Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
File: 4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa (raw, json)
Hash identifier: XTioVPcZeRS6A2r/kjB0KJawHS2u2pSoCbM4LldAC2Q=
Subject key identifier: 6F:FA:36:CF:D8:03:9D:B3:F6:0C:4A:2F:CB:32:7F:8E:83:1F:FA:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 236FC634485124984BAB8C253BB34E0FB24D0A94
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
Signing time: Thu 22 May 2025 01:22:21 +0000
ROA not before: Thu 22 May 2025 01:22:21 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:6f:c6:34:48:51:24:98:4b:ab:8c:25:3b:b3:4e:0f:b2:4d:0a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:21 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=934e10c2af72df9a938fd269d84449fedbe52a6990a35e2be01fcdb6cd8334d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6b:97:cd:22:bd:5c:26:11:93:4e:2e:17:b7:
fb:6a:ae:13:1a:e6:d5:28:c2:01:ce:d3:6b:67:62:
a8:5c:1a:02:89:df:51:ac:bf:d2:ac:17:68:1f:3e:
58:a5:f7:06:c9:18:15:d7:fa:5d:55:b1:a5:69:c4:
1d:21:92:e2:72:bd:29:cc:1f:95:a9:63:76:05:b4:
0a:6a:52:b9:3a:05:f9:9b:cb:42:9b:06:20:da:4d:
99:0b:4f:b9:ad:33:8e:73:5e:a8:f3:eb:f6:a5:20:
0c:45:74:7e:c4:ba:fb:51:a1:70:ea:08:b6:24:cd:
47:09:06:a3:e1:29:45:d2:10:3a:19:14:6e:a2:b1:
5d:e8:2a:65:d9:09:a3:ee:01:21:34:e1:76:13:a1:
9d:14:fd:5e:23:04:9d:59:4d:07:19:ac:07:2d:e9:
af:1c:2f:db:b0:15:c3:5c:c2:86:b6:1d:57:46:31:
3e:a2:a1:28:79:c2:cc:c5:13:fe:5d:53:52:24:ff:
ff:25:a2:28:43:c5:32:0a:35:5b:89:7e:4b:6e:ab:
2b:8f:8b:93:33:29:ed:d2:39:8c:3c:52:71:b8:cf:
24:8a:da:d1:80:2e:24:f3:55:ba:ef:9f:32:e2:b2:
9c:ae:94:fd:20:e8:6f:70:c0:77:e6:3f:79:9f:a2:
31:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:FA:36:CF:D8:03:9D:B3:F6:0C:4A:2F:CB:32:7F:8E:83:1F:FA:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:70:9a:0f:07:66:6d:93:a2:de:4d:38:80:79:c0:5b:6e:50:
95:bd:0c:1c:39:8c:00:04:c9:6b:54:48:ae:d2:49:62:17:e0:
dd:79:f2:e8:7d:92:1f:6e:30:b4:d2:e8:f7:96:a3:52:bd:9c:
36:ec:78:2e:be:46:c0:30:4f:70:76:c8:85:4e:82:c6:ea:30:
09:76:4f:60:b6:22:23:e7:f1:b8:3a:8d:4d:de:a9:35:d4:f3:
b2:a5:fc:0e:ee:f8:54:f3:af:e3:c1:ad:9a:63:2a:0b:8e:ee:
11:d5:11:96:6a:45:2c:e0:4a:33:69:41:fe:9e:4c:c7:92:d4:
b5:f1:88:20:cc:75:ba:99:ab:06:f1:d4:6c:23:96:8d:5f:35:
88:7a:6b:e4:da:7c:56:ac:d9:b8:e8:ce:92:19:0a:16:bc:f7:
4d:4d:fa:53:5a:6c:0b:3e:0c:3a:db:1a:46:9a:dc:ad:00:b6:
f8:a3:3d:1d:6f:7a:89:d1:d2:2f:c1:c1:89:6c:97:a4:5c:ce:
66:e9:e2:71:f5:d6:25:b3:30:72:94:79:40:8d:45:33:e7:36:
e8:af:cf:19:73:f7:37:83:30:f5:ee:03:c3:3f:87:24:2f:03:
02:a6:f2:2f:1e:3d:b9:1f:90:c0:a9:8d:38:9c:c2:1f:42:d8:
15:8c:1f:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI2/GNEhRJJhLq4wlO7NOD7JNCpQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMjFaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzNGUxMGMyYWY3MmRmOWE5MzhmZDI2OWQ4NDQ0OWZlZGJlNTJhNjk5MGEz
NWUyYmUwMWZjZGI2Y2Q4MzM0ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhrl80ivVwmEZNOLhe3+2quExrm1SjCAc7Ta2diqFwaAonfUay/0qwXaB8+
WKX3BskYFdf6XVWxpWnEHSGS4nK9KcwflaljdgW0CmpSuToF+ZvLQpsGINpNmQtP
ua0zjnNeqPPr9qUgDEV0fsS6+1GhcOoItiTNRwkGo+EpRdIQOhkUbqKxXegqZdkJ
o+4BITThdhOhnRT9XiMEnVlNBxmsBy3prxwv27AVw1zChrYdV0YxPqKhKHnCzMUT
/l1TUiT//yWiKEPFMgo1W4l+S26rK4+LkzMp7dI5jDxScbjPJIra0YAuJPNVuu+f
MuKynK6U/SDob3DAd+Y/eZ+iMeECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRv+jbP
2AOds/YMSi/LMn+Ogx/6GDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI1MjBmMmYtN2ZjMC00MWFmLThjNTMtZWMwNjc1YWE4M2QwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3g
MA0GCSqGSIb3DQEBCwUAA4IBAQCzcJoPB2Ztk6LeTTiAecBbblCVvQwcOYwABMlr
VEiu0kliF+DdefLofZIfbjC00uj3lqNSvZw27HguvkbAME9wdsiFToLG6jAJdk9g
tiIj5/G4Oo1N3qk11POypfwO7vhU86/jwa2aYyoLju4R1RGWakUs4EozaUH+nkzH
ktS18YggzHW6masG8dRsI5aNXzWIemvk2nxWrNm46M6SGQoWvPdNTfpTWmwLPgw6
2xpGmtytALb4oz0db3qJ0dIvwcGJbJekXM5m6eJx9dYlszBylHlAjUUz5zbor88Z
c/c3gzD17gPDP4ckLwMCpvIvHj25H5DAqY04nMIfQtgVjB/x
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:23 2025 by rpki-client