Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84f9d9fa-59fe-4651-a60a-2561da098ccb.roa
File: 84f9d9fa-59fe-4651-a60a-2561da098ccb.roa (raw, json)
Hash identifier: C7cF6gDwhn4FZrPQrJrdwXXDIkPdNLMdKaMeyeFBRgg=
Subject key identifier: 81:AC:7C:F1:4F:AB:5C:0F:AE:E3:11:F1:FD:F1:D9:CE:4D:BF:DD:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4265284765554FC1889231BECEBB693A8035A3D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84f9d9fa-59fe-4651-a60a-2561da098ccb.roa
Signing time: Tue 20 May 2025 19:40:45 +0000
ROA not before: Tue 20 May 2025 19:40:45 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:65:28:47:65:55:4f:c1:88:92:31:be:ce:bb:69:3a:80:35:a3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:45 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f6293917c7507a29f94aa45291ea77d1b2ee418dd149f2ab4483f9e27941c4f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a8:9b:89:5e:02:ff:b2:7f:5e:3b:ee:40:48:
4b:9f:df:39:98:9c:84:b2:50:54:4c:da:3d:a1:af:
fe:d9:0f:9a:68:2b:b5:a2:fb:7c:fe:19:a7:f5:63:
19:e4:67:51:f9:b5:a0:7f:5d:6f:92:8d:dd:06:2a:
7b:6a:46:b8:c7:db:11:da:23:6f:d2:b0:ed:a0:5d:
db:87:93:91:d0:ba:d0:00:d8:e0:d1:ae:0d:30:2e:
f4:df:bb:b7:46:25:5a:77:69:b1:47:c9:64:16:6e:
0c:05:e5:d3:c6:6a:b5:5c:85:e7:b5:86:2f:e8:f8:
c1:57:cc:6c:d3:3e:75:97:9d:ff:de:e7:29:cb:13:
a3:31:df:fa:ba:d7:15:68:11:45:a6:51:44:36:36:
a1:ab:ee:8a:e5:bc:9c:7c:3f:71:47:fd:87:fb:d4:
75:87:40:89:ea:1c:0e:18:a4:fe:f8:71:75:49:4c:
f6:75:8e:0c:28:41:a2:0c:88:c4:47:17:e4:9b:65:
29:54:c9:b3:51:a3:98:54:22:b5:26:40:e5:3e:fd:
c5:be:74:56:f7:57:65:49:5e:31:88:63:84:81:fe:
2f:d2:56:82:a9:4e:8f:6a:65:97:da:9b:9e:71:be:
49:08:60:04:a8:fe:75:55:69:69:70:29:c8:30:3d:
d4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AC:7C:F1:4F:AB:5C:0F:AE:E3:11:F1:FD:F1:D9:CE:4D:BF:DD:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84f9d9fa-59fe-4651-a60a-2561da098ccb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8080::/46
Signature Algorithm: sha256WithRSAEncryption
6c:39:d3:63:ae:5c:aa:9c:76:aa:b6:55:7a:87:55:fc:90:d4:
01:99:20:3d:cd:05:52:9c:81:b9:0e:50:0f:28:a0:9b:da:b5:
ae:9d:75:c7:7f:3e:f3:57:0b:8d:b6:50:4e:ca:32:80:da:90:
0b:2a:24:ee:40:87:f4:78:6f:8a:23:24:c8:df:ea:93:57:f6:
ba:60:d6:52:72:d1:0d:5e:1b:69:fc:39:12:41:95:bb:37:d0:
87:32:97:35:f2:41:66:7b:a5:f4:46:c6:53:11:00:5e:76:c4:
13:cf:62:24:d2:02:ea:b2:43:f8:c9:8b:18:5b:fc:41:73:bf:
09:ba:f9:c2:6c:44:ea:ac:84:c0:cc:a6:c5:0d:60:b8:8d:2b:
75:0b:72:2c:dd:81:8a:72:24:19:d9:30:ae:88:11:35:b7:bb:
d7:49:9b:fa:48:47:8d:eb:73:6c:9f:a8:a5:ba:08:53:3c:f8:
09:20:5b:ae:fd:a3:7f:32:d1:8b:f8:0d:ba:45:4d:fe:f1:ad:
83:a1:69:62:86:72:51:2d:2c:ab:d7:e1:d0:42:ea:cb:9d:96:
01:91:1a:f1:23:7d:09:26:36:02:67:d8:8f:6a:0f:3b:45:a6:
18:e9:4b:7c:3a:a4:b5:fc:7f:37:36:23:c8:f1:b0:d4:f0:32:
08:99:fc:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQmUoR2VVT8GIkjG+zrtpOoA1o9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwNDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MjkzOTE3Yzc1MDdhMjlmOTRhYTQ1MjkxZWE3N2QxYjJlZTQxOGRkMTQ5
ZjJhYjQ0ODNmOWUyNzk0MWM0ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSom4leAv+yf1477kBIS5/fOZichLJQVEzaPaGv/tkPmmgrtaL7fP4Zp/Vj
GeRnUfm1oH9db5KN3QYqe2pGuMfbEdojb9Kw7aBd24eTkdC60ADY4NGuDTAu9N+7
t0YlWndpsUfJZBZuDAXl08ZqtVyF57WGL+j4wVfMbNM+dZed/97nKcsTozHf+rrX
FWgRRaZRRDY2oavuiuW8nHw/cUf9h/vUdYdAieocDhik/vhxdUlM9nWODChBogyI
xEcX5JtlKVTJs1GjmFQitSZA5T79xb50VvdXZUleMYhjhIH+L9JWgqlOj2pll9qb
nnG+SQhgBKj+dVVpaXApyDA91JsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSBrHzx
T6tcD67jEfH98dnOTb/d1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODRmOWQ5ZmEtNTlmZS00NjUxLWE2MGEtMjU2MWRhMDk4Y2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
gDANBgkqhkiG9w0BAQsFAAOCAQEAbDnTY65cqpx2qrZVeodV/JDUAZkgPc0FUpyB
uQ5QDyigm9q1rp11x38+81cLjbZQTsoygNqQCyok7kCH9HhviiMkyN/qk1f2umDW
UnLRDV4bafw5EkGVuzfQhzKXNfJBZnul9EbGUxEAXnbEE89iJNIC6rJD+MmLGFv8
QXO/Cbr5wmxE6qyEwMymxQ1guI0rdQtyLN2BinIkGdkwrogRNbe710mb+khHjetz
bJ+opboIUzz4CSBbrv2jfzLRi/gNukVN/vGtg6FpYoZyUS0sq9fh0ELqy52WAZEa
8SN9CSY2AmfYj2oPO0WmGOlLfDqktfx/NzYjyPGw1PAyCJn8lw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:48 2025 by rpki-client