Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90397a9d-b89a-4b45-b519-625f69fe173f.roa
File: 90397a9d-b89a-4b45-b519-625f69fe173f.roa (raw, json)
Hash identifier: xzhlRVFqRRoP8szb4bBktLcaJ60eSRg3FQaID4A8uns=
Subject key identifier: FE:B5:77:FD:02:4D:A1:5D:A7:1D:5E:A0:32:C2:69:78:DE:FE:54:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 267694EFAD39371EED1799E5078F58B2C5F3E2DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90397a9d-b89a-4b45-b519-625f69fe173f.roa
Signing time: Tue 20 May 2025 19:41:14 +0000
ROA not before: Tue 20 May 2025 19:41:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:10c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:76:94:ef:ad:39:37:1e:ed:17:99:e5:07:8f:58:b2:c5:f3:e2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:41:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=987eb5dda65e5ee6f39275a909577f2c67829c2845e2b03dfba046c0e1ec7db2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d4:e5:4e:b9:29:20:e1:c7:3b:2b:7f:56:2c:
2d:9b:93:bd:ab:e4:52:5f:72:10:1f:cb:14:b8:af:
f8:ab:f5:76:2d:96:31:95:dc:95:51:70:0f:4a:0e:
46:e4:6b:a6:63:5f:d5:4e:c5:9f:87:32:46:6d:32:
0d:68:55:ca:57:3e:13:94:1b:1f:49:97:9c:8f:b4:
78:fb:bc:b4:f5:01:ca:5e:af:a8:5c:03:b6:4d:38:
52:74:55:45:2f:ee:c0:c0:83:56:38:ea:48:cd:4d:
bd:aa:1f:dd:40:b8:31:e4:7e:f8:c5:df:6d:bc:0f:
8d:b6:5c:8d:66:11:cf:c7:9c:d1:0a:98:fa:bc:91:
e0:8c:a8:6d:ab:ad:c1:47:0f:97:31:ad:6c:02:1b:
3b:de:f7:ba:04:f2:65:d0:3f:53:0d:8b:c6:7b:fd:
75:c4:80:1a:a0:da:24:ce:88:1c:1e:79:3e:df:61:
fd:6b:ce:c8:2e:67:9b:05:19:8f:e7:ed:b9:cd:1a:
dc:8d:d7:59:54:b1:f6:9b:2d:5a:10:fb:19:fa:7e:
3e:ff:09:2a:d6:58:27:3f:3e:5e:39:f9:2d:61:85:
f6:68:8f:84:da:17:3b:f5:4e:fb:43:fd:04:9b:01:
77:ab:66:ac:3e:3d:1e:ff:d7:3e:5b:17:89:30:a9:
b9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B5:77:FD:02:4D:A1:5D:A7:1D:5E:A0:32:C2:69:78:DE:FE:54:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90397a9d-b89a-4b45-b519-625f69fe173f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:10c0::/46
Signature Algorithm: sha256WithRSAEncryption
10:2f:3e:9e:ab:5c:1a:7e:bc:f2:36:cf:59:62:a1:50:9d:57:
57:2e:4b:2f:ca:e5:10:81:f5:d8:78:6c:16:7a:8e:db:59:7c:
7d:09:05:94:49:49:7f:f7:1b:cf:54:50:2d:a5:23:d3:30:44:
4b:1e:1d:67:02:49:83:3f:b2:78:5c:05:28:ec:d1:93:66:a6:
4a:ce:90:45:0b:81:b4:97:18:47:5d:ec:59:21:c8:60:d1:ac:
ca:c2:cf:93:12:f9:c9:f5:b7:dd:6e:25:0b:c3:90:7f:32:4d:
47:e6:a6:38:2b:3b:d7:58:7e:ca:e4:57:f3:c1:f5:77:79:82:
ab:73:85:2c:24:09:5e:4b:83:1c:e9:65:37:2b:81:19:79:15:
23:ab:0b:06:0f:36:cb:fc:67:c4:23:4d:89:ea:59:a4:56:ac:
96:ed:e9:c8:18:8b:3c:16:70:ee:01:4d:ba:3e:60:9e:bf:4d:
07:8a:43:38:ac:86:52:99:1c:c0:ef:d4:ae:35:52:b2:6a:0d:
9d:8b:a2:7c:58:f2:dc:11:9c:be:08:d2:a0:ce:86:39:73:32:
f3:e5:6a:5a:b9:f4:63:0a:c2:f5:11:83:a5:76:ff:d8:29:c2:
63:df:29:c3:80:96:4c:c7:cc:ac:65:d7:b6:25:a4:6f:0b:6c:
26:0b:e1:60
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJnaU7605Nx7tF5nlB49YssXz4t4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQxMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4N2ViNWRkYTY1ZTVlZTZmMzkyNzVhOTA5NTc3ZjJjNjc4MjljMjg0NWUy
YjAzZGZiYTA0NmMwZTFlYzdkYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTU5U65KSDhxzsrf1YsLZuTvavkUl9yEB/LFLiv+Kv1di2WMZXclVFwD0oO
RuRrpmNf1U7Fn4cyRm0yDWhVylc+E5QbH0mXnI+0ePu8tPUByl6vqFwDtk04UnRV
RS/uwMCDVjjqSM1Nvaof3UC4MeR++MXfbbwPjbZcjWYRz8ec0QqY+ryR4Iyobaut
wUcPlzGtbAIbO973ugTyZdA/Uw2Lxnv9dcSAGqDaJM6IHB55Pt9h/WvOyC5nmwUZ
j+ftuc0a3I3XWVSx9pstWhD7Gfp+Pv8JKtZYJz8+Xjn5LWGF9miPhNoXO/VO+0P9
BJsBd6tmrD49Hv/XPlsXiTCpuQcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT+tXf9
Ak2hXacdXqAywml43v5UWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTAzOTdhOWQtYjg5YS00YjQ1LWI1MTktNjI1ZjY5ZmUxNzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAEC8+nqtcGn688jbPWWKhUJ1XVy5LL8rlEIH1
2HhsFnqO21l8fQkFlElJf/cbz1RQLaUj0zBESx4dZwJJgz+yeFwFKOzRk2amSs6Q
RQuBtJcYR13sWSHIYNGsysLPkxL5yfW33W4lC8OQfzJNR+amOCs711h+yuRX88H1
d3mCq3OFLCQJXkuDHOllNyuBGXkVI6sLBg82y/xnxCNNiepZpFaslu3pyBiLPBZw
7gFNuj5gnr9NB4pDOKyGUpkcwO/UrjVSsmoNnYuifFjy3BGcvgjSoM6GOXMy8+Vq
Wrn0YwrC9RGDpXb/2CnCY98pw4CWTMfMrGXXtiWkbwtsJgvhYA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:29 2025 by rpki-client