Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
File: 4c78114f-4347-44fe-aef1-32fc688c69b9.roa (raw, json)
Hash identifier: TtlqLvif8zPChMQgLXlODox4rKgeeND1PDeRrFSr388=
Subject key identifier: BF:2B:F6:3B:F8:4F:EE:8F:4D:1E:CB:EF:FF:DE:F6:3E:EA:41:44:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 493C72BAE60EFD20EDE97AE86B8648E8538E8FCC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
Signing time: Tue 20 May 2025 19:01:25 +0000
ROA not before: Tue 20 May 2025 19:01:25 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:3c:72:ba:e6:0e:fd:20:ed:e9:7a:e8:6b:86:48:e8:53:8e:8f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:25 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8413e9fbdc012f3848a6e580809a73e2ec7d47a14267d2f87ad0301143799dc7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c0:c9:49:1c:04:86:ba:5b:77:ae:5c:2e:04:
0e:12:75:79:f4:bc:56:e0:f5:c4:27:44:84:3b:f0:
b0:d7:45:ac:34:ac:1f:a0:98:af:a0:34:11:56:79:
38:34:22:54:88:bc:f0:c5:52:35:fe:71:de:dc:7d:
94:9f:b9:c7:b0:2c:43:59:71:ce:01:89:a7:1a:10:
50:7f:ef:e4:5b:f8:fa:39:0d:ac:92:cc:1c:01:40:
91:4f:94:a9:af:b1:91:24:ce:ed:33:56:ae:91:39:
6f:5a:7e:c4:46:c4:35:5c:03:b8:b3:07:16:cf:cb:
54:3d:40:94:15:17:55:92:73:01:f1:64:15:c9:88:
4e:57:c8:ce:4e:f9:b3:65:d1:e9:fd:30:c2:0a:2d:
8f:4b:8d:45:3c:d7:27:ab:a8:4e:f8:28:92:2f:5e:
8d:3f:29:43:4f:a9:18:07:81:4b:5c:f4:5c:8f:bb:
43:38:82:10:73:e6:37:57:d5:1e:f4:3b:5b:07:29:
a6:aa:20:a7:83:62:6b:7c:23:a6:94:18:c4:8b:d5:
7c:02:38:e4:c5:09:18:e6:1e:61:54:3d:1e:59:d4:
a7:de:a1:47:1f:21:75:1b:13:ed:1d:14:93:51:30:
39:c1:7b:6b:50:be:45:8d:86:01:9e:84:d2:bf:7f:
bf:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:2B:F6:3B:F8:4F:EE:8F:4D:1E:CB:EF:FF:DE:F6:3E:EA:41:44:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8020::/48
Signature Algorithm: sha256WithRSAEncryption
48:ce:7f:8c:12:26:c4:d4:35:f1:4d:94:2e:04:98:90:d5:82:
89:28:d9:23:4e:3d:45:56:30:07:85:50:69:15:7a:fd:f0:e4:
d2:ec:61:3b:9a:04:bc:e1:a0:79:b3:d4:77:86:0c:c2:7f:89:
05:1c:19:fd:72:b6:44:10:88:af:c7:37:95:d3:73:78:5c:4e:
9e:d1:e1:0c:aa:de:e4:e5:25:6d:48:85:53:4a:ad:d8:b9:db:
db:45:2f:34:99:fc:cc:77:35:42:45:0e:f4:8c:d0:90:9e:3b:
f2:5b:72:5c:ff:7a:19:94:9f:0b:e6:ed:16:9b:35:9f:c9:a4:
b8:45:b5:fd:db:61:8f:de:08:32:76:39:03:7e:ff:d1:f1:7d:
bf:02:59:54:39:09:be:b1:75:50:f0:4d:29:e2:2d:72:cb:9c:
5e:c8:35:af:a0:9e:77:36:8a:de:d0:d4:e0:05:bb:ae:d6:65:
33:23:c9:d8:61:5c:40:ad:4c:55:44:90:d9:33:26:d5:59:ed:
22:6f:5c:27:77:bb:1b:3b:a2:26:b5:5e:6e:db:33:e2:0d:6b:
79:fd:dc:dc:72:ab:f2:eb:51:46:b9:46:e1:6c:75:c0:a7:4c:
26:02:5f:2f:30:de:21:b1:f8:81:bc:ba:db:89:1e:f6:87:8f:
4d:fb:11:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSTxyuuYO/SDt6Xroa4ZI6FOOj8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMjVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0MTNlOWZiZGMwMTJmMzg0OGE2ZTU4MDgwOWE3M2UyZWM3ZDQ3YTE0MjY3
ZDJmODdhZDAzMDExNDM3OTlkYzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjAyUkcBIa6W3euXC4EDhJ1efS8VuD1xCdEhDvwsNdFrDSsH6CYr6A0EVZ5
ODQiVIi88MVSNf5x3tx9lJ+5x7AsQ1lxzgGJpxoQUH/v5Fv4+jkNrJLMHAFAkU+U
qa+xkSTO7TNWrpE5b1p+xEbENVwDuLMHFs/LVD1AlBUXVZJzAfFkFcmITlfIzk75
s2XR6f0wwgotj0uNRTzXJ6uoTvgoki9ejT8pQ0+pGAeBS1z0XI+7QziCEHPmN1fV
HvQ7Wwcppqogp4Nia3wjppQYxIvVfAI45MUJGOYeYVQ9HlnUp96hRx8hdRsT7R0U
k1EwOcF7a1C+RY2GAZ6E0r9/v60CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/K/Y7
+E/uj00ey+//3vY+6kFEMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM3ODExNGYtNDM0Ny00NGZlLWFlZjEtMzJmYzY4OGM2OWI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
IDANBgkqhkiG9w0BAQsFAAOCAQEASM5/jBImxNQ18U2ULgSYkNWCiSjZI049RVYw
B4VQaRV6/fDk0uxhO5oEvOGgebPUd4YMwn+JBRwZ/XK2RBCIr8c3ldNzeFxOntHh
DKre5OUlbUiFU0qt2Lnb20UvNJn8zHc1QkUO9IzQkJ478ltyXP96GZSfC+btFps1
n8mkuEW1/dthj94IMnY5A37/0fF9vwJZVDkJvrF1UPBNKeItcsucXsg1r6CedzaK
3tDU4AW7rtZlMyPJ2GFcQK1MVUSQ2TMm1VntIm9cJ3e7GzuiJrVebtsz4g1ref3c
3HKr8utRRrlG4Wx1wKdMJgJfLzDeIbH4gby624ke9oePTfsRpQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:43 2025 by rpki-client