Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
File: 9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa (raw, json)
Hash identifier: 32wXJWYEe7ZYz7eGYp0XwXkqxK0tV0ZmgbZGLMcBKsg=
Subject key identifier: 91:7C:69:AC:E2:30:7A:68:F0:08:69:31:D6:B8:0F:12:2F:E1:1C:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56D7ED4A1F6B3A30349B38014F22F750903AE9C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
Signing time: Tue 20 May 2025 19:11:16 +0000
ROA not before: Tue 20 May 2025 19:11:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:d7:ed:4a:1f:6b:3a:30:34:9b:38:01:4f:22:f7:50:90:3a:e9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cd7aa0bc2877c9cf66d15334532c5fcc7814878a690b0bacd7d6874b0d46ccd0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fb:6c:fe:62:1a:12:88:32:f7:8d:4b:b1:72:
c4:19:4a:d9:66:24:87:6a:4d:43:92:7d:22:b2:ac:
a2:e5:ee:58:77:60:92:40:73:b6:2e:79:3e:61:d6:
f4:4a:a6:f3:8b:ad:f6:75:97:de:98:76:f5:3a:95:
71:84:8a:b1:4c:9f:de:9f:36:2e:09:47:35:0b:15:
3c:b0:a4:00:a5:65:8e:82:bf:71:29:18:32:5f:a2:
7c:4b:d9:4c:60:e0:f7:d2:1e:41:2d:80:82:54:91:
62:b0:14:4a:ae:a4:09:78:83:b3:f9:8b:e5:f7:8d:
ed:63:fd:12:c0:a6:c2:2e:05:9a:25:e8:33:7c:8f:
1f:90:b0:f9:4f:49:56:f3:c4:03:ba:9f:f1:94:f8:
35:71:2b:8f:84:10:51:f1:cf:58:2b:1a:4b:5a:1f:
6f:15:92:26:ab:2b:0b:71:c6:a6:00:f4:f6:b4:d8:
bb:7d:aa:cd:e9:45:98:df:34:89:1d:4a:5d:b0:4a:
90:9e:b3:78:5d:19:f9:8e:41:e9:d7:a9:30:59:5d:
1e:b7:d3:e0:f2:c2:47:f8:93:02:f7:eb:90:8e:b0:
5a:b0:76:a4:40:24:42:34:13:b1:0d:75:a4:93:ef:
64:01:dc:20:a3:7a:0e:8b:cb:05:7a:f5:ed:91:67:
c0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7C:69:AC:E2:30:7A:68:F0:08:69:31:D6:B8:0F:12:2F:E1:1C:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9040::/48
Signature Algorithm: sha256WithRSAEncryption
7a:e2:8b:62:ce:36:18:58:1b:d3:d8:77:e4:1a:d6:63:65:c5:
d7:d4:64:81:31:aa:e9:ed:87:0d:00:02:34:67:a7:12:26:1d:
2c:b5:82:a7:da:b0:0d:9e:73:61:33:ca:f4:a5:c7:4f:f7:d1:
3f:69:ae:28:5b:36:d9:33:87:6b:6e:9f:b5:66:80:3b:ac:8c:
e1:22:ca:86:44:12:30:c7:b2:41:b7:34:a5:52:97:35:6a:ec:
82:6b:5c:71:11:65:a6:d5:a3:97:1c:3f:d0:d7:22:00:6d:d6:
d0:40:eb:8b:e7:8b:18:92:53:d7:96:ce:5d:0e:97:6b:9a:c1:
0c:83:7b:3c:64:a9:18:37:f3:5b:12:bc:0d:55:c4:2c:92:37:
35:12:d7:2f:c6:bd:af:b1:be:8b:e4:6a:b4:8a:09:8b:94:b2:
3f:a2:cd:52:44:28:e4:a1:a7:df:37:b2:e0:b0:93:c6:38:a5:
ff:d2:59:90:cf:ab:61:e6:4d:4d:c9:15:fe:e9:a6:31:ae:35:
7c:ae:1f:4a:3b:1d:d7:b2:56:f3:a1:42:eb:1d:f2:77:9d:24:
1f:41:ad:a8:e5:9b:d8:1d:1b:3f:8a:62:b3:8d:21:e1:c6:fc:
fb:0a:46:8c:21:8c:e3:6c:f3:e6:a1:d0:f3:19:90:70:20:d1:
83:78:1a:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVtftSh9rOjA0mzgBTyL3UJA66ckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkN2FhMGJjMjg3N2M5Y2Y2NmQxNTMzNDUzMmM1ZmNjNzgxNDg3OGE2OTBi
MGJhY2Q3ZDY4NzRiMGQ0NmNjZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALj7bP5iGhKIMveNS7FyxBlK2WYkh2pNQ5J9IrKsouXuWHdgkkBzti55PmHW
9Eqm84ut9nWX3ph29TqVcYSKsUyf3p82LglHNQsVPLCkAKVljoK/cSkYMl+ifEvZ
TGDg99IeQS2AglSRYrAUSq6kCXiDs/mL5feN7WP9EsCmwi4FmiXoM3yPH5Cw+U9J
VvPEA7qf8ZT4NXErj4QQUfHPWCsaS1ofbxWSJqsrC3HGpgD09rTYu32qzelFmN80
iR1KXbBKkJ6zeF0Z+Y5B6depMFldHrfT4PLCR/iTAvfrkI6wWrB2pEAkQjQTsQ11
pJPvZAHcIKN6DovLBXr17ZFnwC8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSRfGms
4jB6aPAIaTHWuA8SL+EcwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIwNzU5NWUtM2JiYy00NWY3LThmMGEtODEzZTFiMDFmOWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAeuKLYs42GFgb09h35BrWY2XF19RkgTGq6e2H
DQACNGenEiYdLLWCp9qwDZ5zYTPK9KXHT/fRP2muKFs22TOHa26ftWaAO6yM4SLK
hkQSMMeyQbc0pVKXNWrsgmtccRFlptWjlxw/0NciAG3W0EDri+eLGJJT15bOXQ6X
a5rBDIN7PGSpGDfzWxK8DVXELJI3NRLXL8a9r7G+i+RqtIoJi5SyP6LNUkQo5KGn
3zey4LCTxjil/9JZkM+rYeZNTckV/ummMa41fK4fSjsd17JW86FC6x3yd50kH0Gt
qOWb2B0bP4pis40h4cb8+wpGjCGM42zz5qHQ8xmQcCDRg3gaRQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:16 2025 by rpki-client