Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acd7954f-99ee-4af0-9763-11271381925f.roa
File: acd7954f-99ee-4af0-9763-11271381925f.roa (raw, json)
Hash identifier: jr4rrwqtLgpkUlSg1XUouwpuWXsvzFj79r1ur0aTvMI=
Subject key identifier: EC:31:7D:FE:01:42:D5:7E:E2:C3:A3:DD:FB:10:34:DF:96:E4:18:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FE0CD73EA704866A0435CB47FD29735E2EC1DBC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acd7954f-99ee-4af0-9763-11271381925f.roa
Signing time: Tue 20 May 2025 19:21:03 +0000
ROA not before: Tue 20 May 2025 19:21:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:5080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:e0:cd:73:ea:70:48:66:a0:43:5c:b4:7f:d2:97:35:e2:ec:1d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a03ec43bd0713156db705fb8e8db3666bd4566d3637389d8f3d502242ebefc9b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8a:93:fa:20:75:89:d1:c9:07:16:7f:09:f1:
ca:c4:17:de:d1:ee:cc:2b:65:81:64:a4:cc:f3:27:
55:b4:54:c9:55:c8:9c:96:b5:2e:9e:7a:58:32:5b:
48:85:b2:e8:40:2f:32:88:ad:1e:5f:e9:e6:1b:00:
f9:a4:c4:d8:0c:4a:1a:7e:4b:be:da:66:05:e6:f2:
d4:d1:e9:f3:bc:9b:91:04:35:c6:97:dd:66:2f:bf:
9a:77:5a:d0:1c:e1:33:6e:5f:21:e0:b0:48:7a:b5:
32:66:67:da:27:d5:de:2e:a5:93:01:81:ca:33:73:
3e:1c:b8:1b:4c:c3:86:f9:ef:66:f9:cc:23:15:33:
ee:ea:96:d7:b0:e0:a6:f1:6b:61:f0:13:7c:58:05:
59:6c:b1:ba:3d:70:55:ea:de:7f:55:fa:4b:02:55:
43:96:ac:b6:8d:07:19:c6:c2:c3:13:5c:6b:67:ba:
04:5c:60:7d:51:99:96:83:bb:78:a7:f5:62:ea:99:
ee:b7:0f:bc:1f:bb:7d:e2:d3:c5:13:63:17:a7:c1:
35:a1:d8:2b:34:07:3b:6c:61:d4:e0:02:11:39:3f:
dd:3f:24:bf:2a:85:69:5c:26:02:9f:83:d5:67:a6:
e4:11:ca:a9:1e:9d:f2:ef:a5:f5:82:36:1e:ea:88:
4c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:31:7D:FE:01:42:D5:7E:E2:C3:A3:DD:FB:10:34:DF:96:E4:18:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acd7954f-99ee-4af0-9763-11271381925f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:5080::/46
Signature Algorithm: sha256WithRSAEncryption
b6:d7:ce:8f:cf:99:1a:4b:e5:93:5c:5c:0a:16:86:e5:db:df:
cc:24:c3:60:ff:2e:7e:19:55:da:70:fb:ca:aa:e5:12:c1:f4:
3e:75:f1:69:b2:06:b1:f5:cc:6e:d1:72:4a:c6:b5:6e:40:65:
2f:7a:b7:17:da:22:65:71:0e:26:f3:0a:f2:d8:09:97:c7:d6:
2a:13:2a:16:26:2f:f5:32:7a:54:fd:c3:53:44:7d:47:9e:2b:
27:ae:63:90:f4:98:b2:68:b9:db:ea:fa:10:f2:07:7c:19:c1:
c1:26:6b:ba:a1:7e:64:0f:d7:f4:7a:49:34:3e:02:48:38:0c:
0c:94:a6:3f:38:ef:91:36:80:36:ed:4c:e2:dd:53:ac:50:30:
15:11:bb:fd:ee:30:7b:09:ee:a7:3e:79:f6:ae:16:02:81:af:
8e:53:1d:15:80:8c:c8:f7:71:13:24:68:f0:72:99:1a:a3:8d:
4d:00:39:a4:4c:0e:da:d2:8b:f4:9f:84:03:0e:c0:c7:fe:41:
4b:4f:97:c7:69:55:42:c7:0d:47:bd:81:f4:ee:e2:d5:dc:38:
51:df:01:7c:a4:1a:fc:12:1e:21:9d:d9:0c:fa:cd:58:70:4a:
74:25:29:d7:28:f3:5b:cb:d3:a9:49:71:72:42:bc:58:d8:5e:
72:c8:23:d2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP+DNc+pwSGagQ1y0f9KXNeLsHbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwM2VjNDNiZDA3MTMxNTZkYjcwNWZiOGU4ZGIzNjY2YmQ0NTY2ZDM2Mzcz
ODlkOGYzZDUwMjI0MmViZWZjOWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeKk/ogdYnRyQcWfwnxysQX3tHuzCtlgWSkzPMnVbRUyVXInJa1Lp56WDJb
SIWy6EAvMoitHl/p5hsA+aTE2AxKGn5LvtpmBeby1NHp87ybkQQ1xpfdZi+/mnda
0BzhM25fIeCwSHq1MmZn2ifV3i6lkwGByjNzPhy4G0zDhvnvZvnMIxUz7uqW17Dg
pvFrYfATfFgFWWyxuj1wVeref1X6SwJVQ5asto0HGcbCwxNca2e6BFxgfVGZloO7
eKf1YuqZ7rcPvB+7feLTxRNjF6fBNaHYKzQHO2xh1OACETk/3T8kvyqFaVwmAp+D
1Wem5BHKqR6d8u+l9YI2HuqITEsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTsMX3+
AULVfuLDo937EDTfluQYJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWNkNzk1NGYtOTllZS00YWYwLTk3NjMtMTEyNzEzODE5MjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAttfOj8+ZGkvlk1xcChaG5dvfzCTDYP8ufhlV
2nD7yqrlEsH0PnXxabIGsfXMbtFySsa1bkBlL3q3F9oiZXEOJvMK8tgJl8fWKhMq
FiYv9TJ6VP3DU0R9R54rJ65jkPSYsmi52+r6EPIHfBnBwSZruqF+ZA/X9HpJND4C
SDgMDJSmPzjvkTaANu1M4t1TrFAwFRG7/e4wewnupz559q4WAoGvjlMdFYCMyPdx
EyRo8HKZGqONTQA5pEwO2tKL9J+EAw7Ax/5BS0+Xx2lVQscNR72B9O7i1dw4Ud8B
fKQa/BIeIZ3ZDPrNWHBKdCUp1yjzW8vTqUlxckK8WNhecsgj0g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:39 2025 by rpki-client