Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acfdcdb7-5b43-4d3e-81fe-f8cd78411d0f.roa
File: acfdcdb7-5b43-4d3e-81fe-f8cd78411d0f.roa (raw, json)
Hash identifier: +rg0bmvNckYV72/RhGpPG4AjDOiIVUdS0bBR1XapNS4=
Subject key identifier: C3:1C:6E:F7:7C:BF:07:0F:AF:B8:C8:59:03:17:BE:C6:9A:B1:C4:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FAFFE45FD5816A9422B20D07B602D5DD8C51E00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acfdcdb7-5b43-4d3e-81fe-f8cd78411d0f.roa
Signing time: Tue 20 May 2025 18:50:43 +0000
ROA not before: Tue 20 May 2025 18:50:43 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:af:fe:45:fd:58:16:a9:42:2b:20:d0:7b:60:2d:5d:d8:c5:1e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:43 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=992d3243c7ab5d373205f3c6209365ef3e26d8bc1819e07a873d5d6531fbc18a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:30:f1:1c:a6:f1:ab:bd:21:d0:43:d5:95:c6:
2a:87:bb:c4:87:c9:40:73:17:7b:b5:27:ee:06:05:
bc:67:53:49:f8:45:e9:25:b7:8f:f9:e1:05:02:e6:
93:b1:17:6a:29:28:56:d0:bf:d4:1d:2f:33:3e:29:
13:0d:79:17:ba:7e:c4:71:fb:55:6c:4c:6f:eb:fb:
d2:48:7b:56:6b:b4:19:74:0c:41:14:b2:bb:17:30:
a7:0a:21:a9:34:f4:36:c6:46:9f:52:c6:db:a1:05:
c8:f5:63:1f:0c:9c:6d:4c:ce:23:97:c0:d1:5a:9b:
23:10:86:fd:d9:4b:91:e1:06:e7:cd:c8:74:76:f1:
01:68:65:3b:82:96:ca:84:59:86:36:ee:ce:e5:26:
4e:5a:5e:32:0e:16:88:21:92:ea:35:32:93:bc:a7:
10:ba:49:49:bb:8f:eb:8b:1f:89:68:01:2f:0f:83:
03:72:07:0e:23:c7:85:1a:ea:ca:73:46:36:2e:7c:
a8:84:49:23:ee:78:8d:63:d7:52:ef:a2:ff:e8:eb:
55:91:32:e7:36:2d:6e:c6:e1:c2:d5:00:8e:cf:05:
b5:82:5d:9c:4f:6c:c8:f5:a9:4b:f9:76:1b:8e:2c:
ab:99:56:7e:43:f7:07:08:60:e9:08:c9:18:49:c2:
bb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:1C:6E:F7:7C:BF:07:0F:AF:B8:C8:59:03:17:BE:C6:9A:B1:C4:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acfdcdb7-5b43-4d3e-81fe-f8cd78411d0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6040::/48
Signature Algorithm: sha256WithRSAEncryption
48:c2:25:3a:8d:c9:e2:cd:91:9a:f2:d2:b7:27:66:c6:ed:50:
3e:cb:a0:36:00:97:ee:8b:6b:62:75:e0:8c:2c:97:d3:12:41:
40:fb:9c:e0:bc:6c:ef:99:96:e0:36:63:d8:c5:b1:54:25:52:
d9:36:4a:94:cd:5e:b8:9d:55:b6:8b:88:f1:7d:fc:e6:97:42:
ba:9a:69:99:de:a2:63:79:08:1f:dd:f5:b5:1f:e5:f3:e2:b9:
82:b8:71:15:25:8e:47:58:38:ee:98:ba:4b:c1:e1:9a:d1:28:
a4:dc:74:d6:e5:8e:06:6e:50:0b:4e:28:31:8e:9b:73:7e:4b:
d7:44:ac:c7:4e:56:08:52:7e:1d:25:4c:97:c1:bb:aa:db:73:
05:43:7e:2c:0b:82:a5:6d:a0:f6:75:44:73:d5:37:29:2a:dd:
58:94:74:20:99:e5:12:30:f1:d2:ba:90:15:5d:35:2f:97:10:
4d:a2:7f:17:78:e0:27:80:0b:ca:02:ab:93:17:9d:6d:c4:79:
07:9c:99:02:d7:1b:72:08:ee:32:0b:8d:28:1b:ff:59:fe:39:
a4:e4:8f:19:36:98:64:05:46:1e:d0:49:3e:0d:6f:40:a7:03:
05:21:be:6c:c8:c2:3c:43:2c:72:1c:c3:22:32:81:c9:9e:00:
65:46:ca:d5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUH6/+Rf1YFqlCKyDQe2AtXdjFHgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwNDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5MmQzMjQzYzdhYjVkMzczMjA1ZjNjNjIwOTM2NWVmM2UyNmQ4YmMxODE5
ZTA3YTg3M2Q1ZDY1MzFmYmMxOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgw8Rym8au9IdBD1ZXGKoe7xIfJQHMXe7Un7gYFvGdTSfhF6SW3j/nhBQLm
k7EXaikoVtC/1B0vMz4pEw15F7p+xHH7VWxMb+v70kh7Vmu0GXQMQRSyuxcwpwoh
qTT0NsZGn1LG26EFyPVjHwycbUzOI5fA0VqbIxCG/dlLkeEG583IdHbxAWhlO4KW
yoRZhjbuzuUmTlpeMg4WiCGS6jUyk7ynELpJSbuP64sfiWgBLw+DA3IHDiPHhRrq
ynNGNi58qIRJI+54jWPXUu+i/+jrVZEy5zYtbsbhwtUAjs8FtYJdnE9syPWpS/l2
G44sq5lWfkP3Bwhg6QjJGEnCuxUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTDHG73
fL8HD6+4yFkDF77GmrHE3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWNmZGNkYjctNWI0My00ZDNlLTgxZmUtZjhjZDc4NDExZDBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
QDANBgkqhkiG9w0BAQsFAAOCAQEASMIlOo3J4s2RmvLStydmxu1QPsugNgCX7otr
YnXgjCyX0xJBQPuc4Lxs75mW4DZj2MWxVCVS2TZKlM1euJ1VtouI8X385pdCuppp
md6iY3kIH931tR/l8+K5grhxFSWOR1g47pi6S8HhmtEopNx01uWOBm5QC04oMY6b
c35L10Ssx05WCFJ+HSVMl8G7qttzBUN+LAuCpW2g9nVEc9U3KSrdWJR0IJnlEjDx
0rqQFV01L5cQTaJ/F3jgJ4ALygKrkxedbcR5B5yZAtcbcgjuMguNKBv/Wf45pOSP
GTaYZAVGHtBJPg1vQKcDBSG+bMjCPEMschzDIjKByZ4AZUbK1Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:51 2025 by rpki-client