Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
File: 48b510e0-0d59-48d3-96c5-ddb87c118e43.roa (raw, json)
Hash identifier: Iwm0RmWI5WNUL4ypKGEwb4e+yI5qx7wA6oE/e89Zaqs=
Subject key identifier: 4B:A2:79:C9:31:21:ED:A8:2F:53:06:4D:8F:58:33:98:FC:7D:B6:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D5454D9CD8823383EF50AE5B286F0DF7967213C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
Signing time: Tue 20 May 2025 18:30:15 +0000
ROA not before: Tue 20 May 2025 18:30:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:54:54:d9:cd:88:23:38:3e:f5:0a:e5:b2:86:f0:df:79:67:21:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0e0ba72388306b6b0fe43333fb25c989dd4ae11eaa2b5ca8ba0ecc05c6294f6f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:df:44:9d:e4:6a:b5:dc:12:53:fd:c2:aa:66:
7b:91:8f:c0:7a:e0:fb:92:f5:e9:e3:35:06:82:60:
da:92:c4:8c:2e:5e:50:f7:a6:0f:1c:49:04:d6:91:
c3:88:16:db:2f:04:bf:01:97:0c:88:41:70:ed:1a:
25:7e:7b:aa:a8:20:17:70:ab:bc:4c:40:a4:c7:a2:
b4:a5:bd:c0:00:8d:fc:a7:79:c2:0d:0f:c1:c9:6f:
3a:66:b3:8d:37:78:4d:f2:77:4c:be:ae:0e:9a:52:
54:87:9c:af:4a:9f:07:38:6d:84:9e:ee:f3:0b:e9:
86:e3:d0:04:5b:d2:df:16:37:8b:bb:b7:be:f5:3b:
78:c7:16:0e:d9:b9:a3:88:c3:a2:93:bb:40:ef:60:
91:30:94:9f:3c:2a:04:7a:68:42:33:cc:1b:aa:75:
e6:76:0d:09:62:3e:37:09:0b:b7:dc:85:24:17:16:
9d:6c:70:6d:e8:f4:cb:bc:99:8f:07:f4:10:a4:df:
a2:7a:1c:bb:7f:a1:67:36:af:b1:51:37:4a:48:b8:
19:63:7b:02:bf:67:0d:46:76:29:38:1d:83:d2:ea:
2f:24:15:75:d5:f9:d9:94:9a:45:1b:d6:d4:0d:22:
79:9d:58:1a:c7:a3:f1:2a:c3:41:5b:20:be:28:f4:
53:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A2:79:C9:31:21:ED:A8:2F:53:06:4D:8F:58:33:98:FC:7D:B6:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4020::/48
Signature Algorithm: sha256WithRSAEncryption
92:f0:65:a0:05:cf:a3:63:f9:44:1b:e5:89:bf:ee:e3:cf:3e:
9b:ea:f7:e2:83:66:aa:8c:82:3c:3a:fb:b7:ef:0e:8a:98:7c:
f2:1d:e2:aa:22:7f:b9:a8:b0:29:34:72:0e:aa:17:11:52:80:
e1:e3:aa:7a:0c:b6:42:2e:46:c2:b0:78:83:6f:90:6c:ef:47:
29:d6:b4:8e:89:46:91:c4:fd:c6:e3:a2:33:66:b1:38:0b:7a:
13:e1:18:1b:1f:24:fb:68:23:e7:7b:b5:71:eb:b6:d0:4e:2c:
ed:1d:8f:0e:66:31:70:8d:7c:fb:92:fa:58:1f:fd:8f:67:ef:
e6:e1:f1:b6:a4:20:ba:a5:df:d3:2a:e3:f4:6c:fd:b2:2a:36:
1d:f3:1d:60:fc:a9:47:83:f4:49:35:4c:18:c5:41:6b:7b:2c:
07:a5:65:2a:ee:d6:8b:f9:5c:a5:25:a4:3f:0e:a1:8b:18:83:
92:41:e4:4f:20:e8:f9:4c:b9:c7:9a:27:b5:d4:e1:d8:40:8a:
b4:4e:7c:4e:65:af:64:f9:1f:97:2c:d8:e9:9f:e8:d8:6c:46:
d2:b3:5f:49:1c:f6:43:1e:7f:ee:f0:18:62:7d:03:1c:7b:91:
12:45:86:9b:d4:ce:96:c9:de:39:f8:92:37:c7:60:8c:47:dd:
c9:d7:ea:10
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTVRU2c2IIzg+9Qrlsobw33lnITwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlMGJhNzIzODgzMDZiNmIwZmU0MzMzM2ZiMjVjOTg5ZGQ0YWUxMWVhYTJi
NWNhOGJhMGVjYzA1YzYyOTRmNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvfRJ3karXcElP9wqpme5GPwHrg+5L16eM1BoJg2pLEjC5eUPemDxxJBNaR
w4gW2y8EvwGXDIhBcO0aJX57qqggF3CrvExApMeitKW9wACN/Kd5wg0PwclvOmaz
jTd4TfJ3TL6uDppSVIecr0qfBzhthJ7u8wvphuPQBFvS3xY3i7u3vvU7eMcWDtm5
o4jDopO7QO9gkTCUnzwqBHpoQjPMG6p15nYNCWI+NwkLt9yFJBcWnWxwbej0y7yZ
jwf0EKTfonocu3+hZzavsVE3Ski4GWN7Ar9nDUZ2KTgdg9LqLyQVddX52ZSaRRvW
1A0ieZ1YGsej8SrDQVsgvij0U78CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRLonnJ
MSHtqC9TBk2PWDOY/H22HTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhiNTEwZTAtMGQ1OS00OGQzLTk2YzUtZGRiODdjMTE4ZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
IDANBgkqhkiG9w0BAQsFAAOCAQEAkvBloAXPo2P5RBvlib/u488+m+r34oNmqoyC
PDr7t+8Oiph88h3iqiJ/uaiwKTRyDqoXEVKA4eOqegy2Qi5GwrB4g2+QbO9HKda0
jolGkcT9xuOiM2axOAt6E+EYGx8k+2gj53u1ceu20E4s7R2PDmYxcI18+5L6WB/9
j2fv5uHxtqQguqXf0yrj9Gz9sio2HfMdYPypR4P0STVMGMVBa3ssB6VlKu7Wi/lc
pSWkPw6hixiDkkHkTyDo+Uy5x5ontdTh2ECKtE58TmWvZPkflyzY6Z/o2GxG0rNf
SRz2Qx5/7vAYYn0DHHuREkWGm9TOlsneOfiSN8dgjEfdydfqEA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:14 2025 by rpki-client