Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
File: be610cc2-170e-494b-b1f3-db73bc5ff027.roa (raw, json)
Hash identifier: +qmwuysEBQ8mF6ImqmH2Uh5+yD+/y157nwkHTrUvxaw=
Subject key identifier: AB:C2:9E:EA:78:9B:F1:47:8C:DF:E7:32:F0:CB:AE:E2:44:9D:6F:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E1592CC3932C5975E6AD8417CB20C0C7ABBBF56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
Signing time: Tue 20 May 2025 19:01:36 +0000
ROA not before: Tue 20 May 2025 19:01:36 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:15:92:cc:39:32:c5:97:5e:6a:d8:41:7c:b2:0c:0c:7a:bb:bf:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:01:36 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=214faea6d03e68139ac6ea600da71979d4e06c370b75dfa168a87f311a71d84e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4d:ea:eb:70:60:2a:a1:74:60:28:89:3e:42:
f8:3b:56:13:09:e5:57:bc:33:e5:3e:30:b2:49:c7:
eb:47:9d:ce:f9:62:71:60:47:c1:96:99:60:7d:9e:
f6:b8:e1:90:58:15:85:7f:86:23:10:bb:9e:b1:2f:
2f:9a:b6:00:4f:c2:db:7e:92:db:90:bb:6d:a0:6b:
eb:db:d4:95:d8:66:88:f7:66:d8:63:3d:15:a7:47:
b5:49:77:c5:4a:68:54:d3:4a:be:34:1c:f2:28:59:
72:4c:98:ed:f7:2a:04:3c:d8:a8:2e:b0:b7:ad:3f:
9f:26:91:72:11:75:cd:eb:35:53:a0:73:c3:b2:7c:
f6:b0:4c:6c:4b:ab:50:fb:d7:5b:96:1b:80:f8:e2:
fe:1e:34:4b:dc:e0:82:1a:e1:03:70:a5:1b:6b:c6:
1a:23:b3:c6:35:0f:9f:52:73:5c:be:bf:d5:8f:da:
f8:18:41:fe:d2:7b:a1:d2:0a:72:42:00:37:6f:f2:
e1:50:25:f4:f3:b2:7d:ff:18:3f:d6:dd:fe:b0:da:
49:42:74:52:cb:3a:16:12:88:44:f0:c4:7b:ad:e0:
95:2f:37:95:f1:8c:49:cf:f0:cc:ca:65:97:c8:d6:
89:cc:d1:98:18:41:5b:00:29:7f:64:41:e8:94:01:
df:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C2:9E:EA:78:9B:F1:47:8C:DF:E7:32:F0:CB:AE:E2:44:9D:6F:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6080::/48
Signature Algorithm: sha256WithRSAEncryption
c5:52:51:a5:b0:fb:a2:5d:68:eb:5b:35:fe:1a:27:ea:8c:fd:
30:2d:ff:b3:69:b8:3f:a3:1f:15:0a:32:53:9b:4a:74:8a:8d:
c9:69:e9:19:15:24:07:ac:53:66:e0:57:87:e5:2d:41:22:47:
e3:e5:10:7f:b5:f6:1c:5a:a8:15:53:99:28:81:66:67:ac:f2:
da:f4:39:63:b0:d0:3b:39:49:e7:26:eb:ec:1b:ab:df:34:c1:
7d:00:05:1c:1b:58:1c:aa:a0:c5:b3:2e:fc:95:92:01:6e:d0:
ef:ac:7a:37:7a:fb:3b:29:1c:8c:7f:49:36:9d:99:d4:75:76:
3e:b2:74:3b:5e:09:96:37:e7:49:e7:93:98:1c:25:55:b7:85:
9b:69:b9:00:59:63:49:1c:ff:04:1a:e1:00:23:a0:b2:c8:f1:
28:07:69:61:0d:33:55:95:58:b5:76:c0:23:49:90:7c:20:ca:
a1:62:06:01:29:79:7d:fd:eb:38:f3:73:bd:79:03:90:a8:a6:
2c:c4:90:bc:92:aa:42:59:6c:29:50:0b:30:05:ab:54:6d:8c:
50:49:36:ff:73:8d:64:02:8d:a7:d4:81:04:7e:00:b1:93:12:
e2:be:66:8b:75:88:eb:07:c9:89:74:8b:51:e1:4d:4c:ba:14:
bb:94:0c:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDhWSzDkyxZdeathBfLIMDHq7v1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAxMzZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxNGZhZWE2ZDAzZTY4MTM5YWM2ZWE2MDBkYTcxOTc5ZDRlMDZjMzcwYjc1
ZGZhMTY4YTg3ZjMxMWE3MWQ4NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRN6utwYCqhdGAoiT5C+DtWEwnlV7wz5T4wsknH60edzvlicWBHwZaZYH2e
9rjhkFgVhX+GIxC7nrEvL5q2AE/C236S25C7baBr69vUldhmiPdm2GM9FadHtUl3
xUpoVNNKvjQc8ihZckyY7fcqBDzYqC6wt60/nyaRchF1zes1U6Bzw7J89rBMbEur
UPvXW5YbgPji/h40S9zgghrhA3ClG2vGGiOzxjUPn1JzXL6/1Y/a+BhB/tJ7odIK
ckIAN2/y4VAl9POyff8YP9bd/rDaSUJ0Uss6FhKIRPDEe63glS83lfGMSc/wzMpl
l8jWiczRmBhBWwApf2RB6JQB308CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSrwp7q
eJvxR4zf5zLwy67iRJ1vbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MTBjYzItMTcwZS00OTRiLWIxZjMtZGI3M2JjNWZmMDI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
gDANBgkqhkiG9w0BAQsFAAOCAQEAxVJRpbD7ol1o61s1/hon6oz9MC3/s2m4P6Mf
FQoyU5tKdIqNyWnpGRUkB6xTZuBXh+UtQSJH4+UQf7X2HFqoFVOZKIFmZ6zy2vQ5
Y7DQOzlJ5ybr7Bur3zTBfQAFHBtYHKqgxbMu/JWSAW7Q76x6N3r7OykcjH9JNp2Z
1HV2PrJ0O14JljfnSeeTmBwlVbeFm2m5AFljSRz/BBrhACOgssjxKAdpYQ0zVZVY
tXbAI0mQfCDKoWIGASl5ff3rOPNzvXkDkKimLMSQvJKqQllsKVALMAWrVG2MUEk2
/3ONZAKNp9SBBH4AsZMS4r5mi3WI6wfJiXSLUeFNTLoUu5QM/g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:27 2025 by rpki-client