Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
File: 8c99b00e-290a-4618-8076-435475c3020f.roa (raw, json)
Hash identifier: j4k0UK6pJtZ5jnbs3hzdSVLS4n3NPBVwCYmkfTjQbko=
Subject key identifier: F5:E0:72:F6:2E:85:FF:12:1E:A9:0F:22:7C:69:72:FD:FB:28:AB:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 680257C19266E4C16D28D66EB3758446800CAEB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
Signing time: Tue 20 May 2025 19:10:08 +0000
ROA not before: Tue 20 May 2025 19:10:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:02:57:c1:92:66:e4:c1:6d:28:d6:6e:b3:75:84:46:80:0c:ae:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d49747e20a43815f2d24d27193241bd2197f9d0f27472ac875a7e1df9f7f6b2d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4c:43:a4:48:f4:5b:56:de:31:df:c5:d2:70:
aa:b1:6d:bf:7d:4b:91:f5:54:dc:df:c9:06:4c:be:
56:e8:9f:7f:7a:03:e1:ce:5f:fe:f7:37:33:a2:39:
88:11:11:cd:69:4d:9b:3c:4f:aa:de:50:76:93:1a:
b2:d2:76:42:25:90:06:f1:55:fe:76:9e:de:b6:aa:
98:24:1a:98:db:4a:1f:15:7b:8b:78:2d:98:b2:b1:
d3:eb:92:2e:9e:fb:17:07:d1:c2:8f:c1:9c:af:5d:
f0:d8:8e:60:75:f9:de:e4:ef:f4:97:58:9b:cd:a5:
5e:f9:33:91:0f:b6:be:2d:02:f6:c7:d0:41:ec:99:
ad:05:5e:47:a3:14:f2:b5:38:f2:9e:f0:89:bb:3e:
aa:5d:64:90:0c:b3:dd:ff:22:28:e2:11:88:85:8a:
56:03:01:2e:fd:41:05:6b:da:2d:3a:d7:16:82:05:
71:47:d4:c4:c8:24:60:48:3a:3b:e8:be:c9:58:6c:
7a:1c:03:65:ce:47:58:78:53:6a:fa:bb:fe:b3:4e:
cc:87:b6:8a:3d:95:40:3d:54:07:95:31:20:52:b8:
4c:15:c6:bf:3d:c1:63:e8:ff:5e:30:f2:bc:a3:73:
8a:ea:43:2c:25:c4:7f:b0:e9:ac:8b:a9:66:de:2f:
4e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:E0:72:F6:2E:85:FF:12:1E:A9:0F:22:7C:69:72:FD:FB:28:AB:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c080::/48
Signature Algorithm: sha256WithRSAEncryption
ca:7b:ff:39:fb:5e:17:c3:98:57:cc:11:c6:66:d8:8d:51:a0:
6c:a8:9e:ac:37:bf:f7:4d:4f:79:3f:60:76:b3:3b:b0:93:02:
2f:0f:f8:de:d8:e8:ae:55:9e:fe:1c:1b:27:2f:1a:14:a4:a6:
f8:d0:d7:30:b7:fd:27:80:2d:89:27:c8:b2:80:86:d1:b3:9f:
ed:09:fb:d7:26:17:b7:3c:6c:56:d0:50:d5:df:7d:18:9a:8d:
04:60:39:a2:60:9f:48:6f:da:51:a8:da:41:e2:b9:93:b0:95:
66:9c:9d:ce:11:1b:c8:5e:c2:b6:6e:34:78:08:57:84:0f:e2:
20:ec:6b:09:82:76:40:6b:94:fd:70:5f:ce:c9:e9:8a:b0:5a:
49:ab:64:48:52:ee:09:6e:b4:31:83:dc:23:b7:da:02:20:09:
69:7f:84:9c:45:59:d4:88:56:27:36:29:ed:e2:af:a7:dc:fe:
e1:da:75:e7:ab:06:ce:7c:90:1d:34:56:28:00:d7:64:d1:d2:
9b:f4:6b:8a:7d:8e:3f:ff:c4:41:2d:36:d0:1b:33:58:12:0b:
4d:b8:aa:0a:34:91:92:d4:c6:19:c7:a1:7e:bd:d2:fe:1d:97:
f5:ed:ff:07:a4:40:42:9d:d1:6a:8c:25:8d:19:a2:da:3a:b9:
a1:25:25:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaAJXwZJm5MFtKNZus3WERoAMrrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0OTc0N2UyMGE0MzgxNWYyZDI0ZDI3MTkzMjQxYmQyMTk3ZjlkMGYyNzQ3
MmFjODc1YTdlMWRmOWY3ZjZiMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtMQ6RI9FtW3jHfxdJwqrFtv31LkfVU3N/JBky+Vuiff3oD4c5f/vc3M6I5
iBERzWlNmzxPqt5QdpMastJ2QiWQBvFV/nae3raqmCQamNtKHxV7i3gtmLKx0+uS
Lp77FwfRwo/BnK9d8NiOYHX53uTv9JdYm82lXvkzkQ+2vi0C9sfQQeyZrQVeR6MU
8rU48p7wibs+ql1kkAyz3f8iKOIRiIWKVgMBLv1BBWvaLTrXFoIFcUfUxMgkYEg6
O+i+yVhsehwDZc5HWHhTavq7/rNOzIe2ij2VQD1UB5UxIFK4TBXGvz3BY+j/XjDy
vKNziupDLCXEf7DprIupZt4vTsECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT14HL2
LoX/Eh6pDyJ8aXL9+yirkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM5OWIwMGUtMjkwYS00NjE4LTgwNzYtNDM1NDc1YzMwMjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
gDANBgkqhkiG9w0BAQsFAAOCAQEAynv/OfteF8OYV8wRxmbYjVGgbKierDe/901P
eT9gdrM7sJMCLw/43tjorlWe/hwbJy8aFKSm+NDXMLf9J4AtiSfIsoCG0bOf7Qn7
1yYXtzxsVtBQ1d99GJqNBGA5omCfSG/aUajaQeK5k7CVZpydzhEbyF7Ctm40eAhX
hA/iIOxrCYJ2QGuU/XBfzsnpirBaSatkSFLuCW60MYPcI7faAiAJaX+EnEVZ1IhW
JzYp7eKvp9z+4dp156sGznyQHTRWKADXZNHSm/Rrin2OP//EQS020BszWBILTbiq
CjSRktTGGcehfr3S/h2X9e3/B6RAQp3RaowljRmi2jq5oSUlrg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:33 2025 by rpki-client