Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
File: 979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa (raw, json)
Hash identifier: 00SuCrYwNV7L1zwii7rhxypyVtSAjnKHmAfLCv7l8aY=
Subject key identifier: BE:23:ED:AD:E9:B8:B3:08:AE:BE:75:B5:8E:E9:D6:15:06:8E:3C:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40612FAEFDE21241A1F94666107FE76822C1FC70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
Signing time: Tue 20 May 2025 18:30:50 +0000
ROA not before: Tue 20 May 2025 18:30:50 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:61:2f:ae:fd:e2:12:41:a1:f9:46:66:10:7f:e7:68:22:c1:fc:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:50 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c666fcbc41501f72163d39f1299310fdae43baf6fd121809db663870d75222c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fd:0e:ad:3d:94:73:ea:9d:f2:55:65:56:b7:
88:45:a3:41:bd:e5:5f:0a:3b:49:1b:78:f8:a0:55:
6a:cc:c1:70:eb:d9:ac:99:61:fd:22:ca:19:e6:c3:
f6:22:c6:65:e1:20:65:17:35:34:98:83:0a:53:5c:
1f:07:df:17:a6:50:74:95:9f:0b:85:ee:d3:ab:e3:
50:58:ad:61:46:b6:0a:79:49:6b:77:38:9e:3b:71:
6e:49:9b:75:de:7f:cc:7a:09:6a:43:76:58:0b:a0:
22:57:b3:1b:6b:e3:66:3e:e4:ed:3e:49:32:bf:eb:
1d:5f:a0:79:a4:1f:53:b8:6f:58:79:71:ea:89:86:
43:da:f3:73:a4:d0:32:2a:22:1a:d0:3e:2f:9c:e1:
73:94:f1:1c:d3:8f:10:58:22:01:ff:cb:88:34:e6:
88:bf:1c:e5:f2:26:a5:59:c9:44:84:bd:69:48:35:
b0:c3:b0:3c:95:41:59:7d:ab:6f:07:3c:4b:aa:c9:
fd:6c:40:74:19:bc:d6:11:d8:09:76:11:b7:2e:83:
c3:4f:a0:5c:e3:63:61:a4:45:9c:00:59:aa:82:31:
ee:ab:f1:6d:54:0c:54:85:e0:8a:18:4d:1e:b6:30:
f6:09:85:ff:0c:10:69:a0:66:21:0a:01:66:96:be:
d7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:23:ED:AD:E9:B8:B3:08:AE:BE:75:B5:8E:E9:D6:15:06:8E:3C:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8040::/48
Signature Algorithm: sha256WithRSAEncryption
0f:86:a7:ef:28:c2:ab:7e:37:39:aa:db:43:f2:44:49:4c:86:
3b:d2:a8:35:7e:1b:b4:ac:d3:b9:03:35:e4:c5:6e:98:44:5d:
8e:2a:2a:78:ca:8c:79:d7:9b:6c:83:5f:36:e3:4b:d3:eb:dd:
14:96:57:98:42:40:a5:a8:e5:dd:97:3c:ba:81:7c:e8:98:39:
d0:e8:a4:87:26:69:07:f0:31:24:48:36:c3:f5:3c:60:da:f2:
c9:f1:1e:7e:9a:54:0c:17:1e:72:2d:7d:c6:5f:b8:e8:db:c0:
ae:58:5e:e7:64:e7:98:3e:a3:64:05:b0:a0:4e:56:84:02:cf:
eb:a9:84:66:c0:b0:32:ea:6b:df:0d:e6:1f:94:ab:55:dc:2c:
d6:73:47:1d:94:9c:4f:5b:89:b7:7a:49:c4:7c:bd:3f:50:00:
ee:09:e7:6c:b2:28:3e:02:27:75:ed:e2:a5:db:4d:40:76:e6:
d0:9c:7e:41:e2:59:d1:7d:f7:4a:4f:ec:ac:fe:64:c3:4b:5c:
1b:44:a5:0f:ad:ec:7a:ef:f2:2e:28:3f:48:72:dc:4b:40:74:
89:a7:e0:8e:12:d2:fe:dd:66:df:76:f9:44:d5:a5:de:4a:33:
55:31:62:2e:f0:27:e6:2e:9d:d4:74:f9:03:f2:d5:2f:be:c1:
b0:8e:68:48
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQGEvrv3iEkGh+UZmEH/naCLB/HAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwNTBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NjZmY2JjNDE1MDFmNzIxNjNkMzlmMTI5OTMxMGZkYWU0M2JhZjZmZDEy
MTgwOWRiNjYzODcwZDc1MjIyYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAND9Dq09lHPqnfJVZVa3iEWjQb3lXwo7SRt4+KBVaszBcOvZrJlh/SLKGebD
9iLGZeEgZRc1NJiDClNcHwffF6ZQdJWfC4Xu06vjUFitYUa2CnlJa3c4njtxbkmb
dd5/zHoJakN2WAugIlezG2vjZj7k7T5JMr/rHV+geaQfU7hvWHlx6omGQ9rzc6TQ
MioiGtA+L5zhc5TxHNOPEFgiAf/LiDTmiL8c5fImpVnJRIS9aUg1sMOwPJVBWX2r
bwc8S6rJ/WxAdBm81hHYCXYRty6Dw0+gXONjYaRFnABZqoIx7qvxbVQMVIXgihhN
HrYw9gmF/wwQaaBmIQoBZpa+138CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS+I+2t
6bizCK6+dbWO6dYVBo48AjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc5YmM3M2YtN2Q4Ny00Y2ZhLTkzYmQtMDM3OGNmMWQ2YWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
QDANBgkqhkiG9w0BAQsFAAOCAQEAD4an7yjCq343OarbQ/JESUyGO9KoNX4btKzT
uQM15MVumERdjioqeMqMedebbINfNuNL0+vdFJZXmEJApajl3Zc8uoF86Jg50Oik
hyZpB/AxJEg2w/U8YNryyfEefppUDBceci19xl+46NvArlhe52TnmD6jZAWwoE5W
hALP66mEZsCwMupr3w3mH5SrVdws1nNHHZScT1uJt3pJxHy9P1AA7gnnbLIoPgIn
de3ipdtNQHbm0Jx+QeJZ0X33Sk/srP5kw0tcG0SlD63seu/yLig/SHLcS0B0iafg
jhLS/t1m33b5RNWl3kozVTFiLvAn5i6d1HT5A/LVL77BsI5oSA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:27 2025 by rpki-client