Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
File: b0fb422a-c1ce-4269-b503-2c8145fc798a.roa (raw, json)
Hash identifier: c1gT4bw+K0Nxo2HV7IdRoKEnhc3+yOTbGkWRemptRsA=
Subject key identifier: 09:5C:E0:12:42:45:BE:CF:94:7D:3F:CF:96:26:E9:01:2E:AD:40:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C37EC56204DB87FBA1284D3113B7EC5B48E24E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
Signing time: Tue 20 May 2025 19:10:48 +0000
ROA not before: Tue 20 May 2025 19:10:48 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:37:ec:56:20:4d:b8:7f:ba:12:84:d3:11:3b:7e:c5:b4:8e:24:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:48 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=76360cf16362dcdc9f6a8704a214f5b800aa002fbe4c7b14e14878fb5f6a52dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b3:c8:9c:f8:b0:5c:e9:41:d7:c2:9b:4b:37:
f1:d2:59:fc:24:03:a1:86:be:25:53:c2:b5:20:e8:
ef:8c:aa:72:b4:e4:5e:80:5e:48:b0:f2:d3:34:65:
0b:34:1d:11:30:ec:52:33:3c:9a:a6:9c:33:cb:d5:
2b:52:3a:fd:21:d0:37:8c:ca:0b:2d:c5:0c:15:bd:
f9:a5:05:63:43:f5:85:c4:5e:9d:3b:99:6a:37:f9:
3a:bf:c0:b9:e2:19:98:48:79:db:8a:e7:42:0c:ef:
d8:09:dc:3a:41:c6:1b:99:86:6e:a5:42:6f:f7:71:
ed:b6:c6:24:11:f0:62:04:32:c3:53:d6:5f:41:ac:
93:a2:8a:32:0a:f7:53:f3:45:f8:3d:67:e3:ff:c0:
95:08:78:27:59:36:af:d7:39:45:ac:f8:0b:ed:f7:
1e:ef:9a:d0:5f:77:97:07:66:79:12:a4:8e:b3:7a:
30:dd:b8:39:f4:8d:bb:e4:1d:32:d4:a5:5a:cc:73:
46:13:4b:db:a6:41:60:67:08:7c:c2:4d:38:bf:9f:
3f:28:d5:37:87:04:b9:c2:18:2e:97:a0:c0:a2:1e:
46:85:ad:93:6f:d9:59:f0:e8:e7:cb:e1:9b:8e:e9:
74:38:fb:7e:7d:63:11:1d:2c:69:4f:d4:ac:01:b0:
ac:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:5C:E0:12:42:45:BE:CF:94:7D:3F:CF:96:26:E9:01:2E:AD:40:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a020::/48
Signature Algorithm: sha256WithRSAEncryption
4f:aa:a3:1c:ee:5b:d8:56:4e:1c:fa:01:9d:fe:de:01:b8:23:
4b:3e:55:3e:8c:2b:1e:d0:31:ef:5b:eb:de:06:37:00:4f:f3:
40:58:1a:a3:83:97:fb:cf:33:50:d5:4d:7c:40:8e:af:17:ef:
cb:91:37:1f:ce:81:a1:dc:59:a5:e7:4a:c6:2f:b2:a3:6d:86:
67:fa:18:ad:63:12:0a:ef:6f:b7:d6:02:12:72:68:12:b9:1f:
93:a1:c5:c4:d8:71:b9:29:d2:67:eb:49:fa:fe:9d:0a:d4:db:
f2:dd:c7:d2:6e:cf:90:22:58:44:e1:1b:75:a4:0e:38:20:b4:
a9:29:b5:a1:20:1e:8c:2f:ff:ae:45:0b:50:57:0b:14:f5:34:
f1:55:75:18:3c:9e:53:68:83:f4:ac:ed:2f:dc:d1:f2:f4:15:
37:1f:02:61:5e:7b:a1:21:c9:6d:0f:7e:f3:ee:60:b3:21:51:
c8:23:7a:f5:95:75:e9:81:f9:2e:fd:d1:aa:b4:84:40:53:19:
79:cf:95:0c:62:3a:9e:08:c7:db:2b:9e:af:2f:b0:30:6b:93:
61:3a:6a:a2:f1:41:70:98:af:12:a1:80:ac:3f:20:48:34:9a:
05:1c:a7:a3:ec:96:3e:58:ca:f1:c7:02:de:68:64:e6:11:17:
bd:7e:73:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHDfsViBNuH+6EoTTETt+xbSOJOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwNDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2MzYwY2YxNjM2MmRjZGM5ZjZhODcwNGEyMTRmNWI4MDBhYTAwMmZiZTRj
N2IxNGUxNDg3OGZiNWY2YTUyZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALizyJz4sFzpQdfCm0s38dJZ/CQDoYa+JVPCtSDo74yqcrTkXoBeSLDy0zRl
CzQdETDsUjM8mqacM8vVK1I6/SHQN4zKCy3FDBW9+aUFY0P1hcRenTuZajf5Or/A
ueIZmEh524rnQgzv2AncOkHGG5mGbqVCb/dx7bbGJBHwYgQyw1PWX0Gsk6KKMgr3
U/NF+D1n4//AlQh4J1k2r9c5Raz4C+33Hu+a0F93lwdmeRKkjrN6MN24OfSNu+Qd
MtSlWsxzRhNL26ZBYGcIfMJNOL+fPyjVN4cEucIYLpegwKIeRoWtk2/ZWfDo58vh
m47pdDj7fn1jER0saU/UrAGwrGECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQJXOAS
QkW+z5R9P8+WJukBLq1AoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBmYjQyMmEtYzFjZS00MjY5LWI1MDMtMmM4MTQ1ZmM3OThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
IDANBgkqhkiG9w0BAQsFAAOCAQEAT6qjHO5b2FZOHPoBnf7eAbgjSz5VPowrHtAx
71vr3gY3AE/zQFgao4OX+88zUNVNfECOrxfvy5E3H86BodxZpedKxi+yo22GZ/oY
rWMSCu9vt9YCEnJoErkfk6HFxNhxuSnSZ+tJ+v6dCtTb8t3H0m7PkCJYROEbdaQO
OCC0qSm1oSAejC//rkULUFcLFPU08VV1GDyeU2iD9KztL9zR8vQVNx8CYV57oSHJ
bQ9+8+5gsyFRyCN69ZV16YH5Lv3RqrSEQFMZec+VDGI6ngjH2yuery+wMGuTYTpq
ovFBcJivEqGArD8gSDSaBRyno+yWPljK8ccC3mhk5hEXvX5zKg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:26 2025 by rpki-client