Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
File: 72c1c04d-5c77-431c-825c-1633fac1964d.roa (raw, json)
Hash identifier: ldY0UuKJ6VwmbM5NJt59bW3TEYIPwthf+hb7fxWzyXw=
Subject key identifier: 75:9B:FD:2E:FC:3D:4F:85:20:D1:2A:F0:5D:DE:8B:22:F6:7C:D4:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B21E009C7E3F609503C234AB36B351CB3E8F33A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
Signing time: Tue 20 May 2025 19:21:34 +0000
ROA not before: Tue 20 May 2025 19:21:34 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8030::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:21:e0:09:c7:e3:f6:09:50:3c:23:4a:b3:6b:35:1c:b3:e8:f3:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:34 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=69ebba6a368249b4cbec9dcb040cc363b51629e7197a061c973db45b7a07bae1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:4e:8d:02:6f:81:dd:ef:4b:ee:8e:ec:b8:
63:da:af:b0:c1:8c:71:1e:ca:bf:73:47:a0:fe:54:
16:ca:0c:3f:30:de:84:42:25:39:c2:e9:1a:ae:9a:
07:8b:72:bd:e1:8e:6c:58:d4:38:29:19:bd:0c:70:
6a:71:7b:89:0c:1f:5b:55:f3:b8:ff:ab:f9:9e:06:
3c:5b:c3:47:74:b6:e6:78:0c:cf:04:32:ba:00:ad:
f4:8b:4a:25:9a:79:3d:09:a9:cd:9b:36:5c:81:06:
b3:e1:8d:8c:85:a9:ed:d1:b5:6a:53:28:f3:38:38:
70:9b:c9:1a:26:9c:ce:93:d3:30:84:82:6f:cd:30:
9f:31:56:bd:c1:e9:58:ae:5b:27:f8:47:b1:4b:fe:
08:15:e4:29:0d:9e:2a:bc:7c:07:51:1e:7b:79:74:
2a:3c:b5:a6:4a:6d:3e:ec:57:a9:12:2c:9c:e3:f3:
eb:6d:84:e0:b8:66:3c:9e:54:a8:af:b9:c4:5a:89:
47:89:11:c1:a9:60:4a:84:25:8a:3e:9b:54:62:29:
21:63:39:5b:42:46:ce:d3:4a:3b:6c:a6:9b:e1:3d:
aa:3d:74:15:01:4c:0c:aa:8d:46:9d:e5:23:75:11:
10:52:2f:b2:08:47:4b:c4:26:a7:32:ae:c4:2d:6f:
91:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:9B:FD:2E:FC:3D:4F:85:20:D1:2A:F0:5D:DE:8B:22:F6:7C:D4:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8030::/48
Signature Algorithm: sha256WithRSAEncryption
b8:76:7c:c4:4b:13:f4:26:20:e6:8e:a2:69:7f:d9:9b:d6:3e:
93:9c:ae:dd:f9:ad:14:94:0d:cc:81:cc:1d:1b:38:d6:3d:65:
e4:7c:c5:07:94:20:1e:69:49:59:97:c9:f3:e3:b4:38:db:6d:
62:6b:8b:9e:57:3f:c6:b3:60:58:ae:dd:64:4b:80:0c:a3:9e:
76:c4:bc:21:f3:a6:03:84:12:07:0e:86:a1:eb:64:68:ba:6e:
f9:b9:c6:3a:b3:13:78:11:4a:44:41:05:31:c2:f5:26:a9:05:
88:8a:4d:28:a2:11:69:fd:1c:39:e3:e2:66:24:d8:37:cc:85:
d0:73:33:70:10:17:07:e8:70:f4:68:0f:48:51:36:95:c8:13:
41:6d:ca:e7:0f:2f:b2:8b:8d:08:2a:d8:bb:12:66:47:9e:3e:
48:a1:a8:57:e7:ee:bd:cd:6d:7c:62:2e:8c:9a:bf:d7:ac:96:
3b:af:9d:b8:b4:5b:44:1e:50:07:fb:8e:8f:6d:42:f6:fb:55:
7e:32:24:84:17:d7:23:b6:54:de:8e:50:e2:35:ee:4b:a7:73:
2b:c7:31:d3:83:b2:e8:46:6f:52:98:fa:80:d9:9c:36:3a:c5:
9d:6e:18:22:ce:88:51:2d:81:0c:95:7c:79:15:9f:cb:4e:c7:
66:58:a6:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCyHgCcfj9glQPCNKs2s1HLPo8zowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMzRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5ZWJiYTZhMzY4MjQ5YjRjYmVjOWRjYjA0MGNjMzYzYjUxNjI5ZTcxOTdh
MDYxYzk3M2RiNDViN2EwN2JhZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvgTo0Cb4Hd70vujuy4Y9qvsMGMcR7Kv3NHoP5UFsoMPzDehEIlOcLpGq6a
B4tyveGObFjUOCkZvQxwanF7iQwfW1XzuP+r+Z4GPFvDR3S25ngMzwQyugCt9ItK
JZp5PQmpzZs2XIEGs+GNjIWp7dG1alMo8zg4cJvJGiaczpPTMISCb80wnzFWvcHp
WK5bJ/hHsUv+CBXkKQ2eKrx8B1Eee3l0Kjy1pkptPuxXqRIsnOPz622E4LhmPJ5U
qK+5xFqJR4kRwalgSoQlij6bVGIpIWM5W0JGztNKO2ymm+E9qj10FQFMDKqNRp3l
I3UREFIvsghHS8QmpzKuxC1vkScCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR1m/0u
/D1PhSDRKvBd3osi9nzUADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJjMWMwNGQtNWM3Ny00MzFjLTgyNWMtMTYzM2ZhYzE5NjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
MDANBgkqhkiG9w0BAQsFAAOCAQEAuHZ8xEsT9CYg5o6iaX/Zm9Y+k5yu3fmtFJQN
zIHMHRs41j1l5HzFB5QgHmlJWZfJ8+O0ONttYmuLnlc/xrNgWK7dZEuADKOedsS8
IfOmA4QSBw6GoetkaLpu+bnGOrMTeBFKREEFMcL1JqkFiIpNKKIRaf0cOePiZiTY
N8yF0HMzcBAXB+hw9GgPSFE2lcgTQW3K5w8vsouNCCrYuxJmR54+SKGoV+fuvc1t
fGIujJq/16yWO6+duLRbRB5QB/uOj21C9vtVfjIkhBfXI7ZU3o5Q4jXuS6dzK8cx
04Oy6EZvUpj6gNmcNjrFnW4YIs6IUS2BDJV8eRWfy07HZlimcA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:42 2025 by rpki-client