Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
File: cead5bc0-2620-45bc-b97b-adb00020a426.roa (raw, json)
Hash identifier: AjoT7vP/lkkYbuXhGsqjGsp3CNL/GbCed9A6AGy8wMg=
Subject key identifier: 8D:C4:0F:11:14:20:4D:C6:A4:F9:6B:BA:6C:A2:9B:7F:47:40:7B:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D48D9D4FC87184A58482C9123AE57F3F681633D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
Signing time: Tue 20 May 2025 19:11:03 +0000
ROA not before: Tue 20 May 2025 19:11:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:48:d9:d4:fc:87:18:4a:58:48:2c:91:23:ae:57:f3:f6:81:63:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=fc03fd60697f0248a6c088a927de12a04bdb802c3f90857883d93bdb3cd78efa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3e:ec:e2:1c:13:51:2a:db:c6:d9:68:f9:87:
8d:71:2e:c0:66:fa:32:da:43:59:89:a9:e8:e4:0f:
23:d8:ea:97:3b:e1:eb:7d:f7:6a:7e:fc:a6:87:f7:
93:58:b3:e3:87:bb:d0:dc:aa:88:19:c2:dd:90:49:
96:ea:ec:0c:2c:71:a9:16:30:01:ae:dd:23:b8:f9:
ae:e0:5f:e2:94:3f:47:60:f7:0d:81:8a:c9:d0:69:
ad:96:eb:36:61:15:0d:48:a7:b3:f0:5f:5b:fb:57:
78:fc:99:91:60:6b:39:a5:c1:9b:06:d0:ef:e4:f1:
f0:d4:0a:ef:a2:4b:b9:20:fa:31:46:ee:20:de:61:
81:f9:fa:22:72:b6:87:b6:45:e7:16:fc:67:08:d9:
64:66:d9:02:e9:3e:76:be:ac:25:89:05:24:c4:06:
eb:96:ba:9f:b5:a8:72:10:f9:83:2f:f4:c5:aa:57:
19:0e:2b:59:54:07:54:24:e8:7e:d5:dc:09:4f:6a:
6f:7c:41:0f:6f:d2:fb:78:67:d8:da:16:28:87:61:
dd:ee:e4:9d:0d:20:3e:cb:8d:08:f3:9b:2a:4f:f3:
c7:d3:96:e7:82:81:b3:d2:3b:1a:e2:78:5c:9d:50:
e8:70:01:dd:8e:ef:85:f7:a0:4f:da:23:ad:c8:19:
a0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C4:0F:11:14:20:4D:C6:A4:F9:6B:BA:6C:A2:9B:7F:47:40:7B:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e080::/48
Signature Algorithm: sha256WithRSAEncryption
91:c1:c2:b8:a7:4f:e7:6c:24:25:ca:ea:10:dd:fb:ad:d8:e1:
59:19:82:2d:78:3c:24:d3:ca:54:83:ad:92:b3:60:e7:19:3c:
3e:73:8b:58:9c:5c:72:97:11:cb:47:2f:bc:cd:33:52:4f:31:
f8:44:fb:4f:75:ce:28:51:f7:1d:05:41:67:d0:5f:b4:08:e9:
48:b7:bb:10:01:a3:ae:bd:9a:9a:f1:2d:2d:cc:66:0f:65:ae:
54:69:a4:b4:c9:a2:b0:f4:8c:1d:84:6c:8e:6e:d2:c0:9f:ec:
7a:86:d5:4e:77:75:ca:db:b5:a1:75:ba:89:58:44:13:17:f2:
3b:d7:8e:43:ab:08:70:6b:d3:0f:8b:9d:41:93:d3:bb:ca:ed:
32:bc:19:ba:cf:07:66:66:fd:c2:31:61:eb:44:4a:b1:1d:96:
e4:5c:de:ab:aa:51:2b:34:ae:4b:a8:de:ab:2b:44:bc:3a:86:
80:8a:1b:f4:02:bd:48:d0:72:4b:1e:2d:11:21:1c:8d:50:ad:
7d:5c:15:98:78:a1:84:70:a9:09:4d:42:07:54:36:44:fe:1f:
59:1c:11:83:6a:cf:80:01:f7:8b:18:ab:16:48:7e:f4:87:62:
09:17:90:a2:fd:d9:39:38:dd:cc:df:a2:34:07:83:0c:4f:35:
d1:d7:9e:4e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTUjZ1PyHGEpYSCyRI65X8/aBYz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjMDNmZDYwNjk3ZjAyNDhhNmMwODhhOTI3ZGUxMmEwNGJkYjgwMmMzZjkw
ODU3ODgzZDkzYmRiM2NkNzhlZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0+7OIcE1Eq28bZaPmHjXEuwGb6MtpDWYmp6OQPI9jqlzvh6333an78pof3
k1iz44e70NyqiBnC3ZBJlursDCxxqRYwAa7dI7j5ruBf4pQ/R2D3DYGKydBprZbr
NmEVDUins/BfW/tXePyZkWBrOaXBmwbQ7+Tx8NQK76JLuSD6MUbuIN5hgfn6InK2
h7ZF5xb8ZwjZZGbZAuk+dr6sJYkFJMQG65a6n7WochD5gy/0xapXGQ4rWVQHVCTo
ftXcCU9qb3xBD2/S+3hn2NoWKIdh3e7knQ0gPsuNCPObKk/zx9OW54KBs9I7GuJ4
XJ1Q6HAB3Y7vhfegT9ojrcgZoO8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSNxA8R
FCBNxqT5a7psopt/R0B7zDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2VhZDViYzAtMjYyMC00NWJjLWI5N2ItYWRiMDAwMjBhNDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
gDANBgkqhkiG9w0BAQsFAAOCAQEAkcHCuKdP52wkJcrqEN37rdjhWRmCLXg8JNPK
VIOtkrNg5xk8PnOLWJxccpcRy0cvvM0zUk8x+ET7T3XOKFH3HQVBZ9BftAjpSLe7
EAGjrr2amvEtLcxmD2WuVGmktMmisPSMHYRsjm7SwJ/seobVTnd1ytu1oXW6iVhE
ExfyO9eOQ6sIcGvTD4udQZPTu8rtMrwZus8HZmb9wjFh60RKsR2W5Fzeq6pRKzSu
S6jeqytEvDqGgIob9AK9SNBySx4tESEcjVCtfVwVmHihhHCpCU1CB1Q2RP4fWRwR
g2rPgAH3ixirFkh+9IdiCReQov3ZOTjdzN+iNAeDDE810deeTg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:31 2025 by rpki-client