Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4471b4d2-62e1-4876-baf7-b5951493a774.roa
File: 4471b4d2-62e1-4876-baf7-b5951493a774.roa (raw, json)
Hash identifier: T5MRJaYAHkvJvFdNgpiyX+547MCRS4luikIq0hPKOMk=
Subject key identifier: A4:F1:BC:72:BB:EF:02:5A:43:A3:0A:CA:12:9B:81:4D:4E:D5:02:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5264BB50984286B5D5B8300A4E3A1AEC579D7E15
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4471b4d2-62e1-4876-baf7-b5951493a774.roa
Signing time: Tue 20 May 2025 19:30:16 +0000
ROA not before: Tue 20 May 2025 19:30:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:64:bb:50:98:42:86:b5:d5:b8:30:0a:4e:3a:1a:ec:57:9d:7e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:30:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=868f89975f46fd31d553d1d9ff1c94216d495516484fae1165e3deab6798a503, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5d:32:32:36:19:2b:45:28:16:46:f6:28:39:
19:1b:55:d0:a5:80:81:a4:46:70:a8:b6:ee:39:8b:
cd:f2:80:36:f6:7d:f7:97:bb:8c:cb:a2:1e:11:0c:
27:bb:87:db:73:63:ce:a5:4f:d2:e8:4f:ac:31:7f:
7b:cf:45:f2:9b:1c:d4:a0:dd:1c:6b:dd:40:2c:58:
98:df:aa:79:f7:08:62:9d:20:c2:04:ef:dd:f3:6f:
b1:ff:ef:a4:42:6c:32:bb:56:72:f6:35:22:d9:f8:
db:9e:87:c3:b5:ec:05:22:b7:f3:e5:44:69:47:6e:
67:bd:e9:14:18:94:d4:03:b3:1b:80:ea:3f:3d:c4:
a3:6e:2a:b9:bf:8d:8d:57:35:f5:96:40:78:9e:a9:
32:57:ae:d3:81:9d:3a:c5:52:11:1b:e6:17:ad:b5:
31:f7:25:91:d7:58:98:01:11:a1:ce:23:02:0d:c5:
23:5e:26:42:50:2b:17:3f:af:73:b9:cb:cf:a9:97:
f5:b1:d2:41:d9:c5:3d:68:19:90:eb:46:17:bf:f3:
3b:45:c1:13:15:50:83:54:07:e4:54:47:fa:28:5c:
91:a2:70:f0:98:f1:c5:e2:6e:89:15:84:c5:4b:6d:
09:bc:b3:c0:17:4b:03:8f:71:9e:d6:45:e5:14:70:
80:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F1:BC:72:BB:EF:02:5A:43:A3:0A:CA:12:9B:81:4D:4E:D5:02:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4471b4d2-62e1-4876-baf7-b5951493a774.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
1b:0c:61:b0:7c:9b:54:d4:16:1c:11:08:65:cb:7e:bb:7f:0e:
83:5a:0d:99:1a:19:6b:99:dd:49:4e:5d:db:97:f5:38:29:ad:
47:e1:d0:3e:69:b2:6b:f0:07:d5:ef:4f:a8:0b:e3:2e:71:a6:
2f:40:83:bf:23:72:56:da:0a:91:5c:6d:ee:c9:eb:82:48:eb:
88:24:6d:70:d2:ed:bd:9e:c4:68:b4:49:3b:99:0b:00:b9:86:
8e:3c:70:12:fd:9f:b0:a6:bb:ca:e4:7f:95:5b:ba:76:26:d3:
95:68:31:6c:11:02:90:23:ed:ad:0c:19:03:78:01:a7:5e:66:
f2:4c:0a:19:f5:cd:2d:b4:a5:77:07:06:30:85:34:a0:da:e2:
8c:b7:2d:da:68:aa:94:8f:09:d3:04:7e:42:6f:71:97:6b:86:
55:5e:b2:b4:6d:f7:2b:f3:e8:c6:64:6d:a8:f5:2e:35:74:dd:
d7:16:ed:ac:21:cd:59:0a:a0:42:87:31:1b:ad:aa:2a:0a:73:
9a:1e:e9:2d:5a:3d:95:8d:f8:38:0e:a1:cd:07:b5:39:c5:14:
e6:7a:e3:cc:fb:d0:a7:f5:d7:60:84:4a:8f:98:32:82:89:02:
21:78:ff:34:fa:97:66:63:c9:91:e2:6b:da:69:55:50:2e:4b:
e9:16:60:e2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUmS7UJhChrXVuDAKTjoa7FedfhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMwMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2OGY4OTk3NWY0NmZkMzFkNTUzZDFkOWZmMWM5NDIxNmQ0OTU1MTY0ODRm
YWUxMTY1ZTNkZWFiNjc5OGE1MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxdMjI2GStFKBZG9ig5GRtV0KWAgaRGcKi27jmLzfKANvZ995e7jMuiHhEM
J7uH23NjzqVP0uhPrDF/e89F8psc1KDdHGvdQCxYmN+qefcIYp0gwgTv3fNvsf/v
pEJsMrtWcvY1Itn4256Hw7XsBSK38+VEaUduZ73pFBiU1AOzG4DqPz3Eo24qub+N
jVc19ZZAeJ6pMleu04GdOsVSERvmF621MfclkddYmAERoc4jAg3FI14mQlArFz+v
c7nLz6mX9bHSQdnFPWgZkOtGF7/zO0XBExVQg1QH5FRH+ihckaJw8JjxxeJuiRWE
xUttCbyzwBdLA49xntZF5RRwgIECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSk8bxy
u+8CWkOjCsoSm4FNTtUCrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ3MWI0ZDItNjJlMS00ODc2LWJhZjctYjU5NTE0OTNhNzc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVg
wDANBgkqhkiG9w0BAQsFAAOCAQEAGwxhsHybVNQWHBEIZct+u38Og1oNmRoZa5nd
SU5d25f1OCmtR+HQPmmya/AH1e9PqAvjLnGmL0CDvyNyVtoKkVxt7snrgkjriCRt
cNLtvZ7EaLRJO5kLALmGjjxwEv2fsKa7yuR/lVu6dibTlWgxbBECkCPtrQwZA3gB
p15m8kwKGfXNLbSldwcGMIU0oNrijLct2miqlI8J0wR+Qm9xl2uGVV6ytG33K/Po
xmRtqPUuNXTd1xbtrCHNWQqgQocxG62qKgpzmh7pLVo9lY34OA6hzQe1OcUU5nrj
zPvQp/XXYIRKj5gygokCIXj/NPqXZmPJkeJr2mlVUC5L6RZg4g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:28 2025 by rpki-client