Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
File: 97535b7f-b66d-439d-9398-8336783c9ea4.roa (raw, json)
Hash identifier: b/jlvvlQCHpIpq6x6FGQlJfodmNg3KYXZY0c3BWD5Mk=
Subject key identifier: B7:C7:04:C3:12:2D:43:E6:25:2F:6B:E9:82:65:33:D5:E6:08:06:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20075DE007814C0C9BAC8595FB693B781BCB378A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
Signing time: Tue 20 May 2025 18:20:12 +0000
ROA not before: Tue 20 May 2025 18:20:12 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:07:5d:e0:07:81:4c:0c:9b:ac:85:95:fb:69:3b:78:1b:cb:37:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:12 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=13e67f5d428591b6e3e0bc7c759456a613cfa985b6436c3baedbb036e50af5aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5e:ca:49:7a:5b:d6:9f:11:4e:09:14:14:03:
6f:3c:87:4b:0b:6c:54:18:d5:77:04:a0:3b:78:5f:
b1:0f:9a:3d:ae:7c:22:89:b0:f5:bd:a8:22:d3:46:
9f:ab:48:73:0b:cd:42:88:57:57:ba:18:92:b0:de:
1f:de:4b:66:9b:67:a4:e2:1e:93:fb:29:ae:c4:71:
77:59:5c:34:2e:03:b6:b7:e0:9a:ec:7b:9b:75:3e:
01:bb:79:70:fa:2f:02:7e:bc:e0:bf:ca:c8:0c:8e:
38:e5:b6:e2:4a:ef:d2:67:79:03:4f:58:4c:a7:50:
1a:8f:76:c8:55:66:b0:b4:87:31:f4:92:2b:77:45:
27:16:d5:bd:35:7b:ab:5e:3c:4d:59:76:42:c0:33:
7a:2e:46:fb:8c:b2:08:3d:9b:0d:28:93:46:cd:3d:
61:da:1d:48:6f:12:b6:26:70:14:ac:50:a0:58:27:
ba:4f:28:c5:65:0b:5a:8d:ea:42:c4:64:5a:03:de:
00:81:ed:e2:54:7b:fe:fe:90:57:00:b3:f9:6a:27:
c5:38:04:84:70:06:fd:43:68:11:a5:fb:fb:0c:40:
e6:dc:6a:ac:74:1a:47:ac:6b:d6:1b:49:bb:33:d7:
48:e9:67:e8:35:35:1c:c3:12:0e:8b:10:e1:75:24:
a8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C7:04:C3:12:2D:43:E6:25:2F:6B:E9:82:65:33:D5:E6:08:06:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5040::/48
Signature Algorithm: sha256WithRSAEncryption
c2:1d:0c:b7:a3:c4:c7:21:43:fa:0e:d9:29:e2:75:4e:d0:1e:
ef:e4:bf:68:5b:83:61:de:a8:d1:a8:5c:f4:5a:b1:75:68:7e:
bb:3d:72:1a:ed:fc:47:05:85:c7:be:29:39:83:62:c2:17:35:
87:7a:e4:91:b2:06:67:c6:b7:42:2c:c0:d5:48:c5:ad:f2:1e:
42:35:e3:7a:0d:2a:2d:08:11:36:97:5e:f6:ed:ff:b7:94:ab:
84:8d:b0:72:92:fe:85:8a:85:59:8b:e9:2c:3d:ae:c7:82:35:
0d:ce:a9:b1:2a:b5:fb:b3:eb:48:b5:f0:4a:b9:09:55:12:d9:
9e:1e:57:25:e4:98:c6:00:d5:30:ec:2f:e2:f0:e8:c3:71:76:
02:6a:35:34:f9:fa:af:5f:77:d9:06:33:51:bb:12:72:fd:e3:
ed:a6:d0:f6:75:4e:4f:f5:b0:3d:33:d5:ce:c0:0e:ad:a9:8f:
54:40:76:9e:70:94:9a:1e:40:8f:37:c6:e6:5e:5a:28:d3:95:
cf:cc:a4:5b:fb:68:6a:3d:28:da:d8:50:09:5f:58:89:fc:74:
1c:23:72:80:5e:82:f4:90:e9:b0:b0:67:73:8b:29:90:76:6f:
ed:93:53:d3:4d:42:80:ab:33:f2:aa:05:67:99:0b:0f:4e:cd:
6e:5c:26:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIAdd4AeBTAybrIWV+2k7eBvLN4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwMTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzZTY3ZjVkNDI4NTkxYjZlM2UwYmM3Yzc1OTQ1NmE2MTNjZmE5ODViNjQz
NmMzYmFlZGJiMDM2ZTUwYWY1YWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJeykl6W9afEU4JFBQDbzyHSwtsVBjVdwSgO3hfsQ+aPa58Iomw9b2oItNG
n6tIcwvNQohXV7oYkrDeH95LZptnpOIek/sprsRxd1lcNC4Dtrfgmux7m3U+Abt5
cPovAn684L/KyAyOOOW24krv0md5A09YTKdQGo92yFVmsLSHMfSSK3dFJxbVvTV7
q148TVl2QsAzei5G+4yyCD2bDSiTRs09YdodSG8StiZwFKxQoFgnuk8oxWULWo3q
QsRkWgPeAIHt4lR7/v6QVwCz+WonxTgEhHAG/UNoEaX7+wxA5txqrHQaR6xr1htJ
uzPXSOln6DU1HMMSDosQ4XUkqKsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS3xwTD
Ei1D5iUva+mCZTPV5ggGkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc1MzViN2YtYjY2ZC00MzlkLTkzOTgtODMzNjc4M2M5ZWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAwh0Mt6PExyFD+g7ZKeJ1TtAe7+S/aFuDYd6o
0ahc9FqxdWh+uz1yGu38RwWFx74pOYNiwhc1h3rkkbIGZ8a3QizA1UjFrfIeQjXj
eg0qLQgRNpde9u3/t5SrhI2wcpL+hYqFWYvpLD2ux4I1Dc6psSq1+7PrSLXwSrkJ
VRLZnh5XJeSYxgDVMOwv4vDow3F2Amo1NPn6r1932QYzUbsScv3j7abQ9nVOT/Ww
PTPVzsAOramPVEB2nnCUmh5AjzfG5l5aKNOVz8ykW/toaj0o2thQCV9Yifx0HCNy
gF6C9JDpsLBnc4spkHZv7ZNT001CgKsz8qoFZ5kLD07Nblwmxw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:29 2025 by rpki-client