Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81574dff-feff-4992-98e4-f8b95431a28d.roa
File: 81574dff-feff-4992-98e4-f8b95431a28d.roa (raw, json)
Hash identifier: BIIR+brXFpSz9Ne9oxwDpjXRJU2J6FrkRxpGGul4NOo=
Subject key identifier: 31:42:01:B7:2F:6E:A1:A7:1E:EC:25:72:EA:48:79:4D:99:8C:30:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 041225BF8EF60D7F9C0F82D7F34CB98399D452AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81574dff-feff-4992-98e4-f8b95431a28d.roa
Signing time: Tue 20 May 2025 19:30:17 +0000
ROA not before: Tue 20 May 2025 19:30:17 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:12:25:bf:8e:f6:0d:7f:9c:0f:82:d7:f3:4c:b9:83:99:d4:52:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:30:17 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=594522597ebc9402d93d54fff2d3a5ebc26c288b2b72cbca23f9b559af11a9e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4f:40:cf:3f:5d:61:58:74:3d:8d:1a:70:31:
56:45:35:e3:4b:de:39:48:b5:e7:ba:1a:fd:05:15:
a8:b6:7a:12:61:c2:c4:4d:9b:71:f6:03:62:e3:2c:
23:f2:ff:ab:9b:e4:67:25:6d:41:6c:a5:ac:a0:b6:
93:26:c0:ad:4a:b5:d0:f5:53:5d:92:06:6e:dc:0a:
97:57:b4:d4:7e:37:37:2d:13:78:f5:31:c0:6a:47:
9a:5c:09:9e:ea:23:71:5b:38:3a:55:b7:ce:fb:b8:
2c:50:f6:76:d8:05:ad:3a:55:27:b2:60:29:8d:23:
bb:32:e3:97:89:5d:a7:f6:fc:8a:0b:1f:48:8a:83:
88:af:80:8d:1a:26:56:36:e5:d2:84:d9:92:de:30:
dd:ed:b3:d2:56:7f:34:d8:5a:f3:38:e2:2d:57:2f:
df:cf:cf:1b:9c:46:56:c4:51:13:0b:db:cc:27:3a:
48:1b:8e:d1:36:42:b3:09:6c:1b:1b:8e:99:ad:f7:
81:50:d5:57:d4:32:a5:43:e8:40:e2:b1:e4:45:1c:
ef:5c:b2:db:41:41:34:14:1f:b2:0e:9b:47:af:d6:
70:db:4f:ec:3e:fd:44:a1:f0:3e:cb:bd:d1:ac:15:
d7:58:86:4c:0b:c5:f1:7a:36:92:e0:ec:9d:28:7d:
89:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:42:01:B7:2F:6E:A1:A7:1E:EC:25:72:EA:48:79:4D:99:8C:30:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81574dff-feff-4992-98e4-f8b95431a28d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9040::/46
Signature Algorithm: sha256WithRSAEncryption
b8:8e:e0:41:1f:c6:1d:7a:79:d3:e7:0f:c2:26:28:51:a2:61:
e3:4f:a2:b8:82:8e:ec:37:ad:de:7c:db:cf:e5:e0:60:b4:e6:
92:ad:ea:5e:68:08:89:7d:ab:eb:23:31:36:c3:09:f4:52:f7:
9c:7f:d1:95:1d:a1:65:65:2c:65:ea:40:1d:a8:11:98:27:38:
8c:b5:8a:93:d0:4f:a6:d2:64:f9:bf:82:47:bf:ae:33:7f:c5:
ba:ff:97:a7:a8:9d:6d:d7:eb:fd:e0:5f:60:ed:41:d8:2e:53:
2f:4c:2f:2e:ca:2a:6e:b7:2d:d9:34:f4:6b:04:43:8b:de:a2:
63:d5:ba:16:0a:cd:68:ca:81:d4:2b:a3:7f:1a:6e:62:54:02:
1d:67:4a:11:e4:53:32:31:b8:9a:72:0a:92:de:0c:7b:bb:05:
50:30:f7:b9:5a:36:05:dd:15:36:6e:cb:53:d1:e9:ee:b8:70:
cd:9f:07:a8:81:06:bb:e1:3e:e9:63:c5:82:f6:3d:f7:bd:34:
59:d5:5e:58:d9:20:f3:ce:b9:c6:75:4c:d4:04:61:e3:39:14:
2b:98:9b:9f:89:2f:19:d8:83:a2:e5:2f:ea:a8:ee:a9:47:77:
6b:63:d1:58:21:42:c7:41:12:d4:a4:ea:aa:c1:e6:c7:ba:1d:
09:5e:82:63
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBBIlv472DX+cD4LX80y5g5nUUqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMwMTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5NDUyMjU5N2ViYzk0MDJkOTNkNTRmZmYyZDNhNWViYzI2YzI4OGIyYjcy
Y2JjYTIzZjliNTU5YWYxMWE5ZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFPQM8/XWFYdD2NGnAxVkU140veOUi157oa/QUVqLZ6EmHCxE2bcfYDYuMs
I/L/q5vkZyVtQWylrKC2kybArUq10PVTXZIGbtwKl1e01H43Ny0TePUxwGpHmlwJ
nuojcVs4OlW3zvu4LFD2dtgFrTpVJ7JgKY0juzLjl4ldp/b8igsfSIqDiK+AjRom
Vjbl0oTZkt4w3e2z0lZ/NNha8zjiLVcv38/PG5xGVsRREwvbzCc6SBuO0TZCswls
GxuOma33gVDVV9QypUPoQOKx5EUc71yy20FBNBQfsg6bR6/WcNtP7D79RKHwPsu9
0awV11iGTAvF8Xo2kuDsnSh9iWkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQxQgG3
L26hpx7sJXLqSHlNmYwwLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE1NzRkZmYtZmVmZi00OTkyLTk4ZTQtZjhiOTU0MzFhMjhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAuI7gQR/GHXp50+cPwiYoUaJh40+iuIKO7Det
3nzbz+XgYLTmkq3qXmgIiX2r6yMxNsMJ9FL3nH/RlR2hZWUsZepAHagRmCc4jLWK
k9BPptJk+b+CR7+uM3/Fuv+Xp6idbdfr/eBfYO1B2C5TL0wvLsoqbrct2TT0awRD
i96iY9W6FgrNaMqB1CujfxpuYlQCHWdKEeRTMjG4mnIKkt4Me7sFUDD3uVo2Bd0V
Nm7LU9Hp7rhwzZ8HqIEGu+E+6WPFgvY99700WdVeWNkg8865xnVM1ARh4zkUK5ib
n4kvGdiDouUv6qjuqUd3a2PRWCFCx0ES1KTqqsHmx7odCV6CYw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:28 2025 by rpki-client