIQMEFYyprCoM72aDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEAsci+u+3XhZqMDtfGg/ihpJ5oh2Nezut1F3rZ
vH1ZnXHkq3MOuPK/YPs9FfoTH9uiqIK6QHwpahFzqWcvWDteOESFvMggJnGyWcH2
wp3d2ZLLHAC8hzDxj1TXCH+op4o1W2FQQaDCbhKOV9Q2FFelurkfi03MJlWZLtE8
UHBcUNTTGQQvmnWqAmY5vSehijtlDT+JLxsE58hZvleI0eyevNSupe5Z2P42YIHe
y7kH2j+VDkMcyT6RGv3dRK3FrHZsGv2vpfPEDqPJEXhd5rm0eEfDeRjYln5ZMuf/
0ji8yl6lf5vnrevkIOL0X5HmcV84cdEEtO+ani97sDyuKXQyGA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:23 2025 by rpki-client