Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
File: 7665346b-5715-4d4a-9ee7-32affc669e92.roa (raw, json)
Hash identifier: lXHcPtsx8nqvRFGa97OPnvbyDEe6MoOU8EQz+8L//X8=
Subject key identifier: 6F:AD:AA:83:DF:26:E0:03:3E:0B:97:FB:F1:E2:86:92:68:53:7B:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BEC302C72B721D7BF8B4E336E3D6CE34A3A3489
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
Signing time: Tue 20 May 2025 18:20:15 +0000
ROA not before: Tue 20 May 2025 18:20:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:ec:30:2c:72:b7:21:d7:bf:8b:4e:33:6e:3d:6c:e3:4a:3a:34:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=dee0bf50e07d512b0e91e221acd529e86eb9b921e6aa44720821049101e12376, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:14:48:2c:43:b8:60:60:21:e2:43:3b:31:c4:
23:f8:55:08:d9:e1:d0:14:2a:5f:ed:ef:61:c0:82:
39:15:c7:ba:3c:93:a0:24:04:a7:9f:a0:d0:bc:3a:
3b:77:62:5f:94:56:31:89:27:9c:14:bb:02:ba:0f:
70:e7:bf:c3:d5:ee:47:ed:57:7a:90:90:e3:24:e7:
50:c5:59:ed:1d:7c:22:d4:a8:08:51:2b:b0:42:2f:
c1:9b:25:ed:a7:25:e0:a7:ac:7b:e1:41:1c:68:34:
36:a9:94:1f:b9:80:cb:b0:f1:26:e6:2b:a8:33:f8:
b9:1f:76:34:86:07:3b:2a:2a:11:f4:63:74:87:c0:
03:4a:e8:8e:b7:89:a8:9b:6d:fc:f8:ac:95:1f:5e:
cf:ee:0f:06:3d:6a:25:80:c5:06:6e:8a:f5:fd:c2:
64:6e:b5:73:df:77:87:ca:a5:45:16:6d:1d:10:a2:
17:52:a9:7b:40:db:4c:e4:39:c3:85:05:40:5e:43:
44:cf:1b:cd:1d:18:b0:6e:0d:e9:dc:95:4d:0d:94:
25:61:16:bd:9a:32:11:26:bc:1c:f4:06:7f:de:29:
58:ae:da:4f:19:fb:18:80:7e:33:31:57:4d:97:b3:
5f:3a:66:d7:dc:3c:75:32:b0:5d:72:b1:ce:e1:0c:
50:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AD:AA:83:DF:26:E0:03:3E:0B:97:FB:F1:E2:86:92:68:53:7B:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2040::/48
Signature Algorithm: sha256WithRSAEncryption
72:5a:cc:7d:60:61:ad:20:ff:72:52:5e:4b:ef:7a:80:2f:f2:
74:c8:29:9d:a8:4a:93:86:32:b3:39:b0:53:2e:e0:13:73:2f:
65:3b:88:67:de:9c:39:6d:42:e0:19:b7:62:32:b1:91:1b:61:
d5:74:91:16:98:59:ec:e8:9b:96:8b:20:a5:fa:85:12:2a:1b:
68:1e:b9:3b:40:30:b9:33:04:57:0a:07:c4:cb:33:11:11:cb:
5d:f9:4c:da:87:6a:20:9b:54:8d:75:23:f2:7f:53:9f:48:66:
b3:45:3e:cf:14:8e:7a:4d:ea:1c:b2:ab:b0:38:e0:81:eb:f1:
1a:e8:42:b0:7c:74:c2:54:3e:4d:05:b9:a4:c5:71:49:da:57:
bb:8e:90:52:fc:01:5f:ac:5a:4e:73:cf:0f:dd:e6:cc:4e:3b:
13:70:40:53:0e:17:fe:f5:84:58:01:aa:e9:5c:36:36:a2:56:
87:92:87:ab:85:d7:0c:4d:99:c4:24:45:35:74:0e:2d:8a:b6:
aa:f4:11:b2:98:db:f3:7c:51:40:57:a8:f1:b1:b7:97:7d:06:
13:d3:0a:01:3a:a3:34:13:93:99:76:28:31:30:68:c9:ca:49:
31:c7:20:8b:7d:cf:1c:56:49:90:45:bb:d3:ac:15:34:41:58:
25:d9:d3:e1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUS+wwLHK3Ide/i04zbj1s40o6NIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlZTBiZjUwZTA3ZDUxMmIwZTkxZTIyMWFjZDUyOWU4NmViOWI5MjFlNmFh
NDQ3MjA4MjEwNDkxMDFlMTIzNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwUSCxDuGBgIeJDOzHEI/hVCNnh0BQqX+3vYcCCORXHujyToCQEp5+g0Lw6
O3diX5RWMYknnBS7AroPcOe/w9XuR+1XepCQ4yTnUMVZ7R18ItSoCFErsEIvwZsl
7acl4Kese+FBHGg0NqmUH7mAy7DxJuYrqDP4uR92NIYHOyoqEfRjdIfAA0rojreJ
qJtt/PislR9ez+4PBj1qJYDFBm6K9f3CZG61c993h8qlRRZtHRCiF1Kpe0DbTOQ5
w4UFQF5DRM8bzR0YsG4N6dyVTQ2UJWEWvZoyESa8HPQGf94pWK7aTxn7GIB+MzFX
TZezXzpm19w8dTKwXXKxzuEMUGcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRvraqD
3ybgAz4Ll/vx4oaSaFN7tjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY2NTM0NmItNTcxNS00ZDRhLTllZTctMzJhZmZjNjY5ZTkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
QDANBgkqhkiG9w0BAQsFAAOCAQEAclrMfWBhrSD/clJeS+96gC/ydMgpnahKk4Yy
szmwUy7gE3MvZTuIZ96cOW1C4Bm3YjKxkRth1XSRFphZ7OiblosgpfqFEiobaB65
O0AwuTMEVwoHxMszERHLXflM2odqIJtUjXUj8n9Tn0hms0U+zxSOek3qHLKrsDjg
gevxGuhCsHx0wlQ+TQW5pMVxSdpXu46QUvwBX6xaTnPPD93mzE47E3BAUw4X/vWE
WAGq6Vw2NqJWh5KHq4XXDE2ZxCRFNXQOLYq2qvQRspjb83xRQFeo8bG3l30GE9MK
ATqjNBOTmXYoMTBoycpJMccgi33PHFZJkEW706wVNEFYJdnT4Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:24 2025 by rpki-client