Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e95266c-c25e-4290-89ff-746c48b05733.roa
File: 4e95266c-c25e-4290-89ff-746c48b05733.roa (raw, json)
Hash identifier: tvlTyMbi/QYBE40N3iosUsQ6d5j+blHg76y5B2QOuXU=
Subject key identifier: 57:87:1B:3F:90:C6:ED:FC:B5:5F:3D:8F:33:6C:A0:A2:D5:42:87:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 065239C6109385B8F7F67E68DE842E3A6D1B1F66
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e95266c-c25e-4290-89ff-746c48b05733.roa
Signing time: Tue 20 May 2025 19:51:01 +0000
ROA not before: Tue 20 May 2025 19:51:01 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:52:39:c6:10:93:85:b8:f7:f6:7e:68:de:84:2e:3a:6d:1b:1f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:01 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=893992b48c43833b5f1a9cf9811b049b38f2a3214750c03d99705cf01396b3a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4f:0d:f3:8b:17:71:8c:57:74:5b:b4:80:4f:
e8:4d:54:95:ac:79:d9:b7:6d:06:52:82:0d:e9:da:
0b:32:ad:df:2c:32:2e:d1:a3:e2:7d:38:50:2e:0e:
70:bc:59:57:57:9f:0f:e3:7f:17:03:d4:92:99:0c:
ce:98:22:20:4c:cc:3f:d0:94:ba:06:8f:7a:93:76:
2d:9a:7f:8d:94:a6:06:b5:42:bb:bc:d9:31:aa:37:
37:a2:36:a4:f2:d4:33:a4:78:83:27:fe:88:3b:e8:
af:dc:c6:c3:d7:01:50:06:0e:c5:31:03:60:64:31:
33:68:8d:da:6c:ee:95:bf:85:f6:a3:a3:47:1a:42:
ca:8e:86:f3:61:65:5a:60:6f:b9:92:4d:da:7f:4f:
24:be:f2:28:3d:9a:dc:a3:c8:14:9f:21:df:86:ce:
4c:89:03:dc:ef:47:0d:cb:ff:a1:29:eb:23:a9:e8:
98:0d:58:68:2d:fe:fc:6a:e9:9e:8a:38:f8:df:36:
98:34:77:10:40:dd:28:d7:88:f8:17:12:56:ce:ff:
98:c9:02:f0:d1:a6:46:9f:e0:ff:ac:92:1c:78:cf:
78:6a:00:26:7c:67:b4:13:59:ca:27:cd:93:f7:0d:
a3:e7:72:c3:b2:a0:25:10:4c:24:3b:5d:3d:b6:d6:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:87:1B:3F:90:C6:ED:FC:B5:5F:3D:8F:33:6C:A0:A2:D5:42:87:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e95266c-c25e-4290-89ff-746c48b05733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
8e:f6:bc:cc:b6:1e:41:b1:dc:75:d6:86:b6:37:fe:cb:f8:02:
87:64:65:28:3a:34:70:67:f0:82:4e:36:70:f7:5d:68:b3:37:
c1:41:77:36:9a:60:28:76:86:eb:c6:95:6a:13:0e:15:ec:65:
b8:ac:d3:e6:f8:b2:12:29:e2:cd:58:83:68:27:b7:96:12:81:
1b:b0:17:7d:0b:43:9a:4d:b1:13:bf:80:84:2b:c7:9a:53:8e:
09:a5:5d:20:e3:d3:63:b2:9d:41:bb:28:15:a6:5b:8d:60:b9:
65:20:91:bc:c4:90:ad:86:00:7d:03:b4:2e:8a:4c:dc:ea:b6:
a8:24:f4:9d:b9:80:dc:ae:6a:a2:5c:ea:c4:d4:78:bf:59:61:
37:02:91:eb:fc:8c:d3:eb:d1:14:64:82:33:c4:11:ba:b8:df:
35:4c:f1:f5:6f:97:2c:ba:ac:b9:26:c0:19:96:90:25:20:34:
f8:db:38:38:49:cc:4a:d7:95:10:1c:c8:7b:44:4e:c0:8f:dc:
a6:b8:cd:c3:d2:a7:03:1f:ce:ae:26:72:67:61:2d:ee:19:41:
03:06:c2:57:f5:f4:ff:e0:eb:9d:ae:f8:2c:82:ea:bd:2d:56:
17:33:12:9c:a1:78:df:e2:5a:bc:e3:b7:e2:3b:f6:45:a7:21:
52:af:b9:46
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBlI5xhCThbj39n5o3oQuOm0bH2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxMDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5Mzk5MmI0OGM0MzgzM2I1ZjFhOWNmOTgxMWIwNDliMzhmMmEzMjE0NzUw
YzAzZDk5NzA1Y2YwMTM5NmIzYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhPDfOLF3GMV3RbtIBP6E1Ulax52bdtBlKCDenaCzKt3ywyLtGj4n04UC4O
cLxZV1efD+N/FwPUkpkMzpgiIEzMP9CUugaPepN2LZp/jZSmBrVCu7zZMao3N6I2
pPLUM6R4gyf+iDvor9zGw9cBUAYOxTEDYGQxM2iN2mzulb+F9qOjRxpCyo6G82Fl
WmBvuZJN2n9PJL7yKD2a3KPIFJ8h34bOTIkD3O9HDcv/oSnrI6nomA1YaC3+/Grp
noo4+N82mDR3EEDdKNeI+BcSVs7/mMkC8NGmRp/g/6ySHHjPeGoAJnxntBNZyifN
k/cNo+dyw7KgJRBMJDtdPbbWu88CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXhxs/
kMbt/LVfPY8zbKCi1UKHejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU5NTI2NmMtYzI1ZS00MjkwLTg5ZmYtNzQ2YzQ4YjA1NzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
wDANBgkqhkiG9w0BAQsFAAOCAQEAjva8zLYeQbHcddaGtjf+y/gCh2RlKDo0cGfw
gk42cPddaLM3wUF3NppgKHaG68aVahMOFexluKzT5viyEinizViDaCe3lhKBG7AX
fQtDmk2xE7+AhCvHmlOOCaVdIOPTY7KdQbsoFaZbjWC5ZSCRvMSQrYYAfQO0LopM
3Oq2qCT0nbmA3K5qolzqxNR4v1lhNwKR6/yM0+vRFGSCM8QRurjfNUzx9W+XLLqs
uSbAGZaQJSA0+Ns4OEnMSteVEBzIe0ROwI/cprjNw9KnAx/OriZyZ2Et7hlBAwbC
V/X0/+Drna74LILqvS1WFzMSnKF43+JavOO34jv2RachUq+5Rg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:17 2025 by rpki-client