Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf464545-0601-4fd5-a3a2-f4f3c022f248.roa
File: cf464545-0601-4fd5-a3a2-f4f3c022f248.roa (raw, json)
Hash identifier: njOHhhZdES0z1z/7jOTvia5Rx88pKb33KWM9uCXOhTg=
Subject key identifier: 03:D5:5D:E1:63:10:E1:0C:87:E6:28:B7:4F:B6:75:CD:88:44:67:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 072D5B7F54D7034BFC962909B39A430C8BD0AD0A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf464545-0601-4fd5-a3a2-f4f3c022f248.roa
Signing time: Tue 20 May 2025 19:31:07 +0000
ROA not before: Tue 20 May 2025 19:31:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:2d:5b:7f:54:d7:03:4b:fc:96:29:09:b3:9a:43:0c:8b:d0:ad:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:31:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=7edbb22deee30342949675144a32295bca641db8e252fff23fb8ea88615dbb5b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6a:8f:f5:68:24:f7:7d:42:3f:5b:a9:88:d1:
49:cf:70:d8:de:aa:d2:91:d5:d0:7d:48:36:22:d7:
66:84:35:95:80:ce:b6:be:0f:68:4f:53:19:35:46:
47:23:50:5d:12:39:4a:c7:75:9e:30:e2:eb:36:9f:
de:33:27:14:67:59:df:9a:35:13:57:25:96:f6:a3:
13:20:af:be:e8:86:58:65:eb:78:80:c4:44:e1:2c:
74:88:42:1c:d8:77:67:fa:9e:02:4c:c4:55:b2:d2:
fb:cf:9b:2e:c5:97:1e:90:57:de:7c:63:0c:8d:11:
af:fe:f7:06:71:e1:48:76:0f:df:09:6c:52:67:c3:
07:57:db:85:a0:ba:74:26:4e:98:73:32:92:6f:77:
d7:71:8e:de:6d:47:18:30:04:65:9e:aa:cb:e8:66:
87:63:23:8c:ec:26:11:7f:b9:89:23:23:57:c7:2c:
fd:be:5a:4b:af:14:e8:90:d7:10:ec:ac:19:16:24:
45:05:a2:cb:f4:0d:c7:20:db:5b:58:ff:f1:83:14:
f1:96:a7:6c:5f:a4:b8:84:96:19:ed:de:dc:d3:21:
cd:18:4c:fa:6b:29:17:86:ff:02:3c:fe:43:f8:b6:
c9:1f:d2:bf:9c:b9:83:c7:47:99:36:83:d3:8b:82:
94:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D5:5D:E1:63:10:E1:0C:87:E6:28:B7:4F:B6:75:CD:88:44:67:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf464545-0601-4fd5-a3a2-f4f3c022f248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8040::/46
Signature Algorithm: sha256WithRSAEncryption
c1:d7:d0:8a:b6:ea:29:9c:12:54:e6:29:17:8a:7e:c7:7a:c2:
34:f7:02:ef:25:24:47:d5:39:93:12:d2:a1:15:2a:49:e7:e6:
1e:7b:20:19:26:fd:61:fc:6e:5e:14:6a:05:d1:00:18:c1:61:
aa:22:91:63:b6:34:e4:6a:ab:78:0d:7d:af:f0:8d:4c:7d:31:
93:e5:0e:3e:51:14:01:d8:c8:b5:a7:24:3d:49:1e:c9:e9:8c:
ae:cb:d6:15:76:e4:88:33:45:95:a0:d2:01:ab:a6:85:58:f5:
a3:26:52:f6:9f:5a:33:12:7a:4d:78:89:27:17:9b:75:53:05:
43:09:c9:77:e4:2c:17:33:33:a4:5d:e1:57:ce:37:28:44:c9:
d2:fd:3d:4d:05:b6:be:b9:ed:a6:b9:b2:9d:78:9a:f2:56:43:
26:37:cc:d9:cd:18:5b:9d:b6:b7:c8:ec:cb:52:f0:5f:b6:4f:
f3:5f:b0:8d:4e:f0:6c:ec:cc:e9:05:ef:65:8f:4e:f3:a2:cc:
67:9d:5f:ec:94:26:80:d5:14:f3:28:91:7f:21:a2:1f:d2:63:
89:d5:5d:50:da:45:b5:58:7f:4c:01:1f:46:d1:ce:e0:6d:5f:
b8:b7:88:36:5e:b5:d2:2a:d3:d4:49:7a:7f:a2:81:c2:47:66:
de:6b:c8:b5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBy1bf1TXA0v8likJs5pDDIvQrQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMxMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlZGJiMjJkZWVlMzAzNDI5NDk2NzUxNDRhMzIyOTViY2E2NDFkYjhlMjUy
ZmZmMjNmYjhlYTg4NjE1ZGJiNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1qj/VoJPd9Qj9bqYjRSc9w2N6q0pHV0H1INiLXZoQ1lYDOtr4PaE9TGTVG
RyNQXRI5Ssd1njDi6zaf3jMnFGdZ35o1E1cllvajEyCvvuiGWGXreIDEROEsdIhC
HNh3Z/qeAkzEVbLS+8+bLsWXHpBX3nxjDI0Rr/73BnHhSHYP3wlsUmfDB1fbhaC6
dCZOmHMykm9313GO3m1HGDAEZZ6qy+hmh2MjjOwmEX+5iSMjV8cs/b5aS68U6JDX
EOysGRYkRQWiy/QNxyDbW1j/8YMU8ZanbF+kuISWGe3e3NMhzRhM+mspF4b/Ajz+
Q/i2yR/Sv5y5g8dHmTaD04uClA8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQD1V3h
YxDhDIfmKLdPtnXNiERnLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y0NjQ1NDUtMDYwMS00ZmQ1LWEzYTItZjRmM2MwMjJmMjQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
QDANBgkqhkiG9w0BAQsFAAOCAQEAwdfQirbqKZwSVOYpF4p+x3rCNPcC7yUkR9U5
kxLSoRUqSefmHnsgGSb9YfxuXhRqBdEAGMFhqiKRY7Y05GqreA19r/CNTH0xk+UO
PlEUAdjItackPUkeyemMrsvWFXbkiDNFlaDSAaumhVj1oyZS9p9aMxJ6TXiJJxeb
dVMFQwnJd+QsFzMzpF3hV843KETJ0v09TQW2vrntprmynXia8lZDJjfM2c0YW522
t8jsy1LwX7ZP81+wjU7wbOzM6QXvZY9O86LMZ51f7JQmgNUU8yiRfyGiH9JjidVd
UNpFtVh/TAEfRtHO4G1fuLeINl610irT1El6f6KBwkdm3mvItQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:13 2025 by rpki-client