Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a51d6038-bb41-47b2-a883-07e17ac04d63.roa
File: a51d6038-bb41-47b2-a883-07e17ac04d63.roa (raw, json)
Hash identifier: znrEAQCFPfvkZyTGk5XT4Mkk+Xu5mh9WwcWmbNp6EF8=
Subject key identifier: 3F:C1:C4:A0:51:F4:A0:AB:7B:7F:E6:D0:FF:07:A2:62:33:C1:CB:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DCD2F5BF5C34FFA421F49184EC4852377923406
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a51d6038-bb41-47b2-a883-07e17ac04d63.roa
Signing time: Tue 20 May 2025 19:31:34 +0000
ROA not before: Tue 20 May 2025 19:31:34 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:cd:2f:5b:f5:c3:4f:fa:42:1f:49:18:4e:c4:85:23:77:92:34:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:31:34 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=90abd53ecb8eecf92ee3a39466d54ededad136f1013ac3bf3530ab9802ca23fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e5:90:ab:db:6b:07:ae:44:ef:17:38:ff:e7:
9f:84:93:14:f2:95:ea:81:9e:9e:1d:20:c0:75:ce:
19:3a:22:a6:fe:44:23:32:9d:e9:81:fd:4c:45:85:
ab:ef:05:f7:aa:d9:d7:d4:b9:e8:11:05:b9:aa:17:
f5:58:ad:1d:21:9b:96:2f:17:31:88:bb:83:1a:4e:
bc:f7:b6:17:43:04:1f:1f:b0:70:02:2d:f2:5e:25:
68:8a:07:51:00:23:f1:c5:28:ac:f9:3f:c8:5e:57:
e1:68:40:cc:3d:c2:0b:3b:a2:ee:a1:5c:90:95:8e:
d8:09:75:63:0c:99:38:c0:0d:4b:1b:1f:6b:82:2b:
03:bf:ab:33:e2:b9:1c:8c:d8:fc:63:f2:95:4b:13:
6d:f8:b7:ee:5a:b9:d7:46:4d:b3:c5:a2:a1:65:c1:
a4:66:3d:37:db:87:27:ae:0a:d5:50:48:cc:8b:55:
3d:4d:58:36:9f:e8:0a:c3:74:4b:ca:80:96:eb:57:
ed:cf:ae:40:d5:5b:e2:1a:83:0e:b5:34:f9:21:c0:
21:9f:33:0f:9f:96:e9:0f:3c:4c:90:4b:1b:ac:12:
43:75:cc:41:56:45:b0:fe:d3:3e:be:28:bc:bc:33:
aa:60:cf:9f:38:f1:5c:25:a7:d5:b9:2c:2a:68:b7:
78:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C1:C4:A0:51:F4:A0:AB:7B:7F:E6:D0:FF:07:A2:62:33:C1:CB:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a51d6038-bb41-47b2-a883-07e17ac04d63.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2040::/46
Signature Algorithm: sha256WithRSAEncryption
9a:46:2b:f1:78:9c:d9:9c:80:3a:0c:e1:d0:0f:65:48:9b:57:
e1:8c:5e:c4:c3:ef:e6:d6:bf:fa:09:c6:1b:e1:fe:8d:d0:57:
11:3a:8e:7f:ac:f0:5c:af:78:1e:7c:80:95:21:b2:89:7f:0c:
71:bd:9c:b4:45:04:0a:67:53:5f:dc:d3:71:c8:90:84:23:f1:
70:75:d8:7b:fe:72:4a:39:22:c3:81:98:14:e0:74:18:a9:64:
2c:58:f5:73:4d:ed:5a:b9:bf:b1:fa:e4:a1:70:46:ae:a0:0a:
86:e6:30:e1:8b:ca:65:47:3a:c2:5d:14:cd:75:65:4f:4c:f1:
fb:5e:f3:34:f1:5e:20:f6:f2:5d:6f:a2:cd:9e:18:af:ce:ae:
5a:19:ce:ad:43:fd:4f:a8:69:5b:68:1d:f9:2e:5b:86:e1:18:
78:f6:87:5e:71:30:3a:90:4b:90:1c:a7:20:94:e4:ad:0b:c4:
61:4c:e4:cf:91:e5:08:17:0b:d5:a6:75:ef:a2:c6:b0:99:45:
b2:41:c2:2f:7b:65:9c:56:a6:26:70:1c:d8:13:02:4b:f4:41:
32:17:a8:f7:e3:c0:40:7a:88:a0:23:81:ac:a8:c3:c4:49:a6:
1e:44:ba:d6:06:42:77:63:f8:13:9e:67:7b:01:80:25:55:50:
57:98:f8:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDc0vW/XDT/pCH0kYTsSFI3eSNAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMxMzRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwYWJkNTNlY2I4ZWVjZjkyZWUzYTM5NDY2ZDU0ZWRlZGFkMTM2ZjEwMTNh
YzNiZjM1MzBhYjk4MDJjYTIzZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrlkKvbaweuRO8XOP/nn4STFPKV6oGenh0gwHXOGToipv5EIzKd6YH9TEWF
q+8F96rZ19S56BEFuaoX9VitHSGbli8XMYi7gxpOvPe2F0MEHx+wcAIt8l4laIoH
UQAj8cUorPk/yF5X4WhAzD3CCzui7qFckJWO2Al1YwyZOMANSxsfa4IrA7+rM+K5
HIzY/GPylUsTbfi37lq510ZNs8WioWXBpGY9N9uHJ64K1VBIzItVPU1YNp/oCsN0
S8qAlutX7c+uQNVb4hqDDrU0+SHAIZ8zD5+W6Q88TJBLG6wSQ3XMQVZFsP7TPr4o
vLwzqmDPnzjxXCWn1bksKmi3eJUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ/wcSg
UfSgq3t/5tD/B6JiM8HL0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTUxZDYwMzgtYmI0MS00N2IyLWE4ODMtMDdlMTdhYzA0ZDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hcg
QDANBgkqhkiG9w0BAQsFAAOCAQEAmkYr8Xic2ZyAOgzh0A9lSJtX4YxexMPv5ta/
+gnGG+H+jdBXETqOf6zwXK94HnyAlSGyiX8Mcb2ctEUECmdTX9zTcciQhCPxcHXY
e/5ySjkiw4GYFOB0GKlkLFj1c03tWrm/sfrkoXBGrqAKhuYw4YvKZUc6wl0UzXVl
T0zx+17zNPFeIPbyXW+izZ4Yr86uWhnOrUP9T6hpW2gd+S5bhuEYePaHXnEwOpBL
kBynIJTkrQvEYUzkz5HlCBcL1aZ176LGsJlFskHCL3tlnFamJnAc2BMCS/RBMheo
9+PAQHqIoCOBrKjDxEmmHkS61gZCd2P4E55newGAJVVQV5j4/g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:25 2025 by rpki-client