Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd2e1e8c-032c-4ce2-be27-6b9391bd9722.roa
File: bd2e1e8c-032c-4ce2-be27-6b9391bd9722.roa (raw, json)
Hash identifier: 7H2XmnqKaLzjcmYHle7eLOlpYwp0gs3UcEc0OZabxMY=
Subject key identifier: 8D:E5:52:3B:27:49:5D:23:FF:D1:3F:1C:41:2E:53:B1:A4:40:E3:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 600BEA18A7046C6C4115A5AAAF12962F4E255BCF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd2e1e8c-032c-4ce2-be27-6b9391bd9722.roa
Signing time: Tue 20 May 2025 19:40:32 +0000
ROA not before: Tue 20 May 2025 19:40:32 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:0b:ea:18:a7:04:6c:6c:41:15:a5:aa:af:12:96:2f:4e:25:5b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:32 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1371cda5c11f66bbf58ec67377b7ca15f7e169b48aef349df267e5919eec0ee8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a2:ff:7b:fc:2f:ad:4d:f4:6e:a0:00:88:1d:
69:b3:1e:eb:08:f9:73:74:f8:a8:aa:3a:f3:1d:e8:
ea:97:5a:43:c4:09:a3:be:cf:9f:50:11:3c:cf:e0:
25:47:cc:8f:d1:6b:68:e4:0b:26:67:7a:c0:be:cd:
64:8c:77:06:9d:b1:00:b5:84:99:a8:69:93:a2:fe:
42:81:b6:73:64:69:0c:e8:17:af:b9:c3:94:24:0f:
b2:fd:f6:ea:5e:e8:a1:46:b7:7d:d0:f4:5b:2d:cd:
65:70:40:ee:76:11:e2:11:61:45:1b:6b:e0:d6:af:
6a:1b:75:8a:b5:72:52:4f:75:d6:86:39:cc:6a:f9:
3f:22:1e:0d:86:e0:81:19:59:51:eb:fe:66:0a:1b:
56:25:f5:86:51:43:e1:12:bb:e1:4f:4f:22:31:69:
c6:87:61:d0:c6:b2:a2:26:b4:fe:c4:e5:94:c7:64:
03:2f:e4:93:11:da:5b:06:ae:41:1a:cd:99:fd:70:
2b:38:e1:44:1b:ff:67:7d:55:ae:36:fe:79:c2:cb:
49:7d:b8:b7:76:ad:e3:e2:37:e9:c8:7e:15:d8:87:
ed:34:86:c4:81:54:f7:c7:cf:67:1b:f6:da:b0:70:
5d:aa:d5:e2:1f:6f:94:cb:74:fa:08:7b:83:c7:2b:
8b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E5:52:3B:27:49:5D:23:FF:D1:3F:1C:41:2E:53:B1:A4:40:E3:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd2e1e8c-032c-4ce2-be27-6b9391bd9722.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c0c0::/46
Signature Algorithm: sha256WithRSAEncryption
47:3f:ce:dd:60:a9:b7:03:43:91:d5:5e:16:84:39:9b:1b:57:
c7:3c:5b:49:6a:6e:1b:3f:88:ea:6a:5b:a9:fd:c8:56:cd:68:
42:20:96:3e:d0:8e:62:52:13:c5:27:c1:23:ba:e3:6b:d9:d5:
31:2f:13:68:a6:0b:42:45:d4:41:91:7a:e6:cd:79:65:2f:a2:
25:ec:ee:c5:75:f3:99:53:d6:b9:18:b5:bc:c9:7e:57:0b:4f:
1e:29:07:9b:98:56:ec:d5:e4:df:e9:14:8e:7c:1c:41:04:d8:
9a:d6:82:ac:fa:8e:e9:16:16:29:8b:a8:00:09:6a:89:57:a6:
2d:5a:1e:b3:f8:0b:21:7c:cb:dd:47:a3:bd:4d:36:f1:ee:1f:
d7:e3:08:94:01:46:b8:ec:19:38:b7:66:66:d7:2b:c8:a4:9d:
02:ab:48:74:31:3b:8d:5c:47:69:15:8b:85:0f:c7:33:a6:45:
bc:86:59:86:dd:56:9b:64:6f:6e:1a:ad:83:bc:4e:ba:42:c3:
5f:f3:ba:ed:a4:34:e1:34:70:2c:2e:c7:3f:91:6c:5b:5e:dc:
90:04:20:9f:43:a8:22:94:bd:46:8a:37:3b:8c:0b:13:a1:aa:
7b:ce:13:2f:63:82:f1:b8:7e:d8:e9:56:c8:9a:c4:f1:d2:5c:
e2:09:e0:f2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYAvqGKcEbGxBFaWqrxKWL04lW88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwMzJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNzFjZGE1YzExZjY2YmJmNThlYzY3Mzc3YjdjYTE1ZjdlMTY5YjQ4YWVm
MzQ5ZGYyNjdlNTkxOWVlYzBlZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSi/3v8L61N9G6gAIgdabMe6wj5c3T4qKo68x3o6pdaQ8QJo77Pn1ARPM/g
JUfMj9FraOQLJmd6wL7NZIx3Bp2xALWEmahpk6L+QoG2c2RpDOgXr7nDlCQPsv32
6l7ooUa3fdD0Wy3NZXBA7nYR4hFhRRtr4Navaht1irVyUk911oY5zGr5PyIeDYbg
gRlZUev+ZgobViX1hlFD4RK74U9PIjFpxodh0Mayoia0/sTllMdkAy/kkxHaWwau
QRrNmf1wKzjhRBv/Z31Vrjb+ecLLSX24t3at4+I36ch+FdiH7TSGxIFU98fPZxv2
2rBwXarV4h9vlMt0+gh7g8cri68CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSN5VI7
J0ldI//RPxxBLlOxpEDjyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmQyZTFlOGMtMDMyYy00Y2UyLWJlMjctNmI5MzkxYmQ5NzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
wDANBgkqhkiG9w0BAQsFAAOCAQEARz/O3WCptwNDkdVeFoQ5mxtXxzxbSWpuGz+I
6mpbqf3IVs1oQiCWPtCOYlITxSfBI7rja9nVMS8TaKYLQkXUQZF65s15ZS+iJezu
xXXzmVPWuRi1vMl+VwtPHikHm5hW7NXk3+kUjnwcQQTYmtaCrPqO6RYWKYuoAAlq
iVemLVoes/gLIXzL3UejvU028e4f1+MIlAFGuOwZOLdmZtcryKSdAqtIdDE7jVxH
aRWLhQ/HM6ZFvIZZht1Wm2Rvbhqtg7xOukLDX/O67aQ04TRwLC7HP5FsW17ckAQg
n0OoIpS9Roo3O4wLE6Gqe84TL2OC8bh+2OlWyJrE8dJc4gng8g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:28 2025 by rpki-client