Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
File: 91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa (raw, json)
Hash identifier: CWsjjb+sff2naSt7pkhg0z0RW87l1FOMPNe+o2byBc8=
Subject key identifier: B1:37:46:F1:18:78:D9:6B:9C:7C:96:8B:DF:F8:C6:5A:D1:54:63:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CD498A40DC2B5B6F7A0CD16FA72D31128755408
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
Signing time: Tue 20 May 2025 18:30:08 +0000
ROA not before: Tue 20 May 2025 18:30:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:d4:98:a4:0d:c2:b5:b6:f7:a0:cd:16:fa:72:d3:11:28:75:54:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b3864594ce07437d7a2b4587640c41cb4f9b23e1081f8d3f86ec5b7832c790e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1c:c4:3e:53:a1:5b:01:58:8e:46:c2:0a:ef:
af:01:d6:0d:bd:7e:34:67:4e:5a:e2:25:2c:0f:ff:
47:8f:43:32:6e:69:b6:96:54:3c:83:d2:70:c5:96:
80:ac:8c:04:1d:ec:6f:30:e2:4f:a6:a9:d0:6c:ea:
9c:95:4a:c6:5f:d2:10:42:06:9b:c2:ca:64:ce:71:
db:08:75:e1:d3:cb:43:ca:cd:06:d2:f3:e3:96:29:
b8:9b:57:c3:1d:f4:92:67:0f:0d:24:58:84:37:6b:
8a:ba:26:e6:91:89:7b:cb:4e:73:7f:bf:38:02:16:
d0:1b:35:b9:b4:d5:aa:13:48:fd:1b:7a:1f:8d:8a:
f4:15:c4:66:b5:2e:77:0f:7c:5e:3f:35:68:13:2f:
f1:a8:62:33:a5:ec:70:07:bd:ba:3b:2e:4b:f5:9a:
0e:c5:ba:6d:78:52:a7:56:90:15:24:eb:9c:04:ec:
95:98:72:41:f9:87:f2:bc:27:90:9d:c7:54:28:4f:
9c:63:8b:00:81:0c:86:0e:ee:37:90:c6:17:9e:2a:
32:ec:c6:3b:6e:50:fb:74:af:4c:32:8a:a0:47:65:
54:dc:e2:59:3a:60:1b:fc:07:c8:b3:5d:eb:5e:c1:
af:36:28:d5:4f:ed:0a:81:99:9d:51:83:3d:a3:17:
ab:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:37:46:F1:18:78:D9:6B:9C:7C:96:8B:DF:F8:C6:5A:D1:54:63:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8080::/48
Signature Algorithm: sha256WithRSAEncryption
36:50:b2:2d:00:37:51:a4:72:e3:00:7c:7b:ec:73:eb:a6:07:
02:35:0b:36:ab:6c:06:31:bf:48:4d:c6:09:e0:d1:12:c4:95:
3b:b3:76:1f:79:49:b8:29:92:fb:d7:27:bd:21:9f:eb:45:0c:
11:63:6a:07:f4:e8:ec:36:65:94:b6:aa:92:56:86:56:fe:8d:
f5:c5:43:52:7c:d4:bf:f6:5e:74:a8:9a:f6:e9:cc:40:0e:35:
ea:04:ff:89:bd:7f:46:c7:98:71:d9:ca:7f:62:ce:6c:3d:b2:
3d:38:79:75:3e:2e:d1:ad:d2:39:ea:4d:c6:80:fa:58:d8:90:
86:4f:89:42:9a:2a:dc:c3:65:3f:45:73:c6:9d:92:74:29:16:
a1:14:01:84:7c:58:c2:cc:93:0d:45:6e:cc:8c:e9:72:48:56:
39:32:b8:7f:05:3e:e8:4d:47:f0:dd:54:f9:be:d6:12:b3:67:
75:c4:dd:d9:f2:f4:c4:b5:1f:5d:e8:18:d1:cf:e9:b7:ec:3a:
fb:a6:4d:8a:91:63:77:e1:eb:15:e4:1c:7b:d9:61:c1:69:c6:
c8:f4:53:ad:4d:dd:b4:f8:57:17:fb:ad:fe:a0:85:f7:61:98:
da:9d:2a:1d:f3:da:df:19:a1:58:d2:a0:9e:af:cd:52:bb:d3:
dc:7e:5c:58
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfNSYpA3Ctbb3oM0W+nLTESh1VAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzODY0NTk0Y2UwNzQzN2Q3YTJiNDU4NzY0MGM0MWNiNGY5YjIzZTEwODFm
OGQzZjg2ZWM1Yjc4MzJjNzkwZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4cxD5ToVsBWI5GwgrvrwHWDb1+NGdOWuIlLA//R49DMm5ptpZUPIPScMWW
gKyMBB3sbzDiT6ap0GzqnJVKxl/SEEIGm8LKZM5x2wh14dPLQ8rNBtLz45YpuJtX
wx30kmcPDSRYhDdrirom5pGJe8tOc3+/OAIW0Bs1ubTVqhNI/Rt6H42K9BXEZrUu
dw98Xj81aBMv8ahiM6XscAe9ujsuS/WaDsW6bXhSp1aQFSTrnATslZhyQfmH8rwn
kJ3HVChPnGOLAIEMhg7uN5DGF54qMuzGO25Q+3SvTDKKoEdlVNziWTpgG/wHyLNd
617BrzYo1U/tCoGZnVGDPaMXq/8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSxN0bx
GHjZa5x8lovf+MZa0VRj0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFlZTM2NTUtZGNiNC00MWM2LWI0YTQtMjcwY2E1Y2FjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
gDANBgkqhkiG9w0BAQsFAAOCAQEANlCyLQA3UaRy4wB8e+xz66YHAjULNqtsBjG/
SE3GCeDREsSVO7N2H3lJuCmS+9cnvSGf60UMEWNqB/To7DZllLaqklaGVv6N9cVD
UnzUv/ZedKia9unMQA416gT/ib1/RseYcdnKf2LObD2yPTh5dT4u0a3SOepNxoD6
WNiQhk+JQpoq3MNlP0Vzxp2SdCkWoRQBhHxYwsyTDUVuzIzpckhWOTK4fwU+6E1H
8N1U+b7WErNndcTd2fL0xLUfXegY0c/pt+w6+6ZNipFjd+HrFeQce9lhwWnGyPRT
rU3dtPhXF/ut/qCF92GY2p0qHfPa3xmhWNKgnq/NUrvT3H5cWA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:15 2025 by rpki-client