Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa
File: aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa (raw, json)
Hash identifier: Y7t18Vnf2cv/bhSGUQHUqbiFwafk1P/Xecu/BgHMpdo=
Subject key identifier: 0D:EF:94:13:F3:6B:29:5F:CE:6C:71:9A:1A:2D:16:E1:02:AC:7B:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1337B6C2D667C2A904E8BD1401C6F2D38C1E9903
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa
Signing time: Tue 20 May 2025 19:40:02 +0000
ROA not before: Tue 20 May 2025 19:40:02 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:37:b6:c2:d6:67:c2:a9:04:e8:bd:14:01:c6:f2:d3:8c:1e:99:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:02 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=16951011a835b8fde7437b20496b0c5fc3930337c6381d385f861884476b7dc1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a4:d6:83:91:a8:b9:ce:ba:cb:4a:b9:8f:d5:
49:10:0b:c8:f0:8a:1a:e7:63:b6:40:a8:95:2d:96:
ad:e8:e0:fd:cb:06:68:33:a3:94:64:d3:a3:bd:32:
b0:88:53:d7:69:b0:3d:73:66:f5:24:37:be:ae:99:
a5:ea:38:a5:23:df:b6:6d:18:cf:fd:46:dd:76:ff:
53:47:a8:fb:2e:8e:9b:8b:bb:56:b5:bc:b2:9c:3b:
f6:b8:df:7f:0b:dc:3d:2f:65:ff:a1:d2:62:45:72:
48:46:d6:7f:d9:c3:a9:e6:fa:34:e9:89:6c:98:a1:
a3:11:dc:b1:62:e1:c6:96:6a:c5:ee:09:70:7d:bc:
22:b0:86:3b:61:db:df:60:06:77:c9:22:45:60:f7:
a3:17:ea:cf:40:6b:03:36:45:9e:f0:ae:45:60:6a:
f0:70:87:3d:1d:2a:1b:e1:7d:fe:7b:5c:c8:2d:03:
41:97:98:1c:e7:b8:1e:5c:ec:40:0c:d6:72:c5:d2:
9f:08:43:17:8d:27:7b:31:9c:88:78:b4:2b:07:59:
fa:0d:8c:9b:e6:a5:33:05:cf:97:7d:87:73:b3:01:
39:02:ce:ea:da:7c:fa:0b:87:d5:af:0c:27:4d:4d:
15:84:d0:bf:09:26:ee:f2:3e:39:f0:f5:c9:9c:7d:
6a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:EF:94:13:F3:6B:29:5F:CE:6C:71:9A:1A:2D:16:E1:02:AC:7B:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1080::/46
Signature Algorithm: sha256WithRSAEncryption
94:81:e1:18:1a:cf:2f:5d:74:59:6b:47:92:8f:d7:96:cc:dd:
b4:a4:bb:f6:a9:16:ce:c9:64:40:2e:5d:ef:6f:f2:a5:6c:3d:
47:4e:3e:cb:dc:c3:9b:ae:b8:f7:a2:4e:a6:9f:5d:d8:b1:1d:
fa:f6:b5:fb:93:18:a0:79:43:6c:a1:50:2b:9e:fd:64:8b:ac:
64:d1:60:80:0b:c7:0f:e8:0d:72:5f:b0:c6:57:d8:44:08:ef:
d3:6d:db:cc:3c:6a:6f:5b:44:71:b2:7e:d8:f3:37:0c:04:2d:
06:3d:33:6e:ad:fb:f2:56:8b:e1:95:77:c1:bf:bc:c2:0c:50:
40:c6:0c:f9:ef:b0:7d:99:04:7d:8e:af:2b:8f:2e:36:2e:73:
7d:27:1a:c9:ca:e1:f6:5c:97:0f:c1:76:27:39:0f:fe:2f:5e:
e3:b0:e6:8e:b2:f4:09:0c:0a:7f:9c:f0:c7:c4:9b:bb:8a:71:
ec:54:c8:08:48:d8:1f:21:65:e8:0d:a2:10:91:85:38:ff:fb:
3a:ff:0d:8c:83:53:fd:5d:b8:9c:b6:cb:bd:6a:3f:b5:f6:3c:
4e:20:24:43:d4:35:28:1e:11:42:d2:3a:72:e7:2c:28:c4:75:
18:88:63:3f:a2:b6:b0:50:d8:99:ab:c9:19:29:56:a0:27:af:
8e:61:6b:6f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEze2wtZnwqkE6L0UAcby04wemQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwMDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2OTUxMDExYTgzNWI4ZmRlNzQzN2IyMDQ5NmIwYzVmYzM5MzAzMzdjNjM4
MWQzODVmODYxODg0NDc2YjdkYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKak1oORqLnOustKuY/VSRALyPCKGudjtkColS2Wrejg/csGaDOjlGTTo70y
sIhT12mwPXNm9SQ3vq6Zpeo4pSPftm0Yz/1G3Xb/U0eo+y6Om4u7VrW8spw79rjf
fwvcPS9l/6HSYkVySEbWf9nDqeb6NOmJbJihoxHcsWLhxpZqxe4JcH28IrCGO2Hb
32AGd8kiRWD3oxfqz0BrAzZFnvCuRWBq8HCHPR0qG+F9/ntcyC0DQZeYHOe4Hlzs
QAzWcsXSnwhDF40nezGciHi0KwdZ+g2Mm+alMwXPl32Hc7MBOQLO6tp8+guH1a8M
J01NFYTQvwkm7vI+OfD1yZx9akECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQN75QT
82spX85scZoaLRbhAqx78zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWViOTQyZDEtZTVmMi00N2RkLWJkMjYtN2I5OWY3MDI2N2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAlIHhGBrPL110WWtHko/XlszdtKS79qkWzslk
QC5d72/ypWw9R04+y9zDm66496JOpp9d2LEd+va1+5MYoHlDbKFQK579ZIusZNFg
gAvHD+gNcl+wxlfYRAjv023bzDxqb1tEcbJ+2PM3DAQtBj0zbq378laL4ZV3wb+8
wgxQQMYM+e+wfZkEfY6vK48uNi5zfScaycrh9lyXD8F2JzkP/i9e47DmjrL0CQwK
f5zwx8Sbu4px7FTICEjYHyFl6A2iEJGFOP/7Ov8NjINT/V24nLbLvWo/tfY8TiAk
Q9Q1KB4RQtI6cucsKMR1GIhjP6K2sFDYmavJGSlWoCevjmFrbw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:25 2025 by rpki-client