Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
File: 91473fe5-f129-48d9-8d23-63d62cec663a.roa (raw, json)
Hash identifier: ONkd95n49a828kwBV3W0aru+XHHwUUsjR0eScWj94L8=
Subject key identifier: 47:01:C6:E4:01:B3:05:9E:CD:4D:23:0C:B7:34:72:AE:04:23:1C:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 263FAF3C81FD566D49AFEC1BF02BECD195A833D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
Signing time: Tue 10 Jun 2025 17:20:34 +0000
ROA not before: Tue 10 Jun 2025 17:20:34 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:3f:af:3c:81:fd:56:6d:49:af:ec:1b:f0:2b:ec:d1:95:a8:33:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:34 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=e986b4865198aff95ef6b94a89964edbba7759aea9ac79e0f2592ea21017c112, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:23:b6:40:95:64:d0:e7:3e:73:05:71:ac:74:
37:ac:15:57:74:17:06:4c:f1:36:36:74:7e:8c:cc:
5b:93:47:e4:47:65:0f:7e:f9:37:cf:71:fa:15:57:
fb:8b:06:1e:ef:3f:b5:86:1f:4b:fa:3c:a3:d4:cf:
89:5c:b3:4d:e0:fd:6f:71:4b:da:e9:b7:c0:44:68:
aa:b8:84:3c:96:75:f6:cc:8b:52:5e:bc:f6:97:cb:
e4:51:43:7b:1f:7d:20:67:b8:37:fb:a2:1a:50:ae:
97:cd:1d:70:3e:13:2d:66:67:d7:55:08:4f:c0:70:
1c:3f:68:bf:ef:69:0a:39:98:2d:48:11:09:63:49:
a6:de:7c:ff:de:a3:c7:ba:1a:3c:a3:f2:04:9e:e2:
66:e4:e8:98:b0:85:e9:00:7b:71:51:00:75:dd:f4:
83:9d:69:26:61:19:24:ce:06:0d:e6:7e:4a:6e:4a:
52:d0:9e:9d:33:5e:66:78:64:89:13:6c:4c:92:d9:
83:5b:94:46:bc:94:81:a9:ba:35:4f:01:b3:ef:d7:
18:b3:79:9c:8c:d4:72:2f:37:8c:01:d9:85:63:da:
b3:9a:99:70:ce:da:b2:da:b9:1a:2c:bf:60:d7:db:
a3:99:c9:05:5f:7d:0e:73:55:98:fa:93:78:ed:96:
1a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:01:C6:E4:01:B3:05:9E:CD:4D:23:0C:B7:34:72:AE:04:23:1C:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:840::/48
Signature Algorithm: sha256WithRSAEncryption
42:e6:73:24:d3:28:cc:46:a6:7b:9e:3a:98:19:6b:33:21:75:
30:14:24:71:ee:0e:cb:a6:64:83:26:f9:86:6e:e2:5f:0f:d9:
c4:c0:ea:a5:97:da:0b:64:9c:0d:ff:77:78:97:8b:01:a3:a6:
e2:3d:50:85:51:9c:f2:d7:78:66:f5:94:63:8a:82:73:ce:00:
07:0b:1b:ed:8a:8a:e4:21:08:2e:59:b4:f7:d5:98:3a:f6:86:
80:8c:13:88:4f:f1:64:b7:5b:66:ed:50:0b:b9:e0:15:ab:6d:
4c:c8:85:d8:fa:f9:bb:e8:ab:f4:b6:6d:cb:8f:5d:32:aa:6e:
b6:a7:42:1d:55:55:9b:55:c1:b3:dd:6d:de:66:f7:f8:51:57:
ef:f5:28:15:78:19:ef:16:bf:ee:aa:65:3c:35:60:95:c7:68:
f5:99:0a:dc:5a:2b:63:87:83:af:dd:50:20:b7:fa:54:f1:32:
ab:df:63:3f:f0:03:d6:fc:b9:42:a0:66:e3:1d:c1:57:46:58:
95:68:78:7d:ca:89:e3:0d:03:26:01:34:da:eb:6a:f6:5a:ec:
b0:d6:5f:cb:d8:6a:ac:fe:e9:e3:78:01:fe:32:6b:4b:6f:49:
01:17:65:22:db:45:e7:80:f3:af:65:76:08:ad:d1:c6:b6:64:
28:e3:9e:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJj+vPIH9Vm1Jr+wb8Cvs0ZWoM9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMzRaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ODZiNDg2NTE5OGFmZjk1ZWY2Yjk0YTg5OTY0ZWRiYmE3NzU5YWVhOWFj
NzllMGYyNTkyZWEyMTAxN2MxMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO8jtkCVZNDnPnMFcax0N6wVV3QXBkzxNjZ0fozMW5NH5EdlD375N89x+hVX
+4sGHu8/tYYfS/o8o9TPiVyzTeD9b3FL2um3wERoqriEPJZ19syLUl689pfL5FFD
ex99IGe4N/uiGlCul80dcD4TLWZn11UIT8BwHD9ov+9pCjmYLUgRCWNJpt58/96j
x7oaPKPyBJ7iZuTomLCF6QB7cVEAdd30g51pJmEZJM4GDeZ+Sm5KUtCenTNeZnhk
iRNsTJLZg1uURryUgam6NU8Bs+/XGLN5nIzUci83jAHZhWPas5qZcM7astq5Giy/
YNfbo5nJBV99DnNVmPqTeO2WGt0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRHAcbk
AbMFns1NIwy3NHKuBCMc0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0NzNmZTUtZjEyOS00OGQ5LThkMjMtNjNkNjJjZWM2NjNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
QDANBgkqhkiG9w0BAQsFAAOCAQEAQuZzJNMozEame546mBlrMyF1MBQkce4Oy6Zk
gyb5hm7iXw/ZxMDqpZfaC2ScDf93eJeLAaOm4j1QhVGc8td4ZvWUY4qCc84ABwsb
7YqK5CEILlm099WYOvaGgIwTiE/xZLdbZu1QC7ngFattTMiF2Pr5u+ir9LZty49d
MqputqdCHVVVm1XBs91t3mb3+FFX7/UoFXgZ7xa/7qplPDVglcdo9ZkK3ForY4eD
r91QILf6VPEyq99jP/AD1vy5QqBm4x3BV0ZYlWh4fcqJ4w0DJgE02utq9lrssNZf
y9hqrP7p43gB/jJrS29JARdlIttF54Dzr2V2CK3RxrZkKOOeSg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:15 2025 by rpki-client