Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa
File: 599e0695-4b67-4a37-994a-8c71d61260b3.roa (raw, json)
Hash identifier: ZRiE8DQDEyS8csRxjI2gdCdt+qgcHL/KyGaLBX9JjrA=
Subject key identifier: 15:BD:CA:A8:0E:4A:EC:4C:00:D4:5B:8E:F0:24:32:9E:F1:AC:5F:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 186212E4B086B2AB187AA0B1E650D08101499A4F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa
Signing time: Tue 20 May 2025 19:01:00 +0000
ROA not before: Tue 20 May 2025 19:01:00 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:62:12:e4:b0:86:b2:ab:18:7a:a0:b1:e6:50:d0:81:01:49:9a:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:00 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8701ab2a3aace447298ed66c00ab78fc6a5f83f8ebebe9a1a8bb3c199a2049cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:90:b4:4c:b2:97:46:47:9d:6c:b0:f7:a1:30:
1a:97:38:b4:c4:bd:8f:82:09:50:0d:61:ae:7c:f7:
18:5a:58:e4:64:8a:43:fa:98:76:a6:0b:82:2f:63:
b3:2c:94:2c:2a:01:89:36:94:df:72:a1:3f:b5:5b:
0d:47:da:23:26:38:eb:2c:fc:e5:59:be:4c:89:a2:
70:0c:15:d0:5d:30:dd:70:35:37:ce:ef:5c:eb:de:
98:cb:88:5e:46:47:32:96:ae:d0:16:d6:82:be:82:
6c:47:3a:49:80:3f:af:02:b0:e6:b0:bb:da:98:f4:
58:80:10:b8:25:4f:5a:76:3c:dd:db:6a:09:77:74:
fc:eb:bf:2e:32:d3:fc:05:6d:9f:b8:3c:b4:07:e7:
be:dc:a4:fb:90:27:1a:54:9c:7a:df:aa:3e:ac:c4:
70:01:09:cd:1e:bc:ee:e9:dc:24:e1:9c:b6:39:24:
fb:ff:c7:4e:3a:c5:b6:ce:1e:1b:b5:8a:23:07:dd:
87:fb:51:4f:8c:23:d9:f4:e9:db:4c:1a:f3:6a:8d:
7c:2f:ce:14:e6:07:c2:3c:e0:33:db:74:28:d4:6e:
36:75:10:1a:3f:6c:00:13:43:cb:bd:9c:fa:7a:e8:
44:8b:54:f7:c5:a3:d4:1c:3e:c8:d0:cf:8a:50:f7:
aa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BD:CA:A8:0E:4A:EC:4C:00:D4:5B:8E:F0:24:32:9E:F1:AC:5F:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:ab:81:fd:2a:1e:a4:e4:d6:56:9a:40:d7:7f:01:d6:d2:c8:
2e:2e:75:1a:7f:a7:14:c3:ab:54:cf:fc:c4:14:89:51:59:f8:
99:77:cf:4b:cb:78:64:af:e7:c9:cd:43:7e:93:92:4f:6e:84:
f0:bf:df:d3:d6:96:0a:5a:5f:70:7b:47:3c:07:75:26:02:40:
ad:be:f3:1b:b7:80:7e:7f:4d:3e:f9:94:73:e0:56:43:9f:b9:
4e:90:9b:50:03:48:b7:a3:16:e9:fb:f2:04:6f:7b:a2:d8:84:
99:29:fd:e5:c7:fa:99:92:1a:db:90:4e:c4:61:35:9e:f4:f5:
8b:87:62:ad:21:03:98:41:4e:4b:4f:ae:f0:2a:67:c6:e0:af:
96:18:8f:58:07:dd:6f:08:e3:58:90:49:e7:e5:40:05:39:be:
c2:9d:bd:b7:ae:5d:aa:3f:e7:8d:c7:05:d9:68:83:4e:c9:2a:
3b:e8:aa:12:05:52:87:2b:42:e6:e4:e6:58:48:77:2c:9e:92:
78:9f:07:ed:28:24:3f:8f:02:fa:bf:5d:14:ec:56:00:91:bb:
3d:79:1e:7e:19:ed:b1:ae:18:ef:65:e6:f6:9e:86:eb:06:4e:
f0:07:5d:49:f2:09:2f:69:f5:03:fa:51:3c:5c:a8:39:0d:a7:
b8:8a:d4:18
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGGIS5LCGsqsYeqCx5lDQgQFJmk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMDBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3MDFhYjJhM2FhY2U0NDcyOThlZDY2YzAwYWI3OGZjNmE1ZjgzZjhlYmVi
ZTlhMWE4YmIzYzE5OWEyMDQ5Y2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeQtEyyl0ZHnWyw96EwGpc4tMS9j4IJUA1hrnz3GFpY5GSKQ/qYdqYLgi9j
syyULCoBiTaU33KhP7VbDUfaIyY46yz85Vm+TImicAwV0F0w3XA1N87vXOvemMuI
XkZHMpau0BbWgr6CbEc6SYA/rwKw5rC72pj0WIAQuCVPWnY83dtqCXd0/Ou/LjLT
/AVtn7g8tAfnvtyk+5AnGlScet+qPqzEcAEJzR687uncJOGctjkk+//HTjrFts4e
G7WKIwfdh/tRT4wj2fTp20wa82qNfC/OFOYHwjzgM9t0KNRuNnUQGj9sABNDy72c
+nroRItU98Wj1Bw+yNDPilD3qv8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQVvcqo
DkrsTADUW47wJDKe8axfNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTk5ZTA2OTUtNGI2Ny00YTM3LTk5NGEtOGM3MWQ2MTI2MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
wDANBgkqhkiG9w0BAQsFAAOCAQEAKKuB/SoepOTWVppA138B1tLILi51Gn+nFMOr
VM/8xBSJUVn4mXfPS8t4ZK/nyc1DfpOST26E8L/f09aWClpfcHtHPAd1JgJArb7z
G7eAfn9NPvmUc+BWQ5+5TpCbUANIt6MW6fvyBG97otiEmSn95cf6mZIa25BOxGE1
nvT1i4dirSEDmEFOS0+u8CpnxuCvlhiPWAfdbwjjWJBJ5+VABTm+wp29t65dqj/n
jccF2WiDTskqO+iqEgVShytC5uTmWEh3LJ6SeJ8H7SgkP48C+r9dFOxWAJG7PXke
fhntsa4Y72Xm9p6G6wZO8AddSfIJL2n1A/pRPFyoOQ2nuIrUGA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:20 2025 by rpki-client