Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ad75af-5f70-4566-9e24-e9acd2e1f495.roa
File: d7ad75af-5f70-4566-9e24-e9acd2e1f495.roa (raw, json)
Hash identifier: 2uzl2RglCQ9RNkGBhG+ppW/1MIejoz+AYKvMAh513lE=
Subject key identifier: 8D:F5:2E:B2:B3:46:D7:5A:33:A6:B1:1D:3A:7D:CB:87:7F:B4:B8:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 124C4B5FDCD8F28DA9CF044FCA741006DCE275FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ad75af-5f70-4566-9e24-e9acd2e1f495.roa
Signing time: Tue 20 May 2025 19:21:10 +0000
ROA not before: Tue 20 May 2025 19:21:10 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:2080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:4c:4b:5f:dc:d8:f2:8d:a9:cf:04:4f:ca:74:10:06:dc:e2:75:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:10 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b0f9c6e38d1782407b56da0e088e7732d49234be7e797c43c0a0271c2026c816, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a0:21:bd:ef:d6:78:3f:1d:1f:0e:96:90:2f:
1b:07:aa:f1:44:2d:fe:b2:07:51:62:8e:73:0b:96:
69:e5:67:9f:0c:61:b8:b4:6d:0a:71:56:35:bd:68:
2a:b9:23:84:29:79:56:f1:34:30:c2:54:da:82:f3:
76:1b:64:b2:70:f2:ad:3d:9c:ba:2a:e3:2c:04:d8:
9e:06:e0:23:8d:c5:78:e6:1b:08:d1:af:ba:3e:ac:
5c:41:63:5e:7f:a2:65:13:e6:f3:6b:82:f1:8b:11:
ba:34:2a:b0:00:97:60:7e:b6:a3:65:49:00:dc:14:
35:43:f4:88:58:8a:95:fa:28:48:c8:c3:2d:db:60:
1a:19:1d:5a:38:30:c3:48:ef:ea:ff:cb:ef:cb:12:
6b:b5:c7:8a:40:9b:90:c5:4e:3f:cb:d7:3c:d7:1a:
bb:8d:b4:7f:49:00:2f:8d:cc:ba:23:ef:9c:f8:1c:
55:24:dd:a1:c6:95:9a:ea:e7:84:2a:46:fd:c2:50:
5d:b7:aa:02:a1:68:8d:62:0f:be:be:f6:85:ff:26:
8d:4e:71:48:3a:3a:c7:9c:37:39:dd:31:5d:1d:eb:
39:76:61:44:86:bf:b6:10:a1:36:75:8e:60:ec:21:
10:98:5a:fa:d9:53:03:82:df:77:80:33:9d:53:87:
d5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F5:2E:B2:B3:46:D7:5A:33:A6:B1:1D:3A:7D:CB:87:7F:B4:B8:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ad75af-5f70-4566-9e24-e9acd2e1f495.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:2080::/46
Signature Algorithm: sha256WithRSAEncryption
26:ee:d9:a1:64:13:fe:08:ce:74:04:01:cd:22:f9:69:5a:5a:
05:05:2b:2a:97:f3:5c:2a:a9:94:77:33:d2:1f:8a:01:9c:3f:
8a:f0:5a:09:c2:f0:e8:ca:12:a6:19:5a:82:30:52:18:3f:4d:
48:c7:00:ad:d8:b3:88:6e:9d:d7:13:08:f6:27:40:45:de:40:
d7:94:28:12:1a:a7:b4:4f:3d:19:96:a4:d1:75:62:d5:c4:be:
21:40:32:c5:d4:bc:10:e6:1c:24:cf:03:5f:2f:ad:4f:c5:b8:
c8:2d:cc:c9:19:c6:b8:34:d6:5e:b7:b1:36:81:94:5a:2e:37:
5b:f0:29:ab:a9:0c:4a:4f:1c:f5:e3:e6:fd:88:2e:74:31:e2:
ce:d1:24:7e:6c:c6:15:2a:9a:9a:a3:68:de:38:83:c3:4a:ae:
81:37:39:52:f8:64:e9:b7:41:e3:84:38:0c:b3:04:b5:95:a2:
ec:67:30:71:5d:4e:01:58:ad:d5:6c:0f:80:a9:64:56:35:71:
34:2b:47:1d:04:eb:88:29:9c:a9:42:d7:e4:94:85:dc:cf:67:
91:7e:c0:ab:b5:3d:fc:4d:b7:2c:f8:c9:5d:7b:e0:bb:35:25:
64:c4:da:1f:87:78:75:51:80:c9:58:0e:4e:c8:bd:85:23:10:
2c:37:34:68
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEkxLX9zY8o2pzwRPynQQBtzidfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMTBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwZjljNmUzOGQxNzgyNDA3YjU2ZGEwZTA4OGU3NzMyZDQ5MjM0YmU3ZTc5
N2M0M2MwYTAyNzFjMjAyNmM4MTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALagIb3v1ng/HR8OlpAvGweq8UQt/rIHUWKOcwuWaeVnnwxhuLRtCnFWNb1o
KrkjhCl5VvE0MMJU2oLzdhtksnDyrT2cuirjLATYngbgI43FeOYbCNGvuj6sXEFj
Xn+iZRPm82uC8YsRujQqsACXYH62o2VJANwUNUP0iFiKlfooSMjDLdtgGhkdWjgw
w0jv6v/L78sSa7XHikCbkMVOP8vXPNcau420f0kAL43MuiPvnPgcVSTdocaVmurn
hCpG/cJQXbeqAqFojWIPvr72hf8mjU5xSDo6x5w3Od0xXR3rOXZhRIa/thChNnWO
YOwhEJha+tlTA4Lfd4AznVOH1ekCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSN9S6y
s0bXWjOmsR06fcuHf7S4UDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdhZDc1YWYtNWY3MC00NTY2LTllMjQtZTlhY2QyZTFmNDk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUg
gDANBgkqhkiG9w0BAQsFAAOCAQEAJu7ZoWQT/gjOdAQBzSL5aVpaBQUrKpfzXCqp
lHcz0h+KAZw/ivBaCcLw6MoSphlagjBSGD9NSMcArdiziG6d1xMI9idARd5A15Qo
EhqntE89GZak0XVi1cS+IUAyxdS8EOYcJM8DXy+tT8W4yC3MyRnGuDTWXrexNoGU
Wi43W/Apq6kMSk8c9ePm/YgudDHiztEkfmzGFSqamqNo3jiDw0qugTc5Uvhk6bdB
44Q4DLMEtZWi7GcwcV1OAVit1WwPgKlkVjVxNCtHHQTriCmcqULX5JSF3M9nkX7A
q7U9/E23LPjJXXvguzUlZMTaH4d4dVGAyVgOTsi9hSMQLDc0aA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:10 2025 by rpki-client