Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
File: aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa (raw, json)
Hash identifier: Qs2zutPTkk4N+v7qFHFMpv3e+NBcQeI2uTIwBOY/+is=
Subject key identifier: 88:4A:2E:9D:6B:30:D4:77:60:40:A9:69:78:43:60:0A:DB:84:19:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 351CCDB48E4020C51CBE5CBD2E96491843F4D085
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
Signing time: Tue 20 May 2025 18:40:13 +0000
ROA not before: Tue 20 May 2025 18:40:13 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:1c:cd:b4:8e:40:20:c5:1c:be:5c:bd:2e:96:49:18:43:f4:d0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:13 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=163571029eaeb92c70236cd85f10790d6210ba740a0bae4cf5efa29c7d5b991f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ba:13:be:9e:7c:0b:55:b9:d8:de:00:60:77:
02:41:94:52:bf:c8:80:d6:eb:dd:84:c4:69:9f:e8:
e9:eb:d7:e1:72:78:80:ce:1c:13:d4:c2:f0:7a:e1:
89:3a:e9:76:1d:5f:81:4c:0a:e2:f5:fb:42:23:c2:
42:e3:33:a0:2f:36:d0:ab:22:e4:2f:40:4d:0a:7b:
8c:5b:1b:a5:6a:7d:05:78:1d:c6:37:cf:0e:50:53:
de:af:da:49:97:33:22:72:7b:7f:bb:48:eb:a9:35:
7f:2b:e6:30:d2:8b:0b:87:94:c4:d0:de:09:39:9a:
d2:e5:c0:c9:f2:3f:ec:a9:76:d9:a5:7a:5d:3c:46:
7e:c8:1e:9d:73:4a:5b:58:97:a8:d6:b0:a2:8e:78:
c5:8e:2f:ff:43:ff:75:07:6b:8c:43:2c:1a:96:40:
4e:9e:6b:da:b2:86:8c:2c:47:d1:ad:65:ba:d3:cf:
a3:e4:ab:be:62:96:9c:49:2f:c2:e1:1a:a0:85:0c:
9a:f0:14:9f:20:2b:e8:d6:ed:69:57:cf:97:ec:dc:
37:4f:9e:e5:a0:e0:c9:20:04:9e:13:81:36:51:aa:
5f:2b:22:fc:57:b0:bc:8c:00:51:24:61:5c:6e:24:
72:c0:55:d3:3e:93:b5:6c:d5:01:c3:5e:eb:f4:e8:
b9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4A:2E:9D:6B:30:D4:77:60:40:A9:69:78:43:60:0A:DB:84:19:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a080::/48
Signature Algorithm: sha256WithRSAEncryption
c0:13:f5:74:c7:66:11:a4:02:87:26:4f:4a:9c:9a:29:90:48:
dc:34:08:25:55:8e:ee:4f:21:e8:95:f7:a1:83:28:56:b0:ec:
eb:ef:7e:97:c0:fe:87:7c:ea:de:0f:f9:c2:7a:28:98:ee:65:
0e:50:84:7b:55:4e:b6:01:da:ea:ed:e5:64:90:b7:3b:5e:06:
c2:3d:60:36:49:4f:82:fe:81:2a:19:ea:ef:cc:96:6c:4c:1c:
57:db:83:cc:f5:61:c8:77:47:c3:94:25:3e:77:6a:15:21:3b:
de:9a:8b:92:4e:dc:ee:4e:42:4f:3e:61:26:4f:85:dc:20:b7:
92:af:09:9b:d4:42:b0:0c:da:92:be:2a:ad:16:c6:0d:1a:04:
90:aa:bb:31:fd:7e:6b:ed:9c:03:26:ff:64:a7:f8:b6:ae:66:
73:79:7d:c4:10:8c:00:3c:95:bc:49:12:1d:f5:6e:db:78:d5:
a2:ad:b1:86:2b:db:41:2a:fe:2c:7e:b7:89:e8:72:ff:42:be:
2a:ff:51:7e:cf:0f:00:92:28:3e:74:84:22:d1:71:f2:30:d0:
d8:57:8e:a1:06:24:22:77:92:25:0e:8b:8e:1f:f4:52:2b:c7:
1d:c0:44:12:10:4b:b7:ac:b3:9e:a7:cf:5e:ba:81:9f:e1:4a:
45:e1:00:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNRzNtI5AIMUcvly9LpZJGEP00IUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwMTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MzU3MTAyOWVhZWI5MmM3MDIzNmNkODVmMTA3OTBkNjIxMGJhNzQwYTBi
YWU0Y2Y1ZWZhMjljN2Q1Yjk5MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO6E76efAtVudjeAGB3AkGUUr/IgNbr3YTEaZ/o6evX4XJ4gM4cE9TC8Hrh
iTrpdh1fgUwK4vX7QiPCQuMzoC820Ksi5C9ATQp7jFsbpWp9BXgdxjfPDlBT3q/a
SZczInJ7f7tI66k1fyvmMNKLC4eUxNDeCTma0uXAyfI/7Kl22aV6XTxGfsgenXNK
W1iXqNawoo54xY4v/0P/dQdrjEMsGpZATp5r2rKGjCxH0a1lutPPo+SrvmKWnEkv
wuEaoIUMmvAUnyAr6NbtaVfPl+zcN0+e5aDgySAEnhOBNlGqXysi/FewvIwAUSRh
XG4kcsBV0z6TtWzVAcNe6/ToueMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSISi6d
azDUd2BAqWl4Q2AK24QZdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWFkZGYyZGUtZmEwNS00YzVkLThiNzctNThhM2QzMTJlMmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
gDANBgkqhkiG9w0BAQsFAAOCAQEAwBP1dMdmEaQChyZPSpyaKZBI3DQIJVWO7k8h
6JX3oYMoVrDs6+9+l8D+h3zq3g/5wnoomO5lDlCEe1VOtgHa6u3lZJC3O14Gwj1g
NklPgv6BKhnq78yWbEwcV9uDzPVhyHdHw5QlPndqFSE73pqLkk7c7k5CTz5hJk+F
3CC3kq8Jm9RCsAzakr4qrRbGDRoEkKq7Mf1+a+2cAyb/ZKf4tq5mc3l9xBCMADyV
vEkSHfVu23jVoq2xhivbQSr+LH63iehy/0K+Kv9Rfs8PAJIoPnSEItFx8jDQ2FeO
oQYkIneSJQ6Ljh/0UivHHcBEEhBLt6yznqfPXrqBn+FKReEAlw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:25 2025 by rpki-client