Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
File: 8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa (raw, json)
Hash identifier: V6t31O/MJKIiOzP3GYajNXgfmcpKzCYlW6uh61NnBAA=
Subject key identifier: 34:26:E5:71:9B:6F:C1:52:E3:08:05:C0:F5:DB:CC:E4:30:B8:48:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D33E9D57F31DC3451EDA71D3EBEB167C5AA409C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
Signing time: Tue 20 May 2025 19:01:40 +0000
ROA not before: Tue 20 May 2025 19:01:40 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:33:e9:d5:7f:31:dc:34:51:ed:a7:1d:3e:be:b1:67:c5:aa:40:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:40 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e957addece70a67da99e6bc204b57d8098f02ff6ee91448e363c4e5f54a10c60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8c:94:30:a7:5b:fc:5f:27:c6:59:d6:d3:50:
f7:1a:9c:e3:f2:ec:1e:fa:45:91:07:bb:cc:cc:97:
7a:9c:68:13:a2:15:d2:8e:55:94:e2:69:d8:be:62:
47:b9:08:64:84:83:24:d8:d3:5c:e4:92:a2:50:77:
57:ea:ac:15:fe:0f:11:d9:d7:a2:e9:17:b2:fe:8b:
1c:bd:61:a8:b4:1e:c9:44:37:6f:7c:09:06:20:d8:
b4:84:ac:34:a8:9a:82:8b:e8:80:78:38:fd:64:91:
8f:79:75:2f:4f:68:78:83:33:46:86:0f:e3:71:d2:
7d:82:9b:a5:a4:98:a5:59:cf:c7:72:37:87:b6:1c:
0b:2b:05:26:06:e2:41:18:9a:47:c0:8a:bf:81:04:
a4:4d:57:1c:85:ec:96:be:32:fd:90:6a:cb:58:07:
b9:78:23:c7:af:c6:4a:49:68:80:a0:9f:45:e8:9a:
87:af:a8:8e:0a:ec:48:3a:53:5e:d0:c1:ff:d8:b0:
75:57:66:bc:2d:13:b8:8b:ad:1b:52:66:c0:ee:73:
a9:b9:0e:e9:ec:41:ec:65:8a:67:9c:22:8e:3b:4b:
f8:ec:d1:70:27:32:2a:52:0c:cd:ec:49:9f:cb:7f:
80:49:09:15:7a:2b:51:f2:a3:af:aa:70:80:f4:2d:
1a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:26:E5:71:9B:6F:C1:52:E3:08:05:C0:F5:DB:CC:E4:30:B8:48:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
8b:9a:b5:88:99:13:64:de:8e:90:e6:0e:5c:4a:9d:11:93:db:
7d:29:e7:43:32:5c:d2:ad:4d:f4:4e:91:f5:1c:50:4e:5f:48:
90:98:1f:3e:e5:16:43:e2:10:5b:9a:d1:3b:85:42:7f:81:66:
ef:e1:62:9d:84:2c:b8:c3:da:51:b5:1d:7c:ae:f7:75:b2:96:
58:ab:a4:4e:ce:32:d3:85:db:ef:0f:dc:f9:1e:d0:62:09:11:
db:cc:70:bd:f3:8b:a8:49:ba:18:67:bc:13:a0:77:c8:29:46:
9e:b9:75:dd:f9:ab:c8:56:f3:47:3f:48:23:0a:fc:2f:8c:75:
62:47:00:78:a1:50:92:b8:92:b8:89:f6:c7:02:58:44:04:70:
04:43:44:02:99:a4:68:68:12:41:b4:40:d7:11:86:14:75:89:
7b:c3:d2:11:06:34:18:14:73:61:1e:a3:c0:d1:73:df:49:d6:
63:26:fa:a9:ad:5e:31:06:f8:89:2f:9d:f5:f0:2c:d7:26:54:
27:78:83:af:fa:78:8a:0d:c0:03:47:fb:64:c2:a3:2c:3d:7b:
65:81:37:e6:1e:3f:ec:fd:03:c4:33:2f:18:d4:a1:b5:5d:f9:
00:e8:f2:ee:f4:e8:5a:b8:94:c0:23:21:6f:c7:e0:46:ad:78:
5a:92:15:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPTPp1X8x3DRR7acdPr6xZ8WqQJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxNDBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5NTdhZGRlY2U3MGE2N2RhOTllNmJjMjA0YjU3ZDgwOThmMDJmZjZlZTkx
NDQ4ZTM2M2M0ZTVmNTRhMTBjNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWMlDCnW/xfJ8ZZ1tNQ9xqc4/LsHvpFkQe7zMyXepxoE6IV0o5VlOJp2L5i
R7kIZISDJNjTXOSSolB3V+qsFf4PEdnXoukXsv6LHL1hqLQeyUQ3b3wJBiDYtISs
NKiagovogHg4/WSRj3l1L09oeIMzRoYP43HSfYKbpaSYpVnPx3I3h7YcCysFJgbi
QRiaR8CKv4EEpE1XHIXslr4y/ZBqy1gHuXgjx6/GSklogKCfReiah6+ojgrsSDpT
XtDB/9iwdVdmvC0TuIutG1JmwO5zqbkO6exB7GWKZ5wijjtL+OzRcCcyKlIMzexJ
n8t/gEkJFXorUfKjr6pwgPQtGgMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ0JuVx
m2/BUuMIBcD128zkMLhITzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGIwY2NiYzEtMzYzOC00ZjdmLThhMjQtM2Y1ZTE4MWM4YjhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
wDANBgkqhkiG9w0BAQsFAAOCAQEAi5q1iJkTZN6OkOYOXEqdEZPbfSnnQzJc0q1N
9E6R9RxQTl9IkJgfPuUWQ+IQW5rRO4VCf4Fm7+FinYQsuMPaUbUdfK73dbKWWKuk
Ts4y04Xb7w/c+R7QYgkR28xwvfOLqEm6GGe8E6B3yClGnrl13fmryFbzRz9IIwr8
L4x1YkcAeKFQkriSuIn2xwJYRARwBENEApmkaGgSQbRA1xGGFHWJe8PSEQY0GBRz
YR6jwNFz30nWYyb6qa1eMQb4iS+d9fAs1yZUJ3iDr/p4ig3AA0f7ZMKjLD17ZYE3
5h4/7P0DxDMvGNShtV35AOjy7vToWriUwCMhb8fgRq14WpIVaQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:47 2025 by rpki-client