Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
File: bed4158d-91b8-4ba5-81d9-75a65b550b92.roa (raw, json)
Hash identifier: Ld0I/HhdWaWswVddz/6R5/g6oZM+fGHBJIL6+N5C8uo=
Subject key identifier: 57:51:F7:2B:70:5C:AB:8B:28:5C:80:B1:65:87:4E:86:D8:CA:CE:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FE653692CB8972F9685F53B58B57124C4ED533C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
Signing time: Tue 20 May 2025 18:20:19 +0000
ROA not before: Tue 20 May 2025 18:20:19 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:e6:53:69:2c:b8:97:2f:96:85:f5:3b:58:b5:71:24:c4:ed:53:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:19 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=278aa5fa2fdd5477e305476671559431757b5c7b81d656d6b304bede4266c57c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2a:aa:1e:82:91:3a:80:a2:85:2e:76:5f:66:
70:9f:1c:9b:c1:a8:47:2d:19:99:d2:d3:bc:3a:2e:
6a:f6:da:67:d5:d9:dd:c1:05:52:e9:d9:3b:a7:2e:
8d:3a:e1:bb:92:43:d9:21:d6:1a:c4:0a:c2:e7:50:
f2:c2:24:44:51:3e:ea:b9:56:7c:7a:ae:88:87:ff:
28:3f:83:03:d5:d9:76:83:b2:be:ec:62:96:84:68:
d8:d8:fa:e8:34:76:29:f7:6b:6c:88:dc:a7:48:4c:
59:75:19:70:48:4e:d4:a3:a7:5b:55:86:5f:45:81:
a6:4d:1e:3c:dd:2c:87:14:78:fb:10:87:11:6a:b3:
cc:52:74:81:e2:bd:de:f8:14:b4:af:b0:8f:f7:a3:
a6:f0:5f:57:9f:12:cf:1b:ae:71:2e:71:f4:27:ec:
0b:fd:85:00:25:79:e9:bd:78:ae:02:4e:85:8a:4a:
f2:9e:4a:0e:77:7f:69:ab:e1:62:1e:1c:0d:e4:a9:
3f:92:4e:3e:7e:19:51:7a:1d:da:52:7c:7c:41:5f:
0a:2c:00:27:d4:10:ff:f4:b1:04:8b:d7:3e:f2:99:
f0:71:1f:ba:81:c2:85:e3:3f:b6:d9:0f:28:d4:11:
ff:f3:9a:0b:36:bb:7b:77:6c:4e:d4:65:89:7a:cc:
03:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:51:F7:2B:70:5C:AB:8B:28:5C:80:B1:65:87:4E:86:D8:CA:CE:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
63:73:f5:0c:32:a2:ce:09:5e:ff:e2:52:f5:0b:f8:73:36:0b:
27:df:92:f4:f1:cb:ed:cb:72:d4:59:74:28:d8:56:67:49:d8:
41:67:89:d0:ff:bc:f3:c3:00:ba:91:85:b7:c1:49:cb:e1:d7:
b7:9a:99:13:7f:0c:73:ff:59:e7:18:b2:d8:97:98:aa:4a:6b:
38:19:b1:27:ef:ba:22:3b:31:cf:61:95:0d:2b:2a:c1:42:e2:
9b:c5:09:7f:6a:c9:6d:61:b7:7a:67:1d:c9:db:14:fe:50:4d:
b9:cb:dc:1f:77:30:54:af:b3:81:71:1e:11:83:c4:74:b3:53:
9c:16:3f:d6:c2:dc:46:80:0c:3f:ca:ff:a8:58:88:45:1e:eb:
68:ec:2c:b0:db:4d:17:ff:b7:f7:b7:82:fc:13:a0:e8:0d:ea:
11:a5:21:85:0e:92:c2:10:64:36:db:49:5b:52:f5:b6:77:c5:
e9:b6:8b:25:17:f6:49:e3:d9:df:70:7d:e6:05:28:1e:af:dd:
3d:a5:1e:05:35:54:f9:3e:b8:3c:93:9b:b8:a1:23:1c:d4:a2:
03:6b:a3:f5:15:90:57:91:cc:80:ed:87:88:b7:b8:ae:67:46:
6d:b0:9b:34:8e:87:ef:4b:3e:49:58:56:2d:92:5b:16:d1:43:
88:9f:9b:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP+ZTaSy4ly+WhfU7WLVxJMTtUzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwMTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3OGFhNWZhMmZkZDU0NzdlMzA1NDc2NjcxNTU5NDMxNzU3YjVjN2I4MWQ2
NTZkNmIzMDRiZWRlNDI2NmM1N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsqqh6CkTqAooUudl9mcJ8cm8GoRy0ZmdLTvDouavbaZ9XZ3cEFUunZO6cu
jTrhu5JD2SHWGsQKwudQ8sIkRFE+6rlWfHquiIf/KD+DA9XZdoOyvuxiloRo2Nj6
6DR2KfdrbIjcp0hMWXUZcEhO1KOnW1WGX0WBpk0ePN0shxR4+xCHEWqzzFJ0geK9
3vgUtK+wj/ejpvBfV58SzxuucS5x9CfsC/2FACV56b14rgJOhYpK8p5KDnd/aavh
Yh4cDeSpP5JOPn4ZUXod2lJ8fEFfCiwAJ9QQ//SxBIvXPvKZ8HEfuoHCheM/ttkP
KNQR//OaCza7e3dsTtRliXrMA1sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXUfcr
cFyriyhcgLFlh06G2MrOjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmVkNDE1OGQtOTFiOC00YmE1LTgxZDktNzVhNjViNTUwYjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
wDANBgkqhkiG9w0BAQsFAAOCAQEAY3P1DDKizgle/+JS9Qv4czYLJ9+S9PHL7cty
1Fl0KNhWZ0nYQWeJ0P+888MAupGFt8FJy+HXt5qZE38Mc/9Z5xiy2JeYqkprOBmx
J++6Ijsxz2GVDSsqwULim8UJf2rJbWG3emcdydsU/lBNucvcH3cwVK+zgXEeEYPE
dLNTnBY/1sLcRoAMP8r/qFiIRR7raOwssNtNF/+397eC/BOg6A3qEaUhhQ6SwhBk
NttJW1L1tnfF6baLJRf2SePZ33B95gUoHq/dPaUeBTVU+T64PJObuKEjHNSiA2uj
9RWQV5HMgO2HiLe4rmdGbbCbNI6H70s+SVhWLZJbFtFDiJ+bpQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:18 2025 by rpki-client