Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
File: 64b71704-2a76-40c8-a5e1-57ebfb451913.roa (raw, json)
Hash identifier: V0w4JH2CKUZDhH7qopRVbigX9nu06cStcZ72IDw2eH8=
Subject key identifier: 60:25:C4:53:83:14:32:C4:91:6C:4A:57:85:04:5B:F0:72:14:AB:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EBBF075FA5E43D1F9AA2B2FD129CB6DADAEBE95
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
Signing time: Tue 20 May 2025 19:41:23 +0000
ROA not before: Tue 20 May 2025 19:41:23 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:bb:f0:75:fa:5e:43:d1:f9:aa:2b:2f:d1:29:cb:6d:ad:ae:be:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:41:23 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=52f05cc7984ac9792e89450522fed4fe220c1b270e015c17a451f78350e886a1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:99:2b:cb:94:92:6e:e7:a4:2a:9b:01:09:c3:
e2:d9:0f:e4:de:8c:84:a3:c8:cb:b3:4c:ae:07:b7:
50:cd:e5:fa:c0:b4:e8:08:e8:ef:3e:32:af:5b:36:
d9:15:15:14:4d:09:91:83:e2:8a:d7:4d:66:52:20:
df:7b:25:38:a1:ae:9d:6f:0e:52:12:14:2f:19:b4:
e3:a9:7c:28:b3:b6:5f:69:3b:b8:34:fe:b1:9a:61:
14:6d:74:0d:3f:78:49:4a:f5:fc:e1:cf:41:d0:9b:
de:18:ee:3c:15:aa:37:2b:31:51:07:82:10:ac:75:
68:b4:57:dc:78:5d:45:01:75:c4:15:4e:63:b7:e3:
b0:d4:ef:75:e8:fb:2d:53:54:1c:2c:1c:80:1a:f5:
a1:cf:d6:61:48:25:33:0f:ea:0e:23:ef:01:39:de:
a4:b5:a7:2c:88:c5:b2:1f:11:9a:5d:92:06:84:9e:
b1:37:a1:5a:63:e8:61:df:f1:ff:a0:4a:0b:98:84:
f7:af:9a:22:f1:25:16:e0:ec:b8:42:e7:1d:32:fb:
49:02:6d:17:2c:4c:35:d3:8e:b5:a6:80:c6:ee:a8:
82:3a:ae:82:47:c0:34:ad:71:df:55:0f:d4:7a:0f:
74:b0:23:8e:f0:06:19:00:f1:72:f1:77:09:5b:57:
b5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:25:C4:53:83:14:32:C4:91:6C:4A:57:85:04:5B:F0:72:14:AB:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e080::/46
Signature Algorithm: sha256WithRSAEncryption
b0:2a:8f:c6:b5:00:94:59:92:67:06:75:59:5b:96:24:26:93:
4d:c3:63:6f:d6:fc:06:2f:09:96:e3:db:bd:10:91:54:82:c6:
b6:5c:75:6a:05:e6:e6:a2:5d:94:46:6c:b2:a5:16:07:5e:25:
37:a1:99:6b:c1:2e:71:7d:09:13:fc:ff:be:7b:5d:2c:a7:62:
d7:a7:3a:39:4b:3b:a6:48:51:88:d5:4a:8a:a6:e9:03:9c:51:
8e:da:af:50:d4:70:a5:be:38:74:9d:44:64:f0:68:30:27:e7:
54:eb:91:29:a7:76:0e:d5:1f:ae:43:46:09:f0:a3:8a:3b:3f:
23:46:ac:b6:09:7d:f0:95:c2:73:7b:4b:54:f3:df:b4:e1:72:
e0:27:2b:6e:20:53:e3:c7:18:47:a4:24:1d:68:19:0b:76:9c:
ca:78:65:42:a4:06:42:81:89:ae:a8:c8:77:af:35:b8:81:8b:
e9:d1:0d:20:cf:8c:9f:9b:60:3c:91:11:35:04:9d:19:db:ad:
26:c6:23:86:92:b6:9c:26:6c:7c:98:69:01:0b:79:bb:56:3d:
9b:4c:57:fc:b7:c8:78:e8:67:7e:42:66:d6:9b:bb:53:2e:e3:
0d:ee:f5:49:70:1b:bf:ec:d5:a8:f9:1f:34:c9:7c:cd:64:d7:
a9:db:69:f0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfrvwdfpeQ9H5qisv0SnLba2uvpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQxMjNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyZjA1Y2M3OTg0YWM5NzkyZTg5NDUwNTIyZmVkNGZlMjIwYzFiMjcwZTAx
NWMxN2E0NTFmNzgzNTBlODg2YTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCZK8uUkm7npCqbAQnD4tkP5N6MhKPIy7NMrge3UM3l+sC06Ajo7z4yr1s2
2RUVFE0JkYPiitdNZlIg33slOKGunW8OUhIULxm046l8KLO2X2k7uDT+sZphFG10
DT94SUr1/OHPQdCb3hjuPBWqNysxUQeCEKx1aLRX3HhdRQF1xBVOY7fjsNTvdej7
LVNUHCwcgBr1oc/WYUglMw/qDiPvATnepLWnLIjFsh8Rml2SBoSesTehWmPoYd/x
/6BKC5iE96+aIvElFuDsuELnHTL7SQJtFyxMNdOOtaaAxu6ogjqugkfANK1x31UP
1HoPdLAjjvAGGQDxcvF3CVtXteMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRgJcRT
gxQyxJFsSleFBFvwchSrtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjRiNzE3MDQtMmE3Ni00MGM4LWE1ZTEtNTdlYmZiNDUxOTEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
gDANBgkqhkiG9w0BAQsFAAOCAQEAsCqPxrUAlFmSZwZ1WVuWJCaTTcNjb9b8Bi8J
luPbvRCRVILGtlx1agXm5qJdlEZssqUWB14lN6GZa8EucX0JE/z/vntdLKdi16c6
OUs7pkhRiNVKiqbpA5xRjtqvUNRwpb44dJ1EZPBoMCfnVOuRKad2DtUfrkNGCfCj
ijs/I0astgl98JXCc3tLVPPftOFy4CcrbiBT48cYR6QkHWgZC3acynhlQqQGQoGJ
rqjId681uIGL6dENIM+Mn5tgPJERNQSdGdutJsYjhpK2nCZsfJhpAQt5u1Y9m0xX
/LfIeOhnfkJm1pu7Uy7jDe71SXAbv+zVqPkfNMl8zWTXqdtp8A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:30 2025 by rpki-client