Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
File: b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa (raw, json)
Hash identifier: axLmGh7Z58Y1A5PXyXuojAyBoCS2xfETNisxazJs9sI=
Subject key identifier: 1B:4C:8B:E5:47:E3:16:73:E3:62:E3:78:DC:5B:A7:CD:54:BB:27:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C5545D71816A7C6B014BD561CC4FC17941404C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
Signing time: Tue 20 May 2025 19:00:57 +0000
ROA not before: Tue 20 May 2025 19:00:57 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:55:45:d7:18:16:a7:c6:b0:14:bd:56:1c:c4:fc:17:94:14:04:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:57 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=60c3b02e673ab7739a230f82386ed6c034fe63ceb0a4a7f15224d51ded407302, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:77:61:fc:00:f6:c7:b4:1e:e7:7b:97:13:63:
4d:af:c3:96:a6:c6:55:fc:ac:4f:bb:b6:50:57:2c:
c4:53:88:6d:14:8d:f2:97:dd:f2:58:f3:bd:72:34:
2e:fc:36:c1:16:4a:43:22:c9:83:58:90:89:2d:f3:
ef:71:84:94:0a:5f:a4:ed:c2:31:c7:36:8e:e0:ee:
15:0a:50:21:1f:4e:d0:5c:30:c1:5f:3a:6e:ea:5e:
f7:27:b6:e6:1b:93:7c:f0:b9:e7:b9:3b:ab:7d:d9:
8f:6b:ab:35:32:75:b6:8c:21:c8:ed:48:16:c0:74:
a6:24:30:1b:86:96:9a:33:ae:30:ef:81:d8:e0:87:
74:a0:e3:6b:2b:60:3c:ee:bf:eb:12:43:9a:27:34:
fb:9c:ab:ba:34:ec:f9:ba:99:63:04:71:6c:e6:6a:
5c:1b:1b:33:20:79:ff:52:a3:c2:65:e9:36:7c:cf:
ed:15:c4:a4:0e:67:ce:da:55:f1:f5:48:83:8f:e8:
27:2c:35:70:43:50:3a:10:17:d9:29:f4:bb:a2:2e:
ce:ff:5b:4e:da:77:63:ec:d3:7c:13:f9:b0:37:85:
25:28:98:1a:6b:89:12:e8:3d:cb:52:f5:4d:d0:51:
07:3b:65:9d:9c:bb:e5:0b:61:80:fe:79:48:06:90:
5f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:4C:8B:E5:47:E3:16:73:E3:62:E3:78:DC:5B:A7:CD:54:BB:27:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c080::/48
Signature Algorithm: sha256WithRSAEncryption
a7:4b:0b:63:cc:a5:44:f4:a8:36:78:27:51:41:f6:6c:1d:ab:
be:9a:04:cd:10:bb:8e:01:64:9b:4c:02:8a:84:7b:77:ff:6b:
70:2a:8c:99:86:cb:9c:f1:e9:d4:52:25:5b:b5:a0:09:7b:26:
83:af:c8:5c:51:95:76:6a:e1:b2:e0:65:f0:02:76:d3:b6:97:
32:de:29:e9:fc:ec:09:b4:dc:a8:35:43:e8:7c:8c:90:9f:b9:
44:c0:fe:c4:c3:97:75:ba:81:c3:c8:60:0f:e2:83:06:9d:45:
b8:a7:b6:85:eb:b9:11:5d:4f:f6:3e:7c:27:11:1a:ce:14:90:
68:90:bd:aa:51:7e:5d:92:42:46:5d:14:17:55:47:2a:b9:1c:
da:7a:a8:24:da:fc:0f:5e:d1:12:e9:d8:6a:ea:8b:d5:f1:b9:
ca:c3:0a:7e:06:66:df:54:1f:51:a6:3a:b1:a4:f4:f7:96:38:
a6:45:9d:b0:de:58:79:55:ed:fd:77:62:03:5f:bb:e3:27:d9:
56:b0:62:31:5e:48:b7:e6:6d:7c:a1:7c:8c:df:3c:2a:77:11:
f5:4c:93:f8:e8:cd:24:35:0c:fc:ac:33:df:39:42:85:32:6c:
1d:79:ab:2a:4a:13:56:ae:a2:28:7c:6b:11:be:b5:a7:7a:48:
50:fc:b8:d0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHFVF1xgWp8awFL1WHMT8F5QUBMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwNTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwYzNiMDJlNjczYWI3NzM5YTIzMGY4MjM4NmVkNmMwMzRmZTYzY2ViMGE0
YTdmMTUyMjRkNTFkZWQ0MDczMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJV3YfwA9se0Hud7lxNjTa/DlqbGVfysT7u2UFcsxFOIbRSN8pfd8ljzvXI0
Lvw2wRZKQyLJg1iQiS3z73GElApfpO3CMcc2juDuFQpQIR9O0FwwwV86bupe9ye2
5huTfPC557k7q33Zj2urNTJ1towhyO1IFsB0piQwG4aWmjOuMO+B2OCHdKDjaytg
PO6/6xJDmic0+5yrujTs+bqZYwRxbOZqXBsbMyB5/1KjwmXpNnzP7RXEpA5nztpV
8fVIg4/oJyw1cENQOhAX2Sn0u6Iuzv9bTtp3Y+zTfBP5sDeFJSiYGmuJEug9y1L1
TdBRBztlnZy75QthgP55SAaQXz0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQbTIvl
R+MWc+Ni43jcW6fNVLsnSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllYTYyZDYtZGNlMy00Yzc0LWI5MzEtMGNjYTg3Y2NhZGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
gDANBgkqhkiG9w0BAQsFAAOCAQEAp0sLY8ylRPSoNngnUUH2bB2rvpoEzRC7jgFk
m0wCioR7d/9rcCqMmYbLnPHp1FIlW7WgCXsmg6/IXFGVdmrhsuBl8AJ207aXMt4p
6fzsCbTcqDVD6HyMkJ+5RMD+xMOXdbqBw8hgD+KDBp1FuKe2heu5EV1P9j58JxEa
zhSQaJC9qlF+XZJCRl0UF1VHKrkc2nqoJNr8D17REunYauqL1fG5ysMKfgZm31Qf
UaY6saT095Y4pkWdsN5YeVXt/XdiA1+74yfZVrBiMV5It+ZtfKF8jN88KncR9UyT
+OjNJDUM/Kwz3zlChTJsHXmrKkoTVq6iKHxrEb61p3pIUPy40A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:50 2025 by rpki-client