Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
File: 470f3c02-20c3-480f-a788-60d7378cea9b.roa (raw, json)
Hash identifier: qDoOUij6jhp4UbupTh919RIVWnRA2vRsz1UwDkmsHMM=
Subject key identifier: 32:84:E6:1D:C2:A3:1F:31:5E:E7:62:09:45:D8:35:90:B8:4F:74:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3425AD2A0C1AB7EEE3423058992237B203DFF7DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
Signing time: Tue 10 Jun 2025 17:20:08 +0000
ROA not before: Tue 10 Jun 2025 17:20:08 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:25:ad:2a:0c:1a:b7:ee:e3:42:30:58:99:22:37:b2:03:df:f7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:08 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=0692b1a9e7f27efbed2afca399cc8f52c5af67b22b65e7b174d68ea01b9949fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:dc:9d:f8:db:29:42:de:dd:b1:2a:17:cf:34:
18:b8:e7:5d:00:10:10:c3:46:b1:f1:c4:4e:79:d6:
71:67:45:dc:17:63:c6:9f:aa:45:99:90:5d:01:06:
e9:1d:76:2d:d2:9d:78:a1:ed:0b:b3:2a:28:5d:a4:
11:c4:52:07:71:4b:d1:b1:d7:df:27:db:1a:96:91:
9e:5d:8d:65:a4:ca:79:d0:4c:a4:37:d0:cb:1a:35:
61:d5:51:86:10:05:b8:84:09:53:20:88:da:b0:ce:
9b:18:88:5c:4d:19:ba:d7:09:7c:65:01:35:6c:5c:
91:93:23:a6:6a:d2:c2:76:ad:85:5d:0b:62:ff:0f:
37:71:95:f6:97:7f:02:6c:76:16:04:7f:78:c8:16:
11:cc:a9:e3:71:b6:b7:af:9a:3d:1d:9e:3f:fd:8e:
de:63:b4:1b:09:20:01:3b:1d:6f:0b:3f:e4:55:ed:
0c:e2:65:6c:35:06:2a:c2:43:00:19:f5:ea:10:8f:
58:d4:72:96:16:9e:46:db:29:14:ab:76:b6:04:41:
8a:ff:8d:00:3e:43:46:10:85:92:87:01:6f:3c:d6:
30:16:f3:a8:d2:d0:4b:69:4a:0b:ab:f2:13:35:e5:
18:4e:33:aa:81:10:50:b2:8b:1a:40:ec:1e:b5:20:
d7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:84:E6:1D:C2:A3:1F:31:5E:E7:62:09:45:D8:35:90:B8:4F:74:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:880::/48
Signature Algorithm: sha256WithRSAEncryption
75:06:fe:47:b4:82:b3:4b:fe:a1:d0:3d:87:f5:d6:37:70:96:
64:7a:5d:8a:d5:b8:79:3c:c4:c0:b5:2c:a5:f8:16:b7:8c:20:
1a:a1:d8:fd:d6:20:49:76:0f:23:5e:96:0e:7e:bc:05:76:39:
a2:11:e5:6e:d5:bc:98:97:a6:98:62:21:79:17:de:49:3f:a2:
63:d0:82:6b:a0:5a:9b:f1:21:8f:03:41:5e:d0:01:07:43:a1:
f3:9c:31:53:98:03:d0:07:70:c2:84:87:ec:2c:82:c7:5d:fd:
bd:a0:58:d8:bb:a5:0f:1f:55:aa:7f:02:13:bd:cd:c9:16:79:
af:b4:c8:80:b5:af:88:b7:f0:e9:59:71:7b:20:5a:15:31:8b:
a4:29:ff:7b:b0:6d:04:93:67:3f:5d:23:6a:04:1e:73:45:fc:
4e:3b:90:ab:64:c8:ae:12:8e:37:ea:23:88:f8:85:7c:b3:b3:
95:c9:dd:c9:e4:ec:1a:77:14:c5:a7:aa:77:08:34:07:92:1a:
41:d2:4d:3c:8a:37:ee:72:ec:5f:26:fc:c5:1c:05:ee:5f:2c:
bb:aa:ea:63:41:6b:c3:1a:e8:88:cd:75:f2:ee:de:94:97:64:
86:18:a3:13:18:ac:9c:15:47:a3:88:67:79:20:41:3b:2d:a3:
22:11:cc:7c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNCWtKgwat+7jQjBYmSI3sgPf99wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMDhaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2OTJiMWE5ZTdmMjdlZmJlZDJhZmNhMzk5Y2M4ZjUyYzVhZjY3YjIyYjY1
ZTdiMTc0ZDY4ZWEwMWI5OTQ5ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrcnfjbKULe3bEqF880GLjnXQAQEMNGsfHETnnWcWdF3Bdjxp+qRZmQXQEG
6R12LdKdeKHtC7MqKF2kEcRSB3FL0bHX3yfbGpaRnl2NZaTKedBMpDfQyxo1YdVR
hhAFuIQJUyCI2rDOmxiIXE0ZutcJfGUBNWxckZMjpmrSwnathV0LYv8PN3GV9pd/
Amx2FgR/eMgWEcyp43G2t6+aPR2eP/2O3mO0GwkgATsdbws/5FXtDOJlbDUGKsJD
ABn16hCPWNRylhaeRtspFKt2tgRBiv+NAD5DRhCFkocBbzzWMBbzqNLQS2lKC6vy
EzXlGE4zqoEQULKLGkDsHrUg18MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQyhOYd
wqMfMV7nYglF2DWQuE90FzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwZjNjMDItMjBjMy00ODBmLWE3ODgtNjBkNzM3OGNlYTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAdQb+R7SCs0v+odA9h/XWN3CWZHpditW4eTzE
wLUspfgWt4wgGqHY/dYgSXYPI16WDn68BXY5ohHlbtW8mJemmGIheRfeST+iY9CC
a6Bam/EhjwNBXtABB0Oh85wxU5gD0AdwwoSH7CyCx139vaBY2LulDx9Vqn8CE73N
yRZ5r7TIgLWviLfw6VlxeyBaFTGLpCn/e7BtBJNnP10jagQec0X8TjuQq2TIrhKO
N+ojiPiFfLOzlcndyeTsGncUxaeqdwg0B5IaQdJNPIo37nLsXyb8xRwF7l8su6rq
Y0FrwxroiM118u7elJdkhhijExisnBVHo4hneSBBOy2jIhHMfA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:18 2025 by rpki-client