Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
File: 492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa (raw, json)
Hash identifier: AHksqOFExOBWvGQexqU95H3T1YIapmWur/fFBF791BI=
Subject key identifier: E7:3F:A6:79:D4:F8:26:82:6F:02:3A:A8:4E:BC:69:7E:61:BE:F8:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CB5E4D90074C65C8A212860BB75DE7F37C87584
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
Signing time: Thu 22 May 2025 01:22:11 +0000
ROA not before: Thu 22 May 2025 01:22:11 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:b5:e4:d9:00:74:c6:5c:8a:21:28:60:bb:75:de:7f:37:c8:75:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:11 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=5856fccbaef79cc65f4d8bf4aca15d922108c71726bf4db5aa23099a2720c475, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ac:0b:1c:25:9a:00:a2:40:db:16:fd:c1:79:
f3:09:43:d8:c3:29:09:24:70:56:65:f1:51:e3:ab:
5c:a4:d4:80:55:e1:9a:1f:69:f8:3f:2b:36:c5:f5:
35:05:38:ca:8a:34:65:be:cb:65:46:c9:ab:cd:ec:
da:41:a7:81:a3:ae:87:1d:57:fa:a5:0b:45:f0:55:
13:5e:00:0f:3c:4c:d4:ea:74:79:49:0f:f3:06:25:
a6:65:fc:f5:d5:48:9e:10:98:d3:24:a7:4a:c0:81:
fc:e1:67:79:44:29:33:72:ee:e8:dd:5a:7b:a1:d0:
40:4e:e5:08:70:0e:99:88:12:40:a6:42:02:7a:63:
1c:b1:8f:35:95:76:e7:54:62:be:4a:f6:cb:36:62:
08:f2:e8:e0:2d:22:46:ee:c8:62:b0:c1:04:4c:0f:
72:76:a9:db:c7:f4:bd:1a:77:72:8a:fd:97:58:10:
e0:65:c4:6b:ad:ae:cd:e8:cb:6d:6f:0d:5f:6c:2f:
5a:cb:9e:49:62:66:2d:4e:71:79:b0:b8:2b:7a:12:
34:19:95:b1:6b:ba:2a:f9:8a:30:16:12:8a:5a:38:
d5:7b:f5:75:f4:20:07:3b:81:2a:7e:f6:c6:f8:1d:
20:28:21:0e:71:9e:28:d1:a7:09:75:e2:42:38:6b:
fa:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3F:A6:79:D4:F8:26:82:6F:02:3A:A8:4E:BC:69:7E:61:BE:F8:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:4000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:7e:70:59:d9:fe:34:a6:eb:e2:90:9c:0a:a4:7e:8b:df:d3:
89:a7:d9:48:95:85:78:fd:d9:79:e1:21:0d:d9:f1:45:1a:d9:
9f:b4:bd:b5:c6:32:c9:67:09:94:1a:ca:33:65:c6:bf:a6:3f:
5e:d8:0a:2b:a5:6f:73:14:fc:da:8b:71:93:18:76:1d:49:74:
e0:3f:29:09:cc:00:47:ff:5e:78:e4:b1:ba:18:df:02:65:f7:
b9:34:d4:dc:b4:42:3a:58:cd:29:c6:99:a0:70:d6:5f:11:a7:
8c:8a:1e:23:33:42:2b:f2:94:60:3e:7a:d0:ab:e0:91:70:b4:
2d:7e:af:a2:c5:92:94:45:d0:19:ee:e6:72:a4:b5:4b:4b:4d:
1d:82:67:d4:95:38:ca:81:d8:f3:07:90:a9:60:04:2b:e6:99:
48:bf:6a:13:48:98:56:0b:23:c4:10:df:12:07:6c:ae:36:75:
40:5e:0c:e9:23:66:9f:75:f2:67:15:f0:33:12:e3:98:28:a9:
95:53:4b:01:c8:3b:f5:58:5f:f0:12:94:d3:10:a3:02:77:a7:
ec:17:7a:20:e1:e5:1f:d1:f3:9c:1b:83:e8:92:bd:34:f8:ff:
05:bc:74:13:b2:59:8d:dc:59:34:29:ce:20:60:71:03:b9:34:
01:e9:ac:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTLXk2QB0xlyKIShgu3XefzfIdYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMTFaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4NTZmY2NiYWVmNzljYzY1ZjRkOGJmNGFjYTE1ZDkyMjEwOGM3MTcyNmJm
NGRiNWFhMjMwOTlhMjcyMGM0NzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqsCxwlmgCiQNsW/cF58wlD2MMpCSRwVmXxUeOrXKTUgFXhmh9p+D8rNsX1
NQU4yoo0Zb7LZUbJq83s2kGngaOuhx1X+qULRfBVE14ADzxM1Op0eUkP8wYlpmX8
9dVInhCY0ySnSsCB/OFneUQpM3Lu6N1ae6HQQE7lCHAOmYgSQKZCAnpjHLGPNZV2
51Rivkr2yzZiCPLo4C0iRu7IYrDBBEwPcnap28f0vRp3cor9l1gQ4GXEa62uzejL
bW8NX2wvWsueSWJmLU5xebC4K3oSNBmVsWu6KvmKMBYSilo41Xv1dfQgBzuBKn72
xvgdICghDnGeKNGnCXXiQjhr+g0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTnP6Z5
1Pgmgm8COqhOvGl+Yb74TjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkyZWQ4Y2EtZWZhNC00MDQxLWFjOGQtYjBhNzhlZjA1MzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1A
MA0GCSqGSIb3DQEBCwUAA4IBAQBOfnBZ2f40puvikJwKpH6L39OJp9lIlYV4/dl5
4SEN2fFFGtmftL21xjLJZwmUGsozZca/pj9e2AorpW9zFPzai3GTGHYdSXTgPykJ
zABH/1545LG6GN8CZfe5NNTctEI6WM0pxpmgcNZfEaeMih4jM0Ir8pRgPnrQq+CR
cLQtfq+ixZKURdAZ7uZypLVLS00dgmfUlTjKgdjzB5CpYAQr5plIv2oTSJhWCyPE
EN8SB2yuNnVAXgzpI2afdfJnFfAzEuOYKKmVU0sByDv1WF/wEpTTEKMCd6fsF3og
4eUf0fOcG4Pokr00+P8FvHQTslmN3Fk0Kc4gYHEDuTQB6ayb
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:53:57 2025 by rpki-client