Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/898dbcab-881e-4370-98c6-9b1ac5214cd0.roa
File: 898dbcab-881e-4370-98c6-9b1ac5214cd0.roa (raw, json)
Hash identifier: JOYurasXYH4LbGgA55iKIaf+b6p7aEUVyiyi5ZHALsQ=
Subject key identifier: AE:62:52:0D:AA:46:E9:46:F2:FD:3A:53:82:8D:46:30:21:F0:E2:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BCE04CB5F7990CD28CA14332D5CDF6D17229339
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/898dbcab-881e-4370-98c6-9b1ac5214cd0.roa
Signing time: Tue 20 May 2025 19:31:03 +0000
ROA not before: Tue 20 May 2025 19:31:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:ce:04:cb:5f:79:90:cd:28:ca:14:33:2d:5c:df:6d:17:22:93:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:31:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=9dd636cc23fc713ce0ea523eedb6e952544e702f4349807999e10642c323052a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b8:e1:37:c5:9c:6f:2b:db:4c:63:c4:3b:a7:
ac:3c:53:81:29:44:bb:d2:e9:cf:17:c4:f4:fc:6a:
43:fb:25:42:b6:32:92:57:dd:86:2d:dd:32:55:f7:
4b:bd:3f:b0:fb:44:fd:c7:b7:0a:93:ed:bd:42:1c:
0b:f9:5b:15:ce:e8:bc:0a:78:bf:b3:5e:0e:8a:8d:
31:dc:73:d7:96:6e:bd:ab:85:c6:4c:3d:55:d8:59:
b6:96:de:1c:70:f0:9b:4e:84:3a:8a:de:08:9c:c8:
4c:6f:bc:bb:c1:ef:58:f4:4a:2c:14:bc:8b:fd:71:
37:2c:77:f7:b9:51:50:15:45:ec:de:f8:71:b2:35:
76:99:85:47:3b:9b:90:21:46:46:ea:ff:11:89:c4:
6a:12:a7:22:b2:dc:a0:c6:cb:20:be:9d:59:86:20:
b2:be:18:18:ac:9e:1b:42:c9:d4:a9:f5:e4:2a:0c:
d1:bc:58:e5:0f:6d:7c:00:a8:06:db:29:c4:bc:ee:
d3:78:91:ce:d5:c8:09:fc:c9:72:24:7d:dc:fb:3f:
a7:a5:0c:84:e1:f6:1a:6e:fe:b3:76:09:2a:2c:68:
97:8d:1b:cd:1d:40:bf:25:8b:89:cf:27:59:f2:91:
17:7c:0e:28:a3:60:e3:3d:97:5c:36:9b:0a:a5:32:
d7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:62:52:0D:AA:46:E9:46:F2:FD:3A:53:82:8D:46:30:21:F0:E2:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/898dbcab-881e-4370-98c6-9b1ac5214cd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e040::/46
Signature Algorithm: sha256WithRSAEncryption
a5:69:04:69:b0:87:7b:b6:dc:3d:ce:0a:e0:db:57:dc:31:5b:
d6:98:e9:7c:cc:76:29:61:73:d9:53:1e:d5:f5:30:8a:81:85:
30:cc:4e:78:6e:12:92:b3:d3:c9:bc:53:94:84:e3:37:54:34:
0a:83:43:92:b4:0c:ce:2d:01:0a:ea:4d:4d:c8:e8:6b:2b:ac:
f5:ab:1e:dd:2a:1d:dc:32:7d:64:1d:c0:d9:9f:a6:b5:8d:3e:
74:b8:4a:43:ab:84:1c:f1:9d:35:1f:e6:f1:db:6b:b2:ee:fe:
05:9a:fd:22:32:ec:ce:ab:ef:88:8c:86:be:fc:bd:13:07:03:
83:46:ca:4f:8c:0b:9f:b3:dd:e4:05:94:4b:34:66:b0:ef:fa:
8c:1b:56:24:f7:a4:48:3b:41:8b:d4:ec:48:2e:da:c2:60:b9:
0f:12:d3:20:5d:5b:71:1f:33:da:be:8e:4b:d5:35:a4:4e:24:
85:0a:99:16:89:a8:dc:68:ae:e1:ab:33:9c:c0:06:33:1a:74:
dd:7b:ea:a7:42:44:c7:ac:83:bf:40:52:aa:ff:18:11:43:7e:
78:01:0a:2d:2a:67:9c:a1:3f:59:dd:19:c1:45:81:06:a2:e7:
24:ca:d1:cd:bb:1e:ae:e6:93:9b:c6:61:de:70:88:ce:e0:94:
75:ff:79:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUS84Ey195kM0oyhQzLVzfbRcikzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMxMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkZDYzNmNjMjNmYzcxM2NlMGVhNTIzZWVkYjZlOTUyNTQ0ZTcwMmY0MzQ5
ODA3OTk5ZTEwNjQyYzMyMzA1MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa44TfFnG8r20xjxDunrDxTgSlEu9LpzxfE9PxqQ/slQrYyklfdhi3dMlX3
S70/sPtE/ce3CpPtvUIcC/lbFc7ovAp4v7NeDoqNMdxz15ZuvauFxkw9VdhZtpbe
HHDwm06EOoreCJzITG+8u8HvWPRKLBS8i/1xNyx397lRUBVF7N74cbI1dpmFRzub
kCFGRur/EYnEahKnIrLcoMbLIL6dWYYgsr4YGKyeG0LJ1Kn15CoM0bxY5Q9tfACo
BtspxLzu03iRztXICfzJciR93Ps/p6UMhOH2Gm7+s3YJKixol40bzR1AvyWLic8n
WfKRF3wOKKNg4z2XXDabCqUy1+MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSuYlIN
qkbpRvL9OlOCjUYwIfDi4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODk4ZGJjYWItODgxZS00MzcwLTk4YzYtOWIxYWM1MjE0Y2QwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hvg
QDANBgkqhkiG9w0BAQsFAAOCAQEApWkEabCHe7bcPc4K4NtX3DFb1pjpfMx2KWFz
2VMe1fUwioGFMMxOeG4SkrPTybxTlITjN1Q0CoNDkrQMzi0BCupNTcjoayus9ase
3Sod3DJ9ZB3A2Z+mtY0+dLhKQ6uEHPGdNR/m8dtrsu7+BZr9IjLszqvviIyGvvy9
EwcDg0bKT4wLn7Pd5AWUSzRmsO/6jBtWJPekSDtBi9TsSC7awmC5DxLTIF1bcR8z
2r6OS9U1pE4khQqZFomo3Giu4asznMAGMxp03Xvqp0JEx6yDv0BSqv8YEUN+eAEK
LSpnnKE/Wd0ZwUWBBqLnJMrRzbseruaTm8Zh3nCIzuCUdf95vQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:05 2025 by rpki-client