Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
File: 546828d4-9f43-44c2-bff8-aafeddca4e25.roa (raw, json)
Hash identifier: CX1hM50c03pP3QWL5jEpLn2Nu1PqYZyYQqgoSNVPeNo=
Subject key identifier: BA:B2:6E:EB:1F:B0:E6:31:79:CA:12:56:11:B4:6B:67:51:9C:45:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F2C535E58F56E05CAF8135E538AC34EE92A793E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
Signing time: Tue 20 May 2025 19:11:01 +0000
ROA not before: Tue 20 May 2025 19:11:01 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:2c:53:5e:58:f5:6e:05:ca:f8:13:5e:53:8a:c3:4e:e9:2a:79:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:01 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=6794c5618fd2b67da32d701fbe6dfd5de12ff1242cd450f5870ae4f7aaad30e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ec:9c:3a:70:dd:e6:ab:0c:9c:9b:6a:bf:73:
d3:3d:4d:db:95:97:86:bd:d8:ee:90:2f:f0:4d:6b:
40:fc:57:0d:50:3e:cb:87:a2:18:9b:fc:d9:e6:8f:
d3:4d:19:b5:83:89:e2:cf:90:aa:bf:00:e6:bb:67:
73:d3:bf:47:f0:40:0e:41:c3:46:ce:f8:bc:74:47:
f2:c7:50:3a:d8:3f:e0:22:44:c6:d5:eb:1d:d3:b2:
8b:f1:be:60:2e:5d:7f:01:a7:6a:93:4e:a3:26:2a:
cf:2d:b8:ba:59:d5:41:33:99:29:78:21:ff:2d:f2:
ef:54:24:05:f3:ab:19:e9:91:4d:5f:3a:3d:e7:b7:
ba:af:92:2b:a0:2a:7b:a6:a8:aa:6f:c1:2e:89:9a:
f2:4c:64:b3:a4:3a:af:28:f7:93:fe:a8:55:2f:63:
4f:00:30:f4:f5:f2:f0:61:d2:ac:3c:db:14:75:d7:
7f:c2:6e:6b:52:07:52:84:2e:af:99:17:dd:c0:bf:
5f:53:94:2d:92:8c:5d:a2:a9:c6:16:6b:f5:60:8e:
fb:25:68:81:c0:f6:0e:a6:68:e4:0b:46:82:cd:63:
67:de:9c:97:13:8f:38:c0:31:b4:ce:64:56:df:50:
90:8a:76:a7:5d:65:c3:c1:55:54:d5:f9:52:65:46:
20:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B2:6E:EB:1F:B0:E6:31:79:CA:12:56:11:B4:6B:67:51:9C:45:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e040::/48
Signature Algorithm: sha256WithRSAEncryption
16:8c:69:5c:da:aa:f0:b8:05:b2:18:9e:5b:a8:a8:bc:00:ff:
a5:b0:be:7a:8f:22:11:92:75:f6:af:64:56:2d:db:38:14:30:
f3:ff:ef:97:43:4b:df:1d:7b:67:7d:4f:30:5e:e0:03:01:21:
0c:f5:47:62:a9:0c:13:71:77:00:da:3f:c8:dc:04:35:dd:5e:
8c:b6:a6:52:ff:00:18:fa:e3:5a:44:0a:09:d7:8a:5d:ba:80:
2f:f5:01:35:23:bc:22:68:fb:81:ed:4c:73:55:65:98:cd:1c:
b8:48:6b:8b:df:32:c2:5a:19:15:6f:5e:7a:82:c7:8a:90:da:
a9:69:74:bc:19:b3:e6:dd:06:df:7e:91:48:3a:d7:12:a1:36:
95:0e:fe:4e:3f:c9:9c:22:b2:71:44:35:b1:d3:5c:ce:e1:8a:
c1:0c:93:e3:97:1c:28:57:7e:7d:88:0e:8e:fb:80:4c:9f:f7:
23:87:2b:58:ca:4a:5c:e2:00:a5:86:d0:11:21:a3:3d:88:3e:
24:86:b1:ec:ef:ef:32:f0:42:d4:00:9e:8f:71:f5:bb:d8:21:
b4:06:c2:54:71:70:06:0d:b7:ee:f3:c4:4c:5c:d6:6f:47:fd:
f8:f0:d0:c4:5a:84:56:03:f4:64:54:c7:68:39:e2:14:15:18:
c1:ae:d9:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHyxTXlj1bgXK+BNeU4rDTukqeT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3OTRjNTYxOGZkMmI2N2RhMzJkNzAxZmJlNmRmZDVkZTEyZmYxMjQyY2Q0
NTBmNTg3MGFlNGY3YWFhZDMwZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOnsnDpw3earDJybar9z0z1N25WXhr3Y7pAv8E1rQPxXDVA+y4eiGJv82eaP
000ZtYOJ4s+Qqr8A5rtnc9O/R/BADkHDRs74vHRH8sdQOtg/4CJExtXrHdOyi/G+
YC5dfwGnapNOoyYqzy24ulnVQTOZKXgh/y3y71QkBfOrGemRTV86Pee3uq+SK6Aq
e6aoqm/BLoma8kxks6Q6ryj3k/6oVS9jTwAw9PXy8GHSrDzbFHXXf8Jua1IHUoQu
r5kX3cC/X1OULZKMXaKpxhZr9WCO+yVogcD2DqZo5AtGgs1jZ96clxOPOMAxtM5k
Vt9QkIp2p11lw8FVVNX5UmVGIBkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6sm7r
H7DmMXnKElYRtGtnUZxFfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ2ODI4ZDQtOWY0My00NGMyLWJmZjgtYWFmZWRkY2E0ZTI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
QDANBgkqhkiG9w0BAQsFAAOCAQEAFoxpXNqq8LgFshieW6iovAD/pbC+eo8iEZJ1
9q9kVi3bOBQw8//vl0NL3x17Z31PMF7gAwEhDPVHYqkME3F3ANo/yNwENd1ejLam
Uv8AGPrjWkQKCdeKXbqAL/UBNSO8Imj7ge1Mc1VlmM0cuEhri98ywloZFW9eeoLH
ipDaqWl0vBmz5t0G336RSDrXEqE2lQ7+Tj/JnCKycUQ1sdNczuGKwQyT45ccKFd+
fYgOjvuATJ/3I4crWMpKXOIApYbQESGjPYg+JIax7O/vMvBC1ACej3H1u9ghtAbC
VHFwBg237vPETFzWb0f9+PDQxFqEVgP0ZFTHaDniFBUYwa7ZQw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:14 2025 by rpki-client