Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
File: a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa (raw, json)
Hash identifier: VH3An1GnhLI5k1QQVL04T4PJlfgvLkvil+nTKdx2ii0=
Subject key identifier: CD:61:CC:D4:45:EC:4D:A1:10:64:5B:0D:A2:68:3C:04:77:85:6E:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A0B9719C029A1ADAEA6BB572A2BC0434803B6AC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
Signing time: Fri 06 Jun 2025 15:10:05 +0000
ROA not before: Fri 06 Jun 2025 15:10:05 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:0b:97:19:c0:29:a1:ad:ae:a6:bb:57:2a:2b:c0:43:48:03:b6:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:05 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=c553147e921bbb47d5cca3af2b5bf15ea50be808c7d0d59944d35a2d7bc21788, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:70:a3:b9:a2:3d:11:f7:e8:81:90:fa:5a:18:
82:97:8a:55:0c:b5:77:32:1c:73:44:a0:2a:a5:7d:
c5:4b:ab:f0:81:f8:fa:39:bf:af:ed:d6:a7:79:be:
29:74:92:de:4d:7c:2a:2b:9d:ca:5c:17:8f:cd:b2:
90:a1:5d:29:f7:b2:87:df:b3:fe:fe:a2:c6:e3:42:
ea:91:d1:ee:a2:bf:87:3b:8b:8b:6a:98:cd:7c:80:
a8:37:0c:56:11:86:6f:14:d9:5e:5e:bb:17:de:f0:
cf:3c:0f:12:c8:32:f0:60:67:59:f6:6b:fc:37:78:
aa:d7:34:63:2a:ee:2c:a0:ae:69:cb:11:cb:39:e6:
c2:28:21:b9:0c:9b:fd:d4:8f:28:9a:04:aa:c8:46:
a3:76:08:4e:b7:85:21:56:ee:32:05:8e:e4:95:3f:
50:50:ee:21:28:c0:06:76:6d:6d:4b:78:b8:49:e3:
43:bf:cb:4f:f4:73:9a:98:af:ba:d1:53:d5:22:40:
5d:59:93:08:26:9d:53:4f:65:6d:cf:c6:2e:52:86:
13:2d:23:2f:a1:18:5e:16:4a:54:76:ed:cd:c0:f4:
4d:01:40:a1:b5:79:ec:1b:bf:d7:23:8e:2b:c6:3f:
04:f3:de:ff:03:ad:43:e1:88:a9:17:66:70:72:c0:
84:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:61:CC:D4:45:EC:4D:A1:10:64:5B:0D:A2:68:3C:04:77:85:6E:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/48
Signature Algorithm: sha256WithRSAEncryption
70:45:23:d1:02:4e:b2:49:d3:30:01:22:b1:2f:a9:62:38:c0:
ce:22:2f:84:44:9f:02:5a:3d:3e:b2:f6:a4:2c:19:73:ed:fb:
80:82:47:c3:89:be:f9:32:1e:52:12:95:83:ab:37:bd:64:53:
b1:99:3f:ab:37:78:44:db:0a:90:aa:d0:9c:d0:11:6a:de:ef:
a4:50:0c:f0:08:dc:3c:97:cd:4e:72:40:0f:5a:fe:8d:e0:30:
23:be:41:16:1c:e3:9b:87:52:7b:57:6c:fc:74:2f:46:f0:89:
a3:a6:4d:67:80:8b:ba:38:66:51:a9:31:5a:b2:28:32:c5:15:
d4:2e:e3:2a:82:6c:8d:80:ea:73:72:63:16:4f:61:8f:5f:d6:
0e:7f:86:56:fa:9e:27:c8:2e:0c:f3:ea:0e:d4:fc:75:e2:d2:
97:ad:b4:b8:6e:65:52:a2:45:4e:cb:19:65:af:4b:ef:51:4f:
32:2a:c4:f5:dc:b7:33:22:79:d8:38:e0:79:d2:8e:f8:98:1d:
81:20:4f:6d:10:82:4d:92:3f:da:6b:88:1e:c6:4a:c5:74:9a:
fc:05:3a:1a:04:ac:76:79:61:5f:84:71:0f:1f:e9:97:56:86:
f0:fe:73:23:86:7b:f2:b0:be:af:f4:04:97:02:72:4f:40:25:
a9:45:d0:33
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOguXGcApoa2uprtXKivAQ0gDtqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMDVaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1NTMxNDdlOTIxYmJiNDdkNWNjYTNhZjJiNWJmMTVlYTUwYmU4MDhjN2Qw
ZDU5OTQ0ZDM1YTJkN2JjMjE3ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJwo7miPRH36IGQ+loYgpeKVQy1dzIcc0SgKqV9xUur8IH4+jm/r+3Wp3m+
KXSS3k18KiudylwXj82ykKFdKfeyh9+z/v6ixuNC6pHR7qK/hzuLi2qYzXyAqDcM
VhGGbxTZXl67F97wzzwPEsgy8GBnWfZr/Dd4qtc0YyruLKCuacsRyznmwighuQyb
/dSPKJoEqshGo3YITreFIVbuMgWO5JU/UFDuISjABnZtbUt4uEnjQ7/LT/Rzmpiv
utFT1SJAXVmTCCadU09lbc/GLlKGEy0jL6EYXhZKVHbtzcD0TQFAobV57Bu/1yOO
K8Y/BPPe/wOtQ+GIqRdmcHLAhO0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTNYczU
RexNoRBkWw2iaDwEd4VuAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc5NzVhYmUtMGNkOC00NTkwLWI1OGItNzAzZmE1ZjRiZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYg
ADANBgkqhkiG9w0BAQsFAAOCAQEAcEUj0QJOsknTMAEisS+pYjjAziIvhESfAlo9
PrL2pCwZc+37gIJHw4m++TIeUhKVg6s3vWRTsZk/qzd4RNsKkKrQnNARat7vpFAM
8AjcPJfNTnJAD1r+jeAwI75BFhzjm4dSe1ds/HQvRvCJo6ZNZ4CLujhmUakxWrIo
MsUV1C7jKoJsjYDqc3JjFk9hj1/WDn+GVvqeJ8guDPPqDtT8deLSl620uG5lUqJF
TssZZa9L71FPMirE9dy3MyJ52DjgedKO+JgdgSBPbRCCTZI/2muIHsZKxXSa/AU6
GgSsdnlhX4RxDx/pl1aG8P5zI4Z78rC+r/QElwJyT0AlqUXQMw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:04 2025 by rpki-client