Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json)
Hash identifier: qAOGsgGU09q0JxGlyHCBOnWyyqhPJRCfq7gfS8ehRdo=
Subject key identifier: 35:F7:F2:8E:F9:49:39:66:AC:E8:EB:E2:C8:8A:50:DD:66:04:EE:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61605A15CE33907CDDA30B930C5039D8DD12F412
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
Signing time: Tue 20 May 2025 19:50:06 +0000
ROA not before: Tue 20 May 2025 19:50:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:60:5a:15:ce:33:90:7c:dd:a3:0b:93:0c:50:39:d8:dd:12:f4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:50:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=9949dd5a049345c96939aa0abeb1431fb13be6866ca3fb44751d6353026a5395, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:22:1c:d6:ac:e7:a7:f6:ad:b9:9b:c2:f8:fe:
f7:37:52:33:ca:3e:15:2f:fc:16:7a:5f:23:b0:65:
a7:c5:e6:1f:04:83:90:2a:65:95:15:cd:fa:04:78:
1f:e7:46:b9:9f:0e:bc:56:87:fe:c4:3c:3b:fe:f3:
9a:5a:a5:c6:20:9d:f5:78:66:1c:2b:56:7a:40:0a:
43:b2:15:18:2e:a1:ac:93:6e:1a:8e:8d:25:90:65:
45:f7:0e:7c:8f:bd:ab:2c:e1:3c:a0:33:15:b5:98:
6b:9d:f5:c2:a2:b9:71:19:f9:44:a0:80:c8:84:7c:
f0:bc:e7:3c:69:64:f2:e7:88:e3:4c:6c:9d:47:01:
87:83:38:2e:34:33:54:a0:e6:2c:b5:6b:c5:19:dc:
12:c2:73:5c:d2:b2:b4:bd:b3:09:46:25:3b:2c:c3:
d4:51:2a:94:c4:dc:c9:b5:38:a1:bc:44:bc:cf:2e:
84:02:87:4a:92:92:91:77:ae:a8:f9:5b:a7:f7:ef:
78:ef:2f:c6:4f:9d:d3:c7:7a:09:f7:b7:5a:c7:f9:
8c:01:05:92:f0:d1:18:80:c8:a2:45:e5:af:d9:c3:
a7:c8:4d:84:a8:47:30:9b:0b:49:a6:c6:92:9e:65:
3a:ad:9d:12:7d:f0:ec:a4:ad:e5:e8:77:f1:44:a5:
cc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F7:F2:8E:F9:49:39:66:AC:E8:EB:E2:C8:8A:50:DD:66:04:EE:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:e000::/40
Signature Algorithm: sha256WithRSAEncryption
99:94:ec:86:be:01:d0:23:04:a0:64:9d:f3:c2:00:b3:bf:34:
2b:8a:c3:5f:1d:6f:dd:76:dd:e9:06:28:f5:2f:41:90:95:6f:
68:0b:9d:bc:91:b6:1c:8e:c9:2e:f5:a0:81:13:8f:81:d7:a7:
48:44:05:7f:b3:c2:eb:ee:cd:63:75:85:d9:75:47:5b:6a:e5:
80:3a:cc:d1:d9:39:d0:2f:8f:52:7c:1f:78:5d:ae:b6:6b:60:
32:66:16:eb:46:67:07:51:6e:b6:71:c3:67:10:09:fc:15:2c:
fd:38:96:9d:22:6d:2b:02:11:8d:9f:e2:cd:b7:49:d4:3d:31:
88:a9:d2:8c:86:6b:56:a9:b1:ad:09:1e:8f:3b:72:01:10:e5:
36:1a:60:d0:3a:29:e6:5e:5c:71:6d:4d:c9:39:0a:00:fc:f4:
7d:2f:5b:01:2c:d7:67:37:ef:4f:01:0f:24:14:c0:d8:0a:9f:
60:2b:3a:93:89:19:5d:8c:5e:cd:31:4b:3f:75:3d:43:ca:a1:
bb:4e:a1:97:51:8f:ee:19:b9:ff:7e:cd:10:36:68:9f:23:e8:
54:76:88:e4:1f:63:25:01:de:a5:c2:46:56:2b:d3:b7:c0:0b:
03:59:52:f6:f3:38:ca:89:e9:af:b8:db:43:fe:03:03:fa:c9:
dd:16:99:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYWBaFc4zkHzdowuTDFA52N0S9BIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUwMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NDlkZDVhMDQ5MzQ1Yzk2OTM5YWEwYWJlYjE0MzFmYjEzYmU2ODY2Y2Ez
ZmI0NDc1MWQ2MzUzMDI2YTUzOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIiHNas56f2rbmbwvj+9zdSM8o+FS/8FnpfI7Blp8XmHwSDkCpllRXN+gR4
H+dGuZ8OvFaH/sQ8O/7zmlqlxiCd9XhmHCtWekAKQ7IVGC6hrJNuGo6NJZBlRfcO
fI+9qyzhPKAzFbWYa531wqK5cRn5RKCAyIR88LznPGlk8ueI40xsnUcBh4M4LjQz
VKDmLLVrxRncEsJzXNKytL2zCUYlOyzD1FEqlMTcybU4obxEvM8uhAKHSpKSkXeu
qPlbp/fveO8vxk+d08d6Cfe3Wsf5jAEFkvDRGIDIokXlr9nDp8hNhKhHMJsLSabG
kp5lOq2dEn3w7KSt5eh38USlzC8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ19/KO
+Uk5Zqzo6+LIilDdZgTuSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg
MA0GCSqGSIb3DQEBCwUAA4IBAQCZlOyGvgHQIwSgZJ3zwgCzvzQrisNfHW/ddt3p
Bij1L0GQlW9oC528kbYcjsku9aCBE4+B16dIRAV/s8Lr7s1jdYXZdUdbauWAOszR
2TnQL49SfB94Xa62a2AyZhbrRmcHUW62ccNnEAn8FSz9OJadIm0rAhGNn+LNt0nU
PTGIqdKMhmtWqbGtCR6PO3IBEOU2GmDQOinmXlxxbU3JOQoA/PR9L1sBLNdnN+9P
AQ8kFMDYCp9gKzqTiRldjF7NMUs/dT1DyqG7TqGXUY/uGbn/fs0QNmifI+hUdojk
H2MlAd6lwkZWK9O3wAsDWVL28zjKiemvuNtD/gMD+sndFpl0
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:34 2025 by rpki-client