Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
File: 86433272-8233-4231-82ff-92246d0a41a5.roa (raw, json)
Hash identifier: LFxjiMl2hazMtx+AiV3FvOg/5InEaClQ7aSpfSUEh6M=
Subject key identifier: 4A:14:F0:5E:F8:8D:4E:75:DA:7C:00:71:98:3B:99:36:AD:47:4E:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1805D6C0CEDD0A7D690C076AE3AFF2AF9BC6DC8A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
Signing time: Tue 20 May 2025 19:01:34 +0000
ROA not before: Tue 20 May 2025 19:01:34 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:05:d6:c0:ce:dd:0a:7d:69:0c:07:6a:e3:af:f2:af:9b:c6:dc:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:34 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=977132f08ef864c64efbdec9a10bfefdbf76851e85ff6c50d363e634a32eb3d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:94:c9:25:6f:a9:2f:86:48:c5:47:68:a6:f6:
a2:aa:4a:40:47:11:d6:1b:56:a2:8f:cd:ed:c6:ff:
e2:18:99:5a:5c:d9:6d:c3:46:aa:f4:0f:52:bd:b1:
16:66:07:60:42:81:44:87:45:05:6d:95:f9:9b:d9:
15:cf:4b:41:a6:cb:60:30:b3:cb:c2:c5:3f:a9:6e:
6f:9b:1c:70:b2:dd:ea:c3:b4:cf:ca:64:6d:1c:13:
98:d7:d0:be:c4:84:16:76:43:3f:d9:95:a4:32:89:
d1:30:fc:5c:c2:4e:c1:38:74:f8:a5:9a:ee:0e:68:
ab:34:d3:54:81:51:1a:2d:25:a6:a0:f3:1f:18:c5:
23:98:fa:99:8b:6f:ec:a8:c0:85:0e:3f:4b:63:bd:
85:7d:45:33:ae:55:83:ce:f8:7d:32:e4:6f:6c:ca:
d6:d2:67:0c:b1:5d:84:bc:a0:d2:4c:4e:b9:74:f4:
e8:ec:54:42:0d:5e:a5:bd:49:b1:14:c0:98:38:8a:
08:05:cb:31:ea:94:fb:7c:c0:b3:49:f5:f3:57:54:
b8:be:08:c6:38:c9:97:61:ee:e6:2e:48:53:f5:c6:
d9:37:bc:78:63:80:97:0d:9e:17:03:12:60:0f:69:
8c:63:b4:c7:2a:ca:ee:8a:f9:23:d1:a4:50:4d:51:
d6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:14:F0:5E:F8:8D:4E:75:DA:7C:00:71:98:3B:99:36:AD:47:4E:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
12:5e:a7:ae:91:24:f9:e4:50:be:e6:c1:3f:f1:11:cc:76:93:
4e:54:76:33:13:7f:59:b9:16:a9:3b:1a:03:7b:7e:92:d2:dc:
7c:15:51:b2:a7:90:98:49:48:64:24:9e:a8:6f:88:71:e4:6b:
b6:39:53:4e:21:1e:61:04:10:e9:32:30:8f:d6:3d:12:b8:2b:
ef:c9:fc:8a:2b:fd:77:62:a2:94:9d:a6:87:0c:f1:c3:d8:57:
b4:ea:46:f3:5c:c2:6a:b5:36:0f:44:20:3d:9d:1d:2e:5a:0d:
6c:d3:5e:66:83:db:77:72:56:3d:b4:e6:8f:79:52:13:c7:db:
fc:94:bd:c4:6b:0c:f9:ec:e3:ef:df:ce:59:97:20:1a:d1:2e:
f5:df:eb:ba:07:ba:42:e4:88:a7:1d:4b:e4:63:e3:39:ec:c4:
19:14:b4:37:1e:29:06:16:de:6f:19:f1:09:e2:44:cf:ec:30:
37:bd:e9:46:ba:cc:f7:20:fa:6c:60:99:a3:b5:ca:03:d8:e5:
d5:dd:99:88:48:05:02:b9:94:de:0c:30:7e:cf:3e:64:a0:5f:
90:13:9f:4d:bd:e0:54:43:c6:ac:46:de:7c:33:5f:f6:03:0a:
67:06:89:74:f0:92:cb:1c:10:3a:89:6d:c5:e2:c4:69:b4:69:
f7:32:76:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGAXWwM7dCn1pDAdq46/yr5vG3IowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMzRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NzEzMmYwOGVmODY0YzY0ZWZiZGVjOWExMGJmZWZkYmY3Njg1MWU4NWZm
NmM1MGQzNjNlNjM0YTMyZWIzZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGUySVvqS+GSMVHaKb2oqpKQEcR1htWoo/N7cb/4hiZWlzZbcNGqvQPUr2x
FmYHYEKBRIdFBW2V+ZvZFc9LQabLYDCzy8LFP6lub5sccLLd6sO0z8pkbRwTmNfQ
vsSEFnZDP9mVpDKJ0TD8XMJOwTh0+KWa7g5oqzTTVIFRGi0lpqDzHxjFI5j6mYtv
7KjAhQ4/S2O9hX1FM65Vg874fTLkb2zK1tJnDLFdhLyg0kxOuXT06OxUQg1epb1J
sRTAmDiKCAXLMeqU+3zAs0n181dUuL4IxjjJl2Hu5i5IU/XG2Te8eGOAlw2eFwMS
YA9pjGO0xyrK7or5I9GkUE1R1kMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKFPBe
+I1Oddp8AHGYO5k2rUdOfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY0MzMyNzItODIzMy00MjMxLTgyZmYtOTIyNDZkMGE0MWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
wDANBgkqhkiG9w0BAQsFAAOCAQEAEl6nrpEk+eRQvubBP/ERzHaTTlR2MxN/WbkW
qTsaA3t+ktLcfBVRsqeQmElIZCSeqG+IceRrtjlTTiEeYQQQ6TIwj9Y9Ergr78n8
iiv9d2KilJ2mhwzxw9hXtOpG81zCarU2D0QgPZ0dLloNbNNeZoPbd3JWPbTmj3lS
E8fb/JS9xGsM+ezj79/OWZcgGtEu9d/ruge6QuSIpx1L5GPjOezEGRS0Nx4pBhbe
bxnxCeJEz+wwN73pRrrM9yD6bGCZo7XKA9jl1d2ZiEgFArmU3gwwfs8+ZKBfkBOf
Tb3gVEPGrEbefDNf9gMKZwaJdPCSyxwQOoltxeLEabRp9zJ2DQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:39 2025 by rpki-client