Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
File: 4ec3ef54-a209-4902-b036-4d329fe00df1.roa (raw, json)
Hash identifier: OzfNbrDuONjN63Fa7kjhlvSwCBC3SufrDel9QzqOHrA=
Subject key identifier: 75:5F:35:A4:E7:32:24:28:EA:1E:72:0E:9A:EF:0D:0F:19:A4:97:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17244FA48B4CDA87CDB6BC19BDC73AFA336706FA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
Signing time: Tue 20 May 2025 19:30:55 +0000
ROA not before: Tue 20 May 2025 19:30:55 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:24:4f:a4:8b:4c:da:87:cd:b6:bc:19:bd:c7:3a:fa:33:67:06:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:30:55 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=150a09059c1478d99613b90a8e977bb71eca1565615adb88f00d1fede927ef98, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0f:b5:f9:15:0d:2c:75:c7:08:f4:f6:bc:e0:
08:c2:75:c0:a3:6f:ae:5b:aa:4b:c5:17:4c:04:48:
f1:9c:f3:80:71:3c:57:0c:bc:a7:40:66:62:49:de:
78:c4:a8:da:e3:fe:45:20:54:00:fc:fa:82:48:a6:
22:3e:f0:42:34:95:41:a5:30:fe:cd:9c:92:2f:2f:
27:94:fd:31:e4:78:de:a8:d6:b5:23:52:16:7f:2d:
11:74:5b:a1:d8:54:6f:31:b4:67:0d:45:ef:9d:54:
32:e6:94:36:af:c6:83:dc:9e:79:8a:e2:bb:9b:6f:
67:8b:bc:b5:4c:dc:ac:bb:72:55:27:b6:f9:2f:96:
ba:73:21:2c:e4:95:16:3a:3d:05:70:6a:28:c5:47:
08:1e:98:44:7b:c6:c3:cf:f7:cc:50:dc:63:0e:ca:
21:a5:e8:e0:6c:eb:2f:33:4f:c5:33:a7:50:52:91:
df:ff:77:47:df:97:f9:8e:9f:e0:f5:7b:8e:5f:f1:
8a:e1:4b:c3:20:b6:05:51:08:d5:e5:e3:1c:b5:44:
b5:1e:94:9a:68:5f:d3:dd:8b:e9:8e:9c:65:0e:f4:
99:8d:6b:a6:0f:1c:08:41:03:67:49:b6:49:92:06:
e1:e3:11:03:98:06:b1:1e:64:46:c5:9b:89:b1:1b:
09:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:5F:35:A4:E7:32:24:28:EA:1E:72:0E:9A:EF:0D:0F:19:A4:97:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8020::/46
Signature Algorithm: sha256WithRSAEncryption
28:40:2e:1e:90:53:df:00:e4:0e:f5:4e:89:30:79:10:76:ff:
3d:d1:7d:83:a8:3b:80:ff:54:6d:e5:dd:e0:25:35:ae:9a:04:
41:1b:13:b8:51:89:b2:0b:a0:5f:54:05:51:d5:c8:20:f5:75:
46:77:a9:55:a4:a1:79:81:45:c6:c8:7b:5b:1e:a6:08:3c:c0:
58:3e:3b:09:77:a1:ed:23:a8:bc:34:6e:1d:76:80:9f:34:ef:
f4:b7:03:0d:1f:c8:7a:1c:44:d0:9b:fd:04:f4:2c:3d:e7:6b:
f4:b0:b9:fe:db:12:1a:36:03:0f:8d:2f:97:9c:62:fe:93:44:
67:ce:db:61:4b:58:7b:10:8b:ca:e0:2e:7a:5d:fa:bd:db:07:
a8:d5:d1:0f:04:6b:6c:fa:08:d1:25:76:da:e3:91:64:d6:21:
ff:07:8c:ad:42:f2:ba:37:9d:00:04:9f:73:49:2d:19:17:0a:
37:a4:5f:6f:04:10:3a:58:15:a7:7e:46:4b:85:b6:aa:ab:27:
b9:ec:68:50:c7:4e:5c:35:2f:e0:e5:a2:8c:e9:35:df:eb:9c:
0c:fb:69:0d:88:74:29:5d:bf:63:2c:2c:3f:25:f3:35:4f:f5:
8b:20:6d:54:4a:6c:00:2c:45:e3:24:33:aa:35:af:7f:fa:51:
b3:c2:0c:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFyRPpItM2ofNtrwZvcc6+jNnBvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMwNTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MGEwOTA1OWMxNDc4ZDk5NjEzYjkwYThlOTc3YmI3MWVjYTE1NjU2MTVh
ZGI4OGYwMGQxZmVkZTkyN2VmOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsPtfkVDSx1xwj09rzgCMJ1wKNvrluqS8UXTARI8ZzzgHE8Vwy8p0BmYkne
eMSo2uP+RSBUAPz6gkimIj7wQjSVQaUw/s2cki8vJ5T9MeR43qjWtSNSFn8tEXRb
odhUbzG0Zw1F751UMuaUNq/Gg9yeeYriu5tvZ4u8tUzcrLtyVSe2+S+WunMhLOSV
Fjo9BXBqKMVHCB6YRHvGw8/3zFDcYw7KIaXo4GzrLzNPxTOnUFKR3/93R9+X+Y6f
4PV7jl/xiuFLwyC2BVEI1eXjHLVEtR6Ummhf092L6Y6cZQ70mY1rpg8cCEEDZ0m2
SZIG4eMRA5gGsR5kRsWbibEbCb0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR1XzWk
5zIkKOoecg6a7w0PGaSXcDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGVjM2VmNTQtYTIwOS00OTAyLWIwMzYtNGQzMjlmZTAwZGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
IDANBgkqhkiG9w0BAQsFAAOCAQEAKEAuHpBT3wDkDvVOiTB5EHb/PdF9g6g7gP9U
beXd4CU1rpoEQRsTuFGJsgugX1QFUdXIIPV1RnepVaSheYFFxsh7Wx6mCDzAWD47
CXeh7SOovDRuHXaAnzTv9LcDDR/IehxE0Jv9BPQsPedr9LC5/tsSGjYDD40vl5xi
/pNEZ87bYUtYexCLyuAuel36vdsHqNXRDwRrbPoI0SV22uORZNYh/weMrULyujed
AASfc0ktGRcKN6RfbwQQOlgVp35GS4W2qqsnuexoUMdOXDUv4OWijOk13+ucDPtp
DYh0KV2/YywsPyXzNU/1iyBtVEpsACxF4yQzqjWvf/pRs8IMpA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:33 2025 by rpki-client