Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
File: 70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa (raw, json)
Hash identifier: 9faT1LEKhhxOS7zZZfaj10R31HQrl+5tRnqQwA6xotk=
Subject key identifier: 54:69:4F:9E:9D:50:39:00:2C:70:4D:AB:BB:FB:00:F7:B7:7E:5C:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E49A361E6F80E30389F92E68E4EEE172C519B79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
Signing time: Tue 20 May 2025 20:10:59 +0000
ROA not before: Tue 20 May 2025 20:10:59 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:49:a3:61:e6:f8:0e:30:38:9f:92:e6:8e:4e:ee:17:2c:51:9b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:59 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=726c2c0b54ae04fa68360dbfd8a357192ac8148015740cfddb2253059215edd8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ca:c6:51:0c:92:94:09:be:52:42:75:6d:88:
c8:fc:70:f0:9f:70:05:59:a5:97:7d:55:8c:c3:fc:
d6:ae:9c:ef:08:94:3b:f4:d3:5d:9b:a4:c3:ba:aa:
07:12:66:37:13:07:04:61:b9:0f:88:dc:c8:47:d9:
0d:14:f2:4c:e1:f4:53:87:c7:b6:e6:c0:de:82:3b:
c6:11:5e:6b:fd:66:20:35:86:19:00:95:e0:fa:f6:
6b:93:52:22:af:cc:56:27:0c:39:ef:7f:76:ab:f3:
68:ec:58:65:e1:7d:d6:68:78:c7:74:d8:f5:d3:42:
3b:01:80:10:2b:04:46:99:b8:44:61:eb:76:97:b1:
87:af:ab:9c:a6:a0:15:8a:9c:8b:4b:0d:e0:5d:98:
61:c6:4b:8f:ef:28:38:5a:54:d5:90:cf:d3:a2:d4:
34:77:c9:3d:4c:f6:99:5c:52:69:a7:ca:f0:92:51:
08:f9:21:3c:b9:53:80:ba:8d:32:4f:e8:89:98:91:
f5:a1:d2:2f:1f:c8:73:18:0b:ee:c3:8b:a5:4e:a8:
c3:c9:f6:06:48:e4:d2:88:22:01:e1:8e:73:c1:1f:
8b:7a:8b:b0:f5:ca:44:fe:86:84:b6:be:b8:77:9a:
89:87:a4:e8:01:fb:b7:2e:9a:46:b2:01:36:d1:e6:
57:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:69:4F:9E:9D:50:39:00:2C:70:4D:AB:BB:FB:00:F7:B7:7E:5C:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:e000::/40
Signature Algorithm: sha256WithRSAEncryption
48:88:25:ae:ac:80:3a:89:c9:6e:e1:af:54:a8:8d:e8:6b:b4:
d3:d8:e4:43:41:fd:6e:6a:60:51:6a:52:f6:98:47:bd:9e:bb:
88:ff:eb:03:27:70:3f:57:90:34:98:e7:be:1a:4e:b1:0b:11:
86:a0:2d:43:76:dd:63:c6:02:26:45:22:05:df:ce:18:ab:11:
33:d2:40:9b:ce:92:d7:90:10:f0:24:02:65:18:24:77:b8:a6:
9b:f5:cb:16:d3:68:de:22:76:16:93:e1:65:3b:5e:af:95:7a:
eb:d8:89:d4:62:e5:a4:42:26:5e:12:74:a9:1e:af:cd:31:70:
c3:db:8f:92:e6:81:5b:5b:fb:6b:fe:c9:16:4a:db:60:51:4a:
71:39:16:5b:8b:f9:3e:55:df:55:41:bb:08:52:6f:99:cc:a5:
2d:9f:d4:48:79:8e:ea:d5:bb:a4:38:16:48:52:37:be:c4:ec:
8a:2a:09:9d:c8:01:a8:6d:a7:18:a7:ea:92:88:7c:11:0a:6c:
ef:d4:ba:59:79:e2:f2:eb:51:19:6a:9c:2b:8a:0b:2a:bb:8d:
93:77:13:df:a8:a0:cc:94:f1:2d:ad:f0:8e:ed:b0:4e:7e:19:
f0:61:17:f4:1e:e1:53:ae:47:e7:79:f4:7b:c2:51:dd:7d:88:
50:5a:3f:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfkmjYeb4DjA4n5Lmjk7uFyxRm3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwNTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyNmMyYzBiNTRhZTA0ZmE2ODM2MGRiZmQ4YTM1NzE5MmFjODE0ODAxNTc0
MGNmZGRiMjI1MzA1OTIxNWVkZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3KxlEMkpQJvlJCdW2IyPxw8J9wBVmll31VjMP81q6c7wiUO/TTXZukw7qq
BxJmNxMHBGG5D4jcyEfZDRTyTOH0U4fHtubA3oI7xhFea/1mIDWGGQCV4Pr2a5NS
Iq/MVicMOe9/dqvzaOxYZeF91mh4x3TY9dNCOwGAECsERpm4RGHrdpexh6+rnKag
FYqci0sN4F2YYcZLj+8oOFpU1ZDP06LUNHfJPUz2mVxSaafK8JJRCPkhPLlTgLqN
Mk/oiZiR9aHSLx/IcxgL7sOLpU6ow8n2Bkjk0ogiAeGOc8Efi3qLsPXKRP6GhLa+
uHeaiYek6AH7ty6aRrIBNtHmV9kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUaU+e
nVA5ACxwTau7+wD3t35cxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBhMmJjNmYtYWUwZi00ZjEzLTk0OTktNzhjNTA1YTVmN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fjg
MA0GCSqGSIb3DQEBCwUAA4IBAQBIiCWurIA6iclu4a9UqI3oa7TT2ORDQf1uamBR
alL2mEe9nruI/+sDJ3A/V5A0mOe+Gk6xCxGGoC1Ddt1jxgImRSIF384YqxEz0kCb
zpLXkBDwJAJlGCR3uKab9csW02jeInYWk+FlO16vlXrr2InUYuWkQiZeEnSpHq/N
MXDD24+S5oFbW/tr/skWSttgUUpxORZbi/k+Vd9VQbsIUm+ZzKUtn9RIeY7q1buk
OBZIUje+xOyKKgmdyAGobacYp+qSiHwRCmzv1LpZeeLy61EZapwrigsqu42TdxPf
qKDMlPEtrfCO7bBOfhnwYRf0HuFTrkfnefR7wlHdfYhQWj9l
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:28 2025 by rpki-client