Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
File: 9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa (raw, json)
Hash identifier: 699JopNTSOfZrNiwhuQYt7UFvBiPyLRpZiz3Ebs+mLA=
Subject key identifier: BC:0E:87:88:70:13:98:62:0C:61:6C:BB:F3:3F:B3:76:93:F1:EF:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33D9608E44DBB5339CE121BCEACF6A147C7DF2C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
Signing time: Tue 20 May 2025 18:20:14 +0000
ROA not before: Tue 20 May 2025 18:20:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:d9:60:8e:44:db:b5:33:9c:e1:21:bc:ea:cf:6a:14:7c:7d:f2:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f5f6ed0e83eaf0a951b173d9e06f34040f0d32a5ca6cc6fe803f6fe15e5ccf9a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e0:5d:cc:40:90:65:63:09:47:a9:37:39:b1:
05:f0:22:3e:22:75:ca:f4:74:85:6a:9f:23:f2:8c:
7e:55:ed:67:bf:03:1f:df:98:66:80:32:b1:4e:9e:
ee:bf:da:21:78:7a:d2:7f:6d:8e:c5:f3:03:30:3e:
3a:5d:c0:09:e8:7c:d4:9a:b4:8d:cc:41:47:55:64:
f9:28:09:2f:e5:44:a9:2b:cd:00:5b:a1:51:b4:aa:
30:85:94:62:0f:f1:4e:e2:25:c5:c8:21:48:2a:06:
68:54:c6:3f:ce:0c:20:e5:84:06:af:05:8e:a6:b0:
d8:bd:76:d4:46:6d:fe:91:60:a6:31:3d:d5:8e:43:
47:a1:07:20:ab:ad:48:0e:a8:f0:d5:59:17:f7:9c:
2f:18:9a:fd:b2:85:48:80:f9:fb:b2:a1:b6:61:ee:
e5:fd:5d:3b:aa:21:21:44:29:96:3f:cf:68:fb:6a:
ad:f5:78:80:a6:ec:d5:86:a4:36:ee:31:52:be:8f:
4f:59:1d:f1:da:05:9a:1b:4b:de:bb:eb:f0:e8:b9:
26:c9:cc:c3:98:c5:e1:bc:08:8c:c5:85:ed:a7:f9:
8e:17:c9:a6:2f:b8:ad:7e:ba:a6:d8:aa:ba:bf:17:
06:39:a8:95:46:ce:dd:7a:33:1e:fc:0c:a7:a4:1a:
55:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:0E:87:88:70:13:98:62:0C:61:6C:BB:F3:3F:B3:76:93:F1:EF:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9080::/48
Signature Algorithm: sha256WithRSAEncryption
77:c9:05:89:cd:e3:dd:95:c3:37:aa:45:2b:23:17:48:02:be:
78:73:0f:b9:8b:a3:aa:d6:af:51:5d:82:f9:b7:ce:9d:fb:b5:
2c:b4:af:82:56:cb:d1:e2:a4:39:ec:62:f8:5b:dc:05:9b:c0:
22:f0:6a:bf:fb:ed:d3:ca:13:67:04:61:df:a8:51:56:74:0f:
85:32:3e:e8:fc:89:71:86:f1:ae:c1:7f:e0:fb:9d:34:f3:59:
09:9d:0f:d0:f3:a5:9a:bf:c7:d3:01:d2:6f:e8:8e:11:33:5d:
ef:81:dc:35:0f:3c:f2:03:ed:e5:c5:80:13:c8:62:17:db:7c:
f0:e8:9d:f9:34:6b:78:88:6a:4e:9f:b4:31:d5:b4:ec:33:55:
e3:0a:61:83:82:7e:ad:ef:22:fb:a4:c2:61:0f:8f:1f:16:d5:
7b:30:09:47:c8:78:83:d8:5a:09:1e:10:90:16:d8:86:0e:ef:
df:1d:b8:4f:38:29:70:8b:57:4d:36:78:71:0e:b2:12:fd:20:
b9:9b:62:2b:c1:86:27:07:88:75:0e:89:ef:04:55:f4:e4:a0:
fe:63:12:56:a0:20:af:df:ce:3c:5a:fe:f2:35:0d:07:01:f1:
35:02:4b:61:2d:6c:63:fc:c6:63:fa:61:d4:f8:b4:7b:a8:ae:
c5:ee:f5:86
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUM9lgjkTbtTOc4SG86s9qFHx98sgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1ZjZlZDBlODNlYWYwYTk1MWIxNzNkOWUwNmYzNDA0MGYwZDMyYTVjYTZj
YzZmZTgwM2Y2ZmUxNWU1Y2NmOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXgXcxAkGVjCUepNzmxBfAiPiJ1yvR0hWqfI/KMflXtZ78DH9+YZoAysU6e
7r/aIXh60n9tjsXzAzA+Ol3ACeh81Jq0jcxBR1Vk+SgJL+VEqSvNAFuhUbSqMIWU
Yg/xTuIlxcghSCoGaFTGP84MIOWEBq8Fjqaw2L121EZt/pFgpjE91Y5DR6EHIKut
SA6o8NVZF/ecLxia/bKFSID5+7KhtmHu5f1dO6ohIUQplj/PaPtqrfV4gKbs1Yak
Nu4xUr6PT1kd8doFmhtL3rvr8Oi5JsnMw5jF4bwIjMWF7af5jhfJpi+4rX66ptiq
ur8XBjmolUbO3XozHvwMp6QaVb8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS8DoeI
cBOYYgxhbLvzP7N2k/HvNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkyNmExNWUtZDdmZC00ZDdiLWFkMWUtZDBkZjk4ZjU0NmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAd8kFic3j3ZXDN6pFKyMXSAK+eHMPuYujqtav
UV2C+bfOnfu1LLSvglbL0eKkOexi+FvcBZvAIvBqv/vt08oTZwRh36hRVnQPhTI+
6PyJcYbxrsF/4PudNPNZCZ0P0POlmr/H0wHSb+iOETNd74HcNQ888gPt5cWAE8hi
F9t88Oid+TRreIhqTp+0MdW07DNV4wphg4J+re8i+6TCYQ+PHxbVezAJR8h4g9ha
CR4QkBbYhg7v3x24TzgpcItXTTZ4cQ6yEv0guZtiK8GGJweIdQ6J7wRV9OSg/mMS
VqAgr9/OPFr+8jUNBwHxNQJLYS1sY/zGY/ph1Pi0e6iuxe71hg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:50 2025 by rpki-client