Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json)
Hash identifier: UFMJXjcHH1i8YxyzUtK79pkMTUr/aPtQaVvVnT9lfKc=
Subject key identifier: 61:2D:61:EF:F0:4D:44:31:8D:C0:96:EE:61:23:76:C8:B5:E8:4C:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F592E9A18693A9FFA0E03C49451993347328253
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
Signing time: Tue 20 May 2025 19:50:07 +0000
ROA not before: Tue 20 May 2025 19:50:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:59:2e:9a:18:69:3a:9f:fa:0e:03:c4:94:51:99:33:47:32:82:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:50:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c9c3ede1cf3ea5262eb6c5dd82339a92b8353622763d10600fa6335375bbfe03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:03:b6:98:0e:7c:9b:33:51:de:98:64:ea:6e:
8b:13:31:8c:67:7a:8b:c2:a3:16:04:aa:4e:6e:70:
7d:f8:ec:a1:fd:ec:25:23:f0:ad:ff:c3:4f:6f:db:
6c:32:d9:32:c3:9d:53:24:96:72:15:0d:d6:09:9f:
75:ea:3f:d0:25:aa:15:a7:63:1d:0f:3a:1f:ab:67:
0c:1d:ed:94:80:77:c3:f4:b6:c0:84:98:5f:4c:e9:
be:e8:6c:08:41:56:8a:d8:42:ec:e5:12:3e:76:5a:
4f:5f:79:ee:05:7e:49:0b:b8:f9:e9:2e:70:8f:8c:
7b:1c:b2:7a:45:bc:a1:4a:64:21:de:25:52:e8:d1:
e8:7f:00:ff:5f:2a:0f:fa:a0:6b:34:1c:7e:4e:2b:
d7:1a:2d:26:6c:8e:da:b5:99:2f:c2:14:e5:a0:83:
ee:de:79:76:b2:f8:29:23:dd:59:90:3b:48:1f:a2:
16:c0:9f:ba:79:5d:32:15:4b:4b:8b:78:50:f2:5c:
cd:e3:e7:6b:52:bd:10:36:05:1d:65:53:48:34:f9:
83:97:8b:1e:0d:2d:88:36:90:ac:09:cd:9e:35:ba:
ed:0a:63:67:ae:1d:60:dc:32:5b:8a:0e:98:7a:00:
60:98:a1:29:0a:cf:0b:b3:ed:c3:90:67:32:24:8e:
51:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:2D:61:EF:F0:4D:44:31:8D:C0:96:EE:61:23:76:C8:B5:E8:4C:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
25:a0:62:60:2f:3c:ff:4b:f5:b8:09:d4:c1:9b:7e:a8:85:8c:
ba:1e:1e:79:d9:fb:58:a6:3f:c6:47:7a:c3:4e:20:ad:c7:b9:
8c:02:d5:52:34:73:3a:bc:bd:f3:e3:7a:33:c8:00:fb:c5:5d:
85:1a:73:1c:cf:a0:65:1e:39:41:d3:c3:a0:8c:20:d2:90:58:
31:6f:8c:b2:50:55:5e:b0:4a:81:74:7a:d5:8e:a1:78:d3:90:
95:29:43:f8:fb:46:8c:b3:d1:ba:ef:cf:76:89:22:52:29:22:
84:7f:ca:e4:8c:11:1b:cf:0f:3f:cc:83:a5:89:cc:31:de:68:
26:28:17:4d:84:b0:c6:c6:8b:a8:56:9c:a3:a4:6d:f2:6b:dc:
bb:9d:34:e0:ae:55:e1:d7:13:44:73:9e:d3:0c:27:6c:27:2e:
97:b0:3b:cc:f1:d0:72:e4:e3:6f:5a:ec:59:cf:01:3b:2b:6d:
68:52:65:81:77:c6:3a:1b:c2:81:6b:06:6f:cf:98:44:ab:7d:
c9:ea:86:f1:4b:bd:db:66:ed:6b:68:e9:c5:5c:89:0d:9a:a1:
9f:da:05:2b:85:31:e5:45:a6:d1:bd:49:0a:0e:21:00:51:16:
3e:e2:20:df:6e:d2:34:62:b6:80:42:99:46:ad:56:0c:be:21:
cf:cb:15:52
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD1kumhhpOp/6DgPElFGZM0cyglMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUwMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5YzNlZGUxY2YzZWE1MjYyZWI2YzVkZDgyMzM5YTkyYjgzNTM2MjI3NjNk
MTA2MDBmYTYzMzUzNzViYmZlMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMADtpgOfJszUd6YZOpuixMxjGd6i8KjFgSqTm5wffjsof3sJSPwrf/DT2/b
bDLZMsOdUySWchUN1gmfdeo/0CWqFadjHQ86H6tnDB3tlIB3w/S2wISYX0zpvuhs
CEFWithC7OUSPnZaT1957gV+SQu4+ekucI+MexyyekW8oUpkId4lUujR6H8A/18q
D/qgazQcfk4r1xotJmyO2rWZL8IU5aCD7t55drL4KSPdWZA7SB+iFsCfunldMhVL
S4t4UPJczePna1K9EDYFHWVTSDT5g5eLHg0tiDaQrAnNnjW67QpjZ64dYNwyW4oO
mHoAYJihKQrPC7Ptw5BnMiSOUTECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhLWHv
8E1EMY3Alu5hI3bItehMYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA
MA0GCSqGSIb3DQEBCwUAA4IBAQAloGJgLzz/S/W4CdTBm36ohYy6Hh552ftYpj/G
R3rDTiCtx7mMAtVSNHM6vL3z43ozyAD7xV2FGnMcz6BlHjlB08OgjCDSkFgxb4yy
UFVesEqBdHrVjqF405CVKUP4+0aMs9G67892iSJSKSKEf8rkjBEbzw8/zIOlicwx
3mgmKBdNhLDGxouoVpyjpG3ya9y7nTTgrlXh1xNEc57TDCdsJy6XsDvM8dBy5ONv
WuxZzwE7K21oUmWBd8Y6G8KBawZvz5hEq33J6obxS73bZu1raOnFXIkNmqGf2gUr
hTHlRabRvUkKDiEAURY+4iDfbtI0YraAQplGrVYMviHPyxVS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:57:06 2025 by rpki-client