Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
File: 44d8b686-7db5-4309-8f09-3af611be3753.roa (raw, json)
Hash identifier: rM3wXd+nOVuLZgYTjfwYCMgYXz9Xc9f3nAIwih3OREs=
Subject key identifier: 08:83:D3:2D:0A:95:90:2C:3F:8E:AC:95:BF:0B:81:A6:6F:16:D1:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B2770A2E6A561BA1DC381B36EA1D40DC297FCF0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
Signing time: Tue 20 May 2025 19:50:06 +0000
ROA not before: Tue 20 May 2025 19:50:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:27:70:a2:e6:a5:61:ba:1d:c3:81:b3:6e:a1:d4:0d:c2:97:fc:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:50:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=09125729596edc58427e380c2f4067c688e8ed8564908a2a9edddec61c6f46e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4e:b7:63:e1:df:3c:44:f4:2c:6c:18:5d:68:
28:0f:d1:ef:ba:dd:53:f1:ac:54:d5:54:97:79:bb:
34:89:89:bf:7d:d3:76:9b:89:26:2a:4c:c3:50:7b:
24:e5:48:ed:3b:d2:e8:b9:9e:22:4d:fd:a3:b1:31:
73:fd:68:19:75:03:78:8a:1a:c9:28:b7:03:2a:c0:
33:eb:7e:f7:bb:2d:a9:a5:49:df:5c:a1:cf:0a:38:
97:9b:18:a8:f6:a5:3e:6d:ef:98:a9:e5:a7:88:6a:
87:d3:e0:c7:0f:35:2c:26:bc:e6:5c:66:4c:5e:14:
13:78:f6:be:d6:c1:3a:13:e0:3f:fc:b2:a3:cb:88:
72:fc:46:af:c0:27:21:1b:6b:7f:1f:54:e2:b4:37:
87:a0:ef:4e:5b:aa:29:70:a6:cd:f6:35:86:33:36:
bc:a6:d9:15:39:de:d6:95:d4:fd:ed:45:67:dd:8d:
92:0c:c4:50:e1:98:17:0c:09:7f:ec:3a:1c:7f:77:
3c:dc:c3:50:60:5f:dc:00:7e:53:dd:02:5d:e3:e9:
14:93:ed:cb:08:64:7d:6e:77:c2:13:08:b0:30:6e:
33:4a:79:93:21:f1:ab:c6:65:16:b6:95:f6:9f:d0:
2d:cd:54:05:8b:50:dd:e8:bb:dd:89:94:d9:a0:f0:
78:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:83:D3:2D:0A:95:90:2C:3F:8E:AC:95:BF:0B:81:A6:6F:16:D1:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
22:1f:05:28:06:ac:72:5a:4c:ce:bf:dd:b4:de:e4:04:5c:80:
55:2a:57:13:b7:36:ee:69:a9:e2:42:86:c7:56:2c:13:4b:3c:
4b:2c:da:ef:e6:bd:e4:50:aa:16:1e:eb:2d:ff:92:97:8a:15:
20:fa:eb:b5:27:1b:e8:8f:99:7f:a5:1b:6f:e5:4c:84:56:dc:
ec:3d:e6:1e:10:d1:42:27:84:21:0e:1f:61:42:c5:cb:45:3a:
c9:f5:4f:a4:58:16:33:18:00:88:7c:a4:b5:5c:41:83:c3:d6:
c3:ab:35:43:66:e4:cb:42:8a:be:15:2b:68:1a:22:c3:0e:9e:
db:57:aa:60:d0:d1:d2:74:c1:64:3b:26:df:b6:33:ae:f8:d1:
03:54:53:1f:fa:b2:37:15:be:e3:a8:f6:34:85:72:9a:22:01:
9c:cf:35:24:38:61:3d:ef:6d:5e:0e:20:36:05:4a:18:21:0a:
04:f0:06:ce:9a:65:db:84:8f:77:2f:76:69:bc:95:fe:60:40:
91:03:5d:b7:67:ec:ec:da:cd:bc:03:fe:52:dc:b9:8f:6a:92:
0c:e1:a2:3b:cf:84:8c:3e:43:5b:7d:1b:be:41:af:1d:d7:95:
8e:c9:70:40:62:0b:0a:db:bc:57:61:73:26:2c:de:74:1d:72:
14:23:29:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOydwoualYbodw4GzbqHUDcKX/PAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUwMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5MTI1NzI5NTk2ZWRjNTg0MjdlMzgwYzJmNDA2N2M2ODhlOGVkODU2NDkw
OGEyYTllZGRkZWM2MWM2ZjQ2ZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZOt2Ph3zxE9CxsGF1oKA/R77rdU/GsVNVUl3m7NImJv33TdpuJJipMw1B7
JOVI7TvS6LmeIk39o7Exc/1oGXUDeIoaySi3AyrAM+t+97stqaVJ31yhzwo4l5sY
qPalPm3vmKnlp4hqh9Pgxw81LCa85lxmTF4UE3j2vtbBOhPgP/yyo8uIcvxGr8An
IRtrfx9U4rQ3h6DvTluqKXCmzfY1hjM2vKbZFTne1pXU/e1FZ92NkgzEUOGYFwwJ
f+w6HH93PNzDUGBf3AB+U90CXePpFJPtywhkfW53whMIsDBuM0p5kyHxq8ZlFraV
9p/QLc1UBYtQ3ei73YmU2aDweDMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQIg9Mt
CpWQLD+OrJW/C4GmbxbR6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDRkOGI2ODYtN2RiNS00MzA5LThmMDktM2FmNjExYmUzNzUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HrA
MA0GCSqGSIb3DQEBCwUAA4IBAQAiHwUoBqxyWkzOv9203uQEXIBVKlcTtzbuaani
QobHViwTSzxLLNrv5r3kUKoWHust/5KXihUg+uu1Jxvoj5l/pRtv5UyEVtzsPeYe
ENFCJ4QhDh9hQsXLRTrJ9U+kWBYzGACIfKS1XEGDw9bDqzVDZuTLQoq+FStoGiLD
Dp7bV6pg0NHSdMFkOybftjOu+NEDVFMf+rI3Fb7jqPY0hXKaIgGczzUkOGE9721e
DiA2BUoYIQoE8AbOmmXbhI93L3ZpvJX+YECRA123Z+zs2s28A/5S3LmPapIM4aI7
z4SMPkNbfRu+Qa8d15WOyXBAYgsK27xXYXMmLN50HXIUIykR
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:28 2025 by rpki-client