Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json)
Hash identifier: /w9S0DYuj9yAxlHRrStSAFNH2+9ZOXENP8MQWp6T6hg=
Subject key identifier: 66:06:B4:07:5B:6A:D5:51:97:1C:49:90:D1:C0:DB:C3:FC:B0:58:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C46260B89F9A019F57C14E9AE9CBB5FE25A74DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
Signing time: Tue 20 May 2025 19:10:05 +0000
ROA not before: Tue 20 May 2025 19:10:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:46:26:0b:89:f9:a0:19:f5:7c:14:e9:ae:9c:bb:5f:e2:5a:74:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ed9b555d91262c152423c5b144b73b743684e6d4c3b69150bbaf1232a29ac4da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a0:23:c2:ab:02:c0:40:a6:c7:d4:46:f3:38:
44:60:60:85:f7:9b:1a:cb:11:00:94:6e:a7:82:cc:
1c:bb:82:c3:89:7d:31:66:d9:1b:70:32:aa:53:44:
ca:4a:53:c0:b9:f0:7a:be:af:09:6f:5f:08:2d:7b:
59:c4:6a:73:ce:93:39:0a:92:e6:70:cc:a5:0f:57:
9e:da:b5:ac:63:ce:80:c7:04:ab:38:11:57:90:ef:
9a:f2:54:5f:06:16:ba:7e:36:7b:e0:33:f5:a6:26:
4a:03:27:00:1b:6c:cb:8f:c5:08:94:b2:39:6a:65:
e0:90:a0:e8:db:2f:ab:f4:0a:49:72:a6:78:4f:ea:
08:22:1f:86:a6:a3:51:6d:d2:72:94:f4:d4:45:6e:
6b:5f:dd:c0:c8:fe:5d:57:1d:77:15:ec:d8:60:72:
2a:ce:ab:8c:6b:44:48:21:37:e0:11:91:c5:3f:9f:
c4:46:12:73:52:ea:db:de:34:18:6b:f5:2b:88:6e:
00:25:5b:4d:9b:61:8c:d4:2b:c9:bf:58:87:9a:39:
46:52:13:64:3b:1c:71:a4:cb:33:e5:a2:e5:32:99:
f1:fb:f9:7e:7b:1a:bb:23:4c:3c:d1:37:89:c3:61:
9e:b7:47:0b:26:be:5d:8b:a8:24:68:94:26:29:6d:
83:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:06:B4:07:5B:6A:D5:51:97:1C:49:90:D1:C0:DB:C3:FC:B0:58:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2080::/48
Signature Algorithm: sha256WithRSAEncryption
9f:83:42:ff:97:f8:fa:03:fb:5f:5d:10:f7:fb:4e:07:ef:4f:
b6:46:dc:07:8e:cf:7f:54:c7:7a:3f:4b:59:da:31:46:73:07:
a5:ab:50:ff:b1:da:95:5b:30:8e:4a:a2:15:8c:7f:ba:98:6a:
c2:5d:40:bc:b3:68:82:02:eb:48:a2:ce:fa:0e:e0:9e:f6:b8:
27:6d:30:28:ee:1a:97:49:18:0f:aa:63:b8:48:c1:f5:f1:c3:
d6:88:28:0d:1b:b0:6d:3c:c6:30:20:9f:d4:5c:c7:ab:a0:1d:
33:c0:49:98:fb:c1:b2:6a:8a:e3:37:87:91:39:a0:10:1a:8f:
07:08:42:1e:3a:f7:b8:1b:de:ce:be:d9:a8:f5:86:e7:e3:d7:
1b:20:fc:15:35:11:60:7a:7f:ed:28:08:b8:a8:78:35:aa:f6:
0a:89:f2:04:01:62:6e:07:fb:12:ce:9a:3e:ad:81:da:2f:1d:
df:e4:83:f7:0e:82:72:26:e7:2b:e6:9a:46:eb:37:16:b0:52:
2a:95:d0:d9:98:a8:4f:c3:84:af:0b:1b:10:e3:0b:3f:d4:98:
54:5b:55:57:8d:ba:55:b6:da:71:0c:7b:6e:42:fe:99:63:4e:
11:30:e1:ef:6f:dd:6a:a5:53:78:0c:fe:a4:78:61:26:4c:b4:
62:77:a8:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXEYmC4n5oBn1fBTprpy7X+JadNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkOWI1NTVkOTEyNjJjMTUyNDIzYzViMTQ0YjczYjc0MzY4NGU2ZDRjM2I2
OTE1MGJiYWYxMjMyYTI5YWM0ZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALugI8KrAsBApsfURvM4RGBghfebGssRAJRup4LMHLuCw4l9MWbZG3AyqlNE
ykpTwLnwer6vCW9fCC17WcRqc86TOQqS5nDMpQ9Xntq1rGPOgMcEqzgRV5DvmvJU
XwYWun42e+Az9aYmSgMnABtsy4/FCJSyOWpl4JCg6Nsvq/QKSXKmeE/qCCIfhqaj
UW3ScpT01EVua1/dwMj+XVcddxXs2GByKs6rjGtESCE34BGRxT+fxEYSc1Lq2940
GGv1K4huACVbTZthjNQryb9Yh5o5RlITZDsccaTLM+Wi5TKZ8fv5fnsauyNMPNE3
icNhnrdHCya+XYuoJGiUJiltg/0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRmBrQH
W2rVUZccSZDRwNvD/LBYhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
gDANBgkqhkiG9w0BAQsFAAOCAQEAn4NC/5f4+gP7X10Q9/tOB+9PtkbcB47Pf1TH
ej9LWdoxRnMHpatQ/7HalVswjkqiFYx/uphqwl1AvLNoggLrSKLO+g7gnva4J20w
KO4al0kYD6pjuEjB9fHD1ogoDRuwbTzGMCCf1FzHq6AdM8BJmPvBsmqK4zeHkTmg
EBqPBwhCHjr3uBvezr7ZqPWG5+PXGyD8FTURYHp/7SgIuKh4Nar2ConyBAFibgf7
Es6aPq2B2i8d3+SD9w6CcibnK+aaRus3FrBSKpXQ2ZioT8OErwsbEOMLP9SYVFtV
V426VbbacQx7bkL+mWNOETDh72/daqVTeAz+pHhhJky0YneoQw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:26 2025 by rpki-client