Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json)
Hash identifier: +rWdM7xfwjjItFmHBeD/qR0MwN7XvS/WkgjHxJdZdSY=
Subject key identifier: 89:82:52:13:E5:6C:34:2C:A7:20:46:E3:46:B2:37:F8:05:D3:A6:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FF5145428D7D2F1AD41F8FA6FA2CC14E49B2245
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
Signing time: Tue 20 May 2025 18:50:45 +0000
ROA not before: Tue 20 May 2025 18:50:45 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:f5:14:54:28:d7:d2:f1:ad:41:f8:fa:6f:a2:cc:14:e4:9b:22:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:45 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=aa5bf9a4945f60423a5affa4227505096ae34b761a90d5da152573513f80ae04, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3f:33:f8:ec:9a:18:a7:a0:2c:c6:eb:5e:7f:
7c:f6:53:be:08:fe:1e:6d:8a:a4:e8:cf:9c:54:88:
86:8b:2c:dc:ba:19:ba:a8:44:c0:11:d7:3a:dc:3e:
7a:01:f8:2d:45:bd:b8:ed:df:e8:37:cb:19:7c:4b:
1d:28:59:29:59:97:75:78:de:9f:5f:05:3e:15:6e:
1e:32:e2:b4:f6:4e:df:0f:65:83:4f:cb:68:d2:aa:
0f:40:7b:b7:a7:75:f3:b1:cb:63:62:b3:45:08:2d:
83:d5:77:57:32:dc:63:c4:fd:c7:ba:8b:9d:e1:a2:
c2:10:94:d9:95:62:5a:3a:99:f9:b7:a2:ce:9f:c1:
b5:93:24:48:c2:d5:e7:6f:37:b4:05:0a:8d:9f:4b:
ed:f1:49:99:44:6a:06:25:ec:53:f5:59:82:0f:ce:
e6:a0:f6:c1:cd:e9:74:bb:c6:a3:b4:17:cc:af:9c:
a7:e8:49:c9:66:52:23:d1:40:4e:b5:f7:65:34:cc:
cf:1e:11:e1:d8:c9:8a:f9:89:31:73:09:c6:7f:30:
3d:2e:44:8b:17:f8:f3:38:2b:ea:e4:e1:4b:76:34:
1f:ec:7d:19:55:77:28:9f:ed:20:cf:5b:62:b8:43:
79:81:dc:9a:82:91:14:d7:1e:5a:1a:8e:0b:a3:94:
fa:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:82:52:13:E5:6C:34:2C:A7:20:46:E3:46:B2:37:F8:05:D3:A6:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
6d:f5:35:4f:3c:c4:2f:3b:eb:a7:52:62:46:59:a0:88:ae:09:
69:bf:85:2d:24:ba:65:f2:05:b4:a6:4d:49:1c:a6:20:08:8b:
65:c5:65:6a:95:34:ab:0e:0b:d9:ed:77:47:f3:8e:f7:ef:9a:
3a:7c:25:f1:7b:a3:42:d5:44:ea:fb:e2:22:59:11:43:bd:3a:
99:9c:af:28:96:2c:3e:f7:57:eb:bc:aa:ef:12:e3:7e:eb:22:
38:34:48:63:32:e2:54:fc:a9:59:86:92:72:97:01:71:14:7b:
60:f6:13:58:44:93:9e:3e:be:57:38:04:11:3d:93:d1:8d:a1:
7b:95:1f:bd:2f:59:20:26:d9:13:14:81:14:f7:77:aa:ee:28:
0a:2f:05:b4:8b:cd:b4:4f:d7:f2:3c:35:f7:e1:21:d5:46:0e:
03:84:e4:ea:f5:57:88:bf:48:db:8a:13:aa:a8:29:b9:ae:fc:
70:a8:a9:e5:33:07:c4:0c:a8:fb:da:89:89:18:4c:ae:c0:04:
1a:3a:9f:a9:4b:ae:8e:6a:fa:95:c9:3e:9c:fc:18:78:b8:aa:
87:24:fc:1a:8e:b4:73:80:20:01:8a:7f:e9:90:c1:8b:d2:0a:
09:fe:69:69:7b:19:84:83:50:55:1d:9c:f1:29:82:d3:67:b0:
58:15:c0:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT/UUVCjX0vGtQfj6b6LMFOSbIkUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwNDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNWJmOWE0OTQ1ZjYwNDIzYTVhZmZhNDIyNzUwNTA5NmFlMzRiNzYxYTkw
ZDVkYTE1MjU3MzUxM2Y4MGFlMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJc/M/jsmhinoCzG615/fPZTvgj+Hm2KpOjPnFSIhoss3LoZuqhEwBHXOtw+
egH4LUW9uO3f6DfLGXxLHShZKVmXdXjen18FPhVuHjLitPZO3w9lg0/LaNKqD0B7
t6d187HLY2KzRQgtg9V3VzLcY8T9x7qLneGiwhCU2ZViWjqZ+beizp/BtZMkSMLV
5283tAUKjZ9L7fFJmURqBiXsU/VZgg/O5qD2wc3pdLvGo7QXzK+cp+hJyWZSI9FA
TrX3ZTTMzx4R4djJivmJMXMJxn8wPS5Eixf48zgr6uThS3Y0H+x9GVV3KJ/tIM9b
YrhDeYHcmoKRFNceWhqOC6OU+g0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSJglIT
5Ww0LKcgRuNGsjf4BdOm7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
wDANBgkqhkiG9w0BAQsFAAOCAQEAbfU1TzzELzvrp1JiRlmgiK4Jab+FLSS6ZfIF
tKZNSRymIAiLZcVlapU0qw4L2e13R/OO9++aOnwl8XujQtVE6vviIlkRQ706mZyv
KJYsPvdX67yq7xLjfusiODRIYzLiVPypWYaScpcBcRR7YPYTWESTnj6+VzgEET2T
0Y2he5UfvS9ZICbZExSBFPd3qu4oCi8FtIvNtE/X8jw19+Eh1UYOA4Tk6vVXiL9I
24oTqqgpua78cKip5TMHxAyo+9qJiRhMrsAEGjqfqUuujmr6lck+nPwYeLiqhyT8
Go60c4AgAYp/6ZDBi9IKCf5paXsZhINQVR2c8SmC02ewWBXAgw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:32 2025 by rpki-client