Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
File: 79440387-66a3-4852-a94b-8a3250f20726.roa (raw, json)
Hash identifier: gUwuxiHlxHFbhWcY2ir5DMlIJdghi5bF/USjjfVrqrk=
Subject key identifier: AA:EE:D9:5C:7B:40:82:58:5B:84:2D:76:2B:8F:D3:6E:26:56:E6:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 596BF1714E3053F388DAD06F203A04B42F4D8DE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
Signing time: Tue 20 May 2025 18:20:17 +0000
ROA not before: Tue 20 May 2025 18:20:17 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:6b:f1:71:4e:30:53:f3:88:da:d0:6f:20:3a:04:b4:2f:4d:8d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:17 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2d15e86b5b7401184cb7642352886120d97ba12bf59628d63c5a9be2aa6318eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ea:23:b5:75:a9:9a:3f:87:46:8a:e2:3a:31:
cc:f5:b5:dd:c2:e1:14:31:b3:8d:12:b0:1b:69:f2:
e8:30:a4:ef:f2:3c:2f:e9:4a:e6:f3:5e:06:1b:d2:
9a:ff:9a:7a:5e:64:48:e2:7c:9a:85:5b:69:4b:06:
de:61:b0:c4:18:65:65:98:c3:c6:ea:12:10:63:ef:
6d:8a:a0:4b:03:b4:2f:e5:24:5c:4e:66:75:e7:68:
1a:6e:55:ad:5d:05:92:23:3b:9f:7f:a2:8a:a7:99:
bc:3f:79:ce:fd:18:2a:e0:60:07:ba:64:de:2c:59:
fa:72:e0:11:a5:f7:0d:45:61:9f:21:c5:23:c7:ae:
54:69:39:48:54:57:a7:e3:19:f0:5a:17:9d:b4:73:
fa:2a:fa:6c:db:4e:a0:11:b5:13:7d:70:5e:73:8b:
03:2c:52:8a:79:57:72:7c:fd:ba:90:d5:f4:44:08:
65:7e:4c:fa:de:8e:2b:6d:39:6e:7b:e3:a2:1a:70:
cf:ef:a5:77:3a:ca:3b:8e:ed:5c:12:d9:e6:b4:e0:
1a:20:6f:c7:13:ef:7a:75:14:51:72:e0:fb:25:0c:
c3:67:90:92:6d:97:e2:58:d4:a7:5f:82:75:43:db:
f2:59:5e:b0:2c:5d:85:2f:50:92:f1:b4:4e:75:4f:
53:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:EE:D9:5C:7B:40:82:58:5B:84:2D:76:2B:8F:D3:6E:26:56:E6:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a040::/48
Signature Algorithm: sha256WithRSAEncryption
56:1b:fd:a0:81:04:16:34:bf:19:8c:93:8e:a0:5e:be:0c:9e:
78:fd:e9:59:90:b0:90:ff:ae:0e:ca:b7:74:21:98:55:11:ce:
c3:1b:23:d4:ef:ea:05:6f:de:39:9c:7c:7f:4b:1a:0e:f1:16:
c3:c5:ee:80:9d:ea:95:46:b9:03:93:c9:a3:01:56:a3:97:a6:
03:26:1c:4e:62:04:74:44:a7:85:ab:62:68:40:93:76:24:d3:
ee:1d:07:06:73:14:e0:59:88:d4:9a:3c:eb:a5:93:06:f2:16:
41:47:23:0b:66:4c:b1:36:f7:e6:a2:f7:8d:e0:e5:9e:58:b0:
bd:e9:e0:65:b1:3e:6d:43:f6:7f:21:94:35:e6:d0:93:6e:db:
cb:a4:1b:44:ac:d6:1e:be:0f:07:05:9c:a3:50:61:ac:56:83:
61:76:8b:a4:31:31:d3:03:b3:36:75:aa:68:e9:8a:52:9a:8b:
83:9a:7a:2d:c7:df:0b:a7:e2:d7:62:ec:73:07:af:b2:49:c1:
23:41:a0:b6:25:4f:55:47:34:0c:26:81:b8:cf:57:ec:2f:db:
67:96:78:d8:9d:06:27:a3:9f:c4:28:89:f5:a5:97:1d:16:d4:
d0:4d:9f:2a:55:29:d3:d1:11:c7:33:03:b2:ea:16:c2:78:43:
39:34:09:c8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWWvxcU4wU/OI2tBvIDoEtC9NjekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwMTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkMTVlODZiNWI3NDAxMTg0Y2I3NjQyMzUyODg2MTIwZDk3YmExMmJmNTk2
MjhkNjNjNWE5YmUyYWE2MzE4ZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLqI7V1qZo/h0aK4joxzPW13cLhFDGzjRKwG2ny6DCk7/I8L+lK5vNeBhvS
mv+ael5kSOJ8moVbaUsG3mGwxBhlZZjDxuoSEGPvbYqgSwO0L+UkXE5mdedoGm5V
rV0FkiM7n3+iiqeZvD95zv0YKuBgB7pk3ixZ+nLgEaX3DUVhnyHFI8euVGk5SFRX
p+MZ8FoXnbRz+ir6bNtOoBG1E31wXnOLAyxSinlXcnz9upDV9EQIZX5M+t6OK205
bnvjohpwz++ldzrKO47tXBLZ5rTgGiBvxxPvenUUUXLg+yUMw2eQkm2X4ljUp1+C
dUPb8llesCxdhS9QkvG0TnVPU2UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSq7tlc
e0CCWFuELXYrj9NuJlbmezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzk0NDAzODctNjZhMy00ODUyLWE5NGItOGEzMjUwZjIwNzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
QDANBgkqhkiG9w0BAQsFAAOCAQEAVhv9oIEEFjS/GYyTjqBevgyeeP3pWZCwkP+u
Dsq3dCGYVRHOwxsj1O/qBW/eOZx8f0saDvEWw8XugJ3qlUa5A5PJowFWo5emAyYc
TmIEdESnhatiaECTdiTT7h0HBnMU4FmI1Jo866WTBvIWQUcjC2ZMsTb35qL3jeDl
nliwvengZbE+bUP2fyGUNebQk27by6QbRKzWHr4PBwWco1BhrFaDYXaLpDEx0wOz
NnWqaOmKUpqLg5p6LcffC6fi12LscwevsknBI0GgtiVPVUc0DCaBuM9X7C/bZ5Z4
2J0GJ6OfxCiJ9aWXHRbU0E2fKlUp09ERxzMDsuoWwnhDOTQJyA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:24 2025 by rpki-client