Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
File: b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa (raw, json)
Hash identifier: E3Q2LioooOghCs6qbexA99rwBPXtmWA301YeN9AsIS4=
Subject key identifier: D9:3C:7A:AA:E9:9A:98:6F:CD:46:B4:7B:E6:62:60:7D:54:D4:4E:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E207BB2C856976B11A18DE93DA83F42E9C67C78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
Signing time: Tue 20 May 2025 19:40:49 +0000
ROA not before: Tue 20 May 2025 19:40:49 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:50c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:20:7b:b2:c8:56:97:6b:11:a1:8d:e9:3d:a8:3f:42:e9:c6:7c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:49 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=18dc775d730f2fe27ae269ea9769b84a565b4730d7337a50df199d18d72c13f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6d:84:ab:a9:d4:fc:30:30:50:89:47:74:1e:
06:4e:ba:a9:3a:4b:70:6e:0d:70:da:a1:a8:38:97:
2e:52:c6:99:76:5e:07:03:64:2c:a2:40:aa:b3:93:
2f:36:3f:a0:87:1d:b2:e7:f4:58:cd:24:1c:0a:7f:
b4:34:73:21:5d:42:0d:a1:9a:d2:3d:29:3c:0b:3e:
0a:21:90:97:26:73:b2:8b:93:80:6d:81:43:97:db:
64:fc:bb:fa:b8:9d:99:08:0d:b1:f3:b1:7c:34:53:
c6:f1:41:61:95:84:bf:75:f5:57:91:69:cc:2e:5f:
9a:bf:43:5d:8e:8d:5a:86:3b:19:11:88:65:a5:88:
79:a9:e9:2e:9e:99:18:a0:cc:c6:70:92:76:b1:81:
d6:20:aa:a1:1d:c4:c3:01:b6:fb:7a:fd:c9:7e:ec:
17:23:17:d5:63:c8:a0:27:2f:2a:2f:9f:48:e6:5b:
2c:c0:17:c0:fa:30:4f:33:4a:cd:e9:47:88:b9:41:
de:93:fe:46:6c:f2:8b:b7:ce:5e:93:b3:c7:b6:f1:
3d:53:5c:e3:d8:e0:c3:bc:49:15:3e:24:72:de:eb:
bb:9d:19:a1:73:19:98:be:d5:c1:34:d6:21:9a:4c:
13:8c:cf:4f:3e:ac:f7:4e:99:bb:13:ed:81:e2:aa:
32:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3C:7A:AA:E9:9A:98:6F:CD:46:B4:7B:E6:62:60:7D:54:D4:4E:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0b5c8de-482f-4cb1-ae74-9fec0025fd05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
87:ba:e8:94:dd:c9:5c:29:40:72:f4:75:7e:32:0f:18:29:61:
a5:2f:e4:45:8f:1c:a8:e0:5f:5d:38:1d:0f:ee:77:46:ed:de:
8a:e5:55:e4:78:27:fa:5e:8e:f1:db:9f:0c:1d:c0:d6:67:51:
05:d4:41:95:ca:74:6e:85:2f:be:b3:a3:a0:c9:7f:c0:bf:44:
03:36:db:d6:0a:f7:1e:f1:47:5a:c6:91:d0:66:84:85:a8:4e:
d8:cf:9e:a6:38:7f:e3:8c:0f:92:f3:05:50:07:04:1b:6f:52:
9f:c4:25:69:76:13:5a:b1:db:25:71:0e:4f:28:f4:b3:14:c6:
72:50:45:f6:85:fa:f4:1c:11:02:12:77:59:a9:12:4a:81:5c:
9e:74:25:07:18:e4:2c:24:36:96:e7:3c:2d:87:69:9f:f0:90:
3c:c2:40:c0:f4:2f:e7:c1:36:15:c6:02:9a:d1:10:78:72:6e:
69:e4:47:79:54:3c:4b:29:be:78:17:0b:25:87:d5:ad:ba:4e:
bc:97:4a:85:2c:11:c2:06:5b:b6:d7:43:03:06:f0:3c:8e:97:
04:74:58:28:8c:69:c6:e7:f2:ad:57:4b:9a:53:8b:3c:72:26:
53:ff:fb:80:51:e3:09:98:58:03:c8:b2:b0:27:5b:5a:a7:44:
70:5b:2f:0a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfiB7sshWl2sRoY3pPag/QunGfHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwNDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4ZGM3NzVkNzMwZjJmZTI3YWUyNjllYTk3NjliODRhNTY1YjQ3MzBkNzMz
N2E1MGRmMTk5ZDE4ZDcyYzEzZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRthKup1PwwMFCJR3QeBk66qTpLcG4NcNqhqDiXLlLGmXZeBwNkLKJAqrOT
LzY/oIcdsuf0WM0kHAp/tDRzIV1CDaGa0j0pPAs+CiGQlyZzsouTgG2BQ5fbZPy7
+ridmQgNsfOxfDRTxvFBYZWEv3X1V5FpzC5fmr9DXY6NWoY7GRGIZaWIeanpLp6Z
GKDMxnCSdrGB1iCqoR3EwwG2+3r9yX7sFyMX1WPIoCcvKi+fSOZbLMAXwPowTzNK
zelHiLlB3pP+Rmzyi7fOXpOzx7bxPVNc49jgw7xJFT4kct7ru50ZoXMZmL7VwTTW
IZpME4zPTz6s906ZuxPtgeKqMh8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTZPHqq
6ZqYb81GtHvmYmB9VNRODjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBiNWM4ZGUtNDgyZi00Y2IxLWFlNzQtOWZlYzAwMjVmZDA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAh7rolN3JXClAcvR1fjIPGClhpS/kRY8cqOBf
XTgdD+53Ru3eiuVV5Hgn+l6O8dufDB3A1mdRBdRBlcp0boUvvrOjoMl/wL9EAzbb
1gr3HvFHWsaR0GaEhahO2M+epjh/44wPkvMFUAcEG29Sn8QlaXYTWrHbJXEOTyj0
sxTGclBF9oX69BwRAhJ3WakSSoFcnnQlBxjkLCQ2luc8LYdpn/CQPMJAwPQv58E2
FcYCmtEQeHJuaeRHeVQ8Sym+eBcLJYfVrbpOvJdKhSwRwgZbttdDAwbwPI6XBHRY
KIxpxufyrVdLmlOLPHImU//7gFHjCZhYA8iysCdbWqdEcFsvCg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:25 2025 by rpki-client