Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
File: ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa (raw, json)
Hash identifier: kaeTMOWnyruOwCYn2p4+qjqrp3PNHmb8OjcNFoj0Qq4=
Subject key identifier: 6A:B3:DD:69:6E:5C:42:7E:6C:C0:DC:24:BE:FB:54:C9:CA:55:31:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39CB8B687AF4CF8276B4524B807EACA9BA83AD56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
Signing time: Tue 20 May 2025 19:01:31 +0000
ROA not before: Tue 20 May 2025 19:01:31 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:cb:8b:68:7a:f4:cf:82:76:b4:52:4b:80:7e:ac:a9:ba:83:ad:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:31 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=9b4abb511ce035bb84616716f8e3d7b424b44186175f3c5d25f40c4982f3a800, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d3:17:e2:ca:74:46:43:14:29:16:33:40:0d:
8d:4c:a4:39:70:44:cf:81:bf:1e:66:d2:6c:8d:4a:
2d:8a:00:ab:dc:63:e4:31:e4:94:b5:6a:8e:27:03:
85:38:95:e2:7c:09:da:4a:01:e1:3a:ff:a9:0b:f2:
f3:13:e2:f0:fa:ff:af:b7:a5:32:76:ea:b6:2d:5e:
08:87:39:a0:8c:57:e1:6c:7e:69:cc:49:8f:86:6e:
d0:05:86:90:1b:10:23:ca:c4:c8:98:69:dd:de:50:
12:a5:17:46:2d:de:c0:c7:12:62:e7:cc:41:ad:28:
f9:de:c3:a7:cf:a2:33:0e:48:d6:fb:94:1a:9a:e2:
be:d8:f9:d3:99:83:f9:a6:78:59:60:46:2c:9f:44:
62:8d:14:34:73:e6:3b:5f:64:35:5f:26:06:9d:b2:
98:2a:fe:26:6e:0f:23:87:32:20:7b:ac:51:98:1c:
c2:fc:38:ae:61:f1:23:20:33:6a:a2:c7:5c:c5:42:
db:bb:93:42:46:6e:c9:ef:e9:a5:25:b1:a0:b1:bb:
39:47:d1:71:b4:48:4f:bf:86:77:f4:d4:26:33:e3:
2a:f0:cc:4c:4d:da:aa:0a:2d:30:56:b8:46:77:52:
2d:fc:0e:bc:23:a0:cf:48:78:ef:69:2f:29:92:c7:
16:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B3:DD:69:6E:5C:42:7E:6C:C0:DC:24:BE:FB:54:C9:CA:55:31:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
ab:82:ec:2f:e7:62:91:16:bf:ba:3d:44:fd:cf:c2:ca:41:02:
2c:f5:4f:03:32:32:9e:0e:0c:76:d7:8d:e9:5d:ad:f7:f2:0f:
06:32:75:01:3e:8f:b4:4e:39:27:27:c2:d0:1e:bc:43:05:32:
e8:8a:94:37:43:a0:dd:15:04:7c:96:33:74:a7:b5:b6:7c:5e:
0c:50:2a:35:11:45:66:4e:37:58:49:51:e7:cf:9b:43:c8:19:
dc:d3:c7:97:3b:60:bf:ed:b4:15:58:eb:83:b0:9e:63:08:08:
06:7f:1a:2f:ae:8b:03:ae:9a:b4:ba:82:be:48:32:31:93:f8:
b1:a4:da:87:77:e8:cc:9c:7b:be:b8:30:ef:6e:00:b6:8d:e1:
cc:2a:6b:63:68:d2:ad:82:bd:97:aa:2f:27:14:e4:e5:ec:f3:
e3:b4:76:e7:f9:75:9f:53:89:bc:8d:aa:d8:5e:49:4a:cf:db:
77:9f:9b:6d:ae:6d:70:f6:4f:57:41:db:50:fb:c3:14:b4:ae:
67:30:64:60:1b:9e:13:92:ce:36:bd:b2:39:6a:3e:29:97:9d:
c7:3c:e2:c4:0f:33:79:4c:d9:18:5b:1e:61:c6:dd:a0:ab:c6:
82:ee:e4:0c:c8:ea:dd:48:ef:9a:95:e6:c4:7e:88:04:b2:62:
9e:db:99:3c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOcuLaHr0z4J2tFJLgH6sqbqDrVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMzFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDliNGFiYjUxMWNlMDM1YmI4NDYxNjcxNmY4ZTNkN2I0MjRiNDQxODYxNzVm
M2M1ZDI1ZjQwYzQ5ODJmM2E4MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbTF+LKdEZDFCkWM0ANjUykOXBEz4G/HmbSbI1KLYoAq9xj5DHklLVqjicD
hTiV4nwJ2koB4Tr/qQvy8xPi8Pr/r7elMnbqti1eCIc5oIxX4Wx+acxJj4Zu0AWG
kBsQI8rEyJhp3d5QEqUXRi3ewMcSYufMQa0o+d7Dp8+iMw5I1vuUGprivtj505mD
+aZ4WWBGLJ9EYo0UNHPmO19kNV8mBp2ymCr+Jm4PI4cyIHusUZgcwvw4rmHxIyAz
aqLHXMVC27uTQkZuye/ppSWxoLG7OUfRcbRIT7+Gd/TUJjPjKvDMTE3aqgotMFa4
RndSLfwOvCOgz0h472kvKZLHFoECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRqs91p
blxCfmzA3CS++1TJylUxwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIyMzJiODYtOWJkNi00MDljLThkZTUtOTJiZmZmMmE4YjVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
wDANBgkqhkiG9w0BAQsFAAOCAQEAq4LsL+dikRa/uj1E/c/CykECLPVPAzIyng4M
dteN6V2t9/IPBjJ1AT6PtE45JyfC0B68QwUy6IqUN0Og3RUEfJYzdKe1tnxeDFAq
NRFFZk43WElR58+bQ8gZ3NPHlztgv+20FVjrg7CeYwgIBn8aL66LA66atLqCvkgy
MZP4saTah3fozJx7vrgw724Ato3hzCprY2jSrYK9l6ovJxTk5ezz47R25/l1n1OJ
vI2q2F5JSs/bd5+bba5tcPZPV0HbUPvDFLSuZzBkYBueE5LONr2yOWo+KZedxzzi
xA8zeUzZGFseYcbdoKvGgu7kDMjq3UjvmpXmxH6IBLJintuZPA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:59 2025 by rpki-client