Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: gz2TTZu73CCpCpf6L7A2do+ZhCmmBajVQsJ2sKuxXTg=
Subject key identifier: 5E:E4:34:99:54:DC:39:67:7F:C8:BC:20:5F:D7:9E:2E:90:1B:09:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17C19DAB1048E4E35A50CE2BC3E30BF7E911FA4D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Tue 20 May 2025 18:31:32 +0000
ROA not before: Tue 20 May 2025 18:31:32 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:c1:9d:ab:10:48:e4:e3:5a:50:ce:2b:c3:e3:0b:f7:e9:11:fa:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:31:32 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0bf6aa96d76807362a1d4aaafd92daa7d2d98c94fad328fe7890e68870ae64da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:48:ff:da:0f:ca:70:45:ee:21:7a:ff:43:23:
55:30:33:41:bc:a3:1b:bc:fd:97:87:e9:47:dd:36:
17:29:89:a1:63:df:61:9d:6f:02:fc:c1:f4:75:74:
a0:05:e5:5c:db:79:76:eb:a0:ab:3a:34:6e:85:4f:
98:06:66:59:5c:eb:ed:fa:a9:b3:27:44:05:77:3c:
10:f4:3e:7f:8c:1e:e1:75:28:d0:e5:0a:c7:55:ff:
51:63:4d:ee:99:1d:f2:76:fc:fa:65:c1:d3:3d:3d:
f8:c8:13:0b:00:f1:e7:54:de:7e:c4:df:db:f6:0d:
c1:cf:20:6b:6c:27:4c:14:74:d1:31:cb:7c:c6:71:
ca:60:a7:6c:ce:0f:a9:a8:ab:1c:3f:b2:b1:b0:84:
0b:99:83:66:f6:c7:8e:54:0e:9f:1a:7d:52:22:1d:
02:40:fe:d8:fc:a9:3a:98:2b:76:81:c3:52:f4:26:
a4:72:7d:42:3f:d5:5a:e6:27:9f:a3:56:4f:5c:93:
74:40:34:d1:1b:3f:ea:91:8d:13:cd:fe:15:73:a1:
bb:1f:73:e3:30:bf:77:98:ab:10:5e:a9:db:93:6e:
18:f2:39:07:78:72:32:bf:7e:f9:e3:3a:0c:0e:37:
98:c1:4b:9d:11:27:2d:6f:b6:7f:8c:6d:57:6a:29:
fe:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E4:34:99:54:DC:39:67:7F:C8:BC:20:5F:D7:9E:2E:90:1B:09:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
26:4e:53:a2:10:1c:eb:ac:df:0f:0e:39:a7:1e:1e:42:14:d2:
60:82:1e:ba:9a:99:4e:8e:93:8c:f6:39:9c:f8:65:21:32:ff:
f0:71:66:2b:2e:45:f8:a2:d4:4f:2d:ea:f6:c5:f2:3f:33:ec:
73:01:ce:16:d3:65:2f:96:99:2d:e5:c4:c6:d4:d3:3f:52:ce:
ea:6d:af:38:4e:40:5d:1a:ff:86:56:b3:42:25:7d:61:8b:b0:
33:39:dd:e5:95:da:24:64:e2:60:fd:07:bc:66:2d:cc:de:ee:
70:3c:3a:31:6e:0b:5b:45:1d:f6:6c:91:e5:fb:cc:0e:c7:32:
29:c0:1f:09:41:30:08:fc:12:91:d2:1a:93:c6:22:ad:66:da:
6c:ec:bd:80:72:cf:0e:87:9d:ee:0d:d2:f9:3f:7c:95:a2:ff:
10:27:92:df:90:58:4f:90:1b:3f:7c:9f:eb:29:09:32:65:d1:
12:3a:81:f3:02:97:3d:28:67:b5:8b:2e:24:34:39:25:25:4a:
7e:82:02:61:5c:f3:5d:c6:1f:e0:c7:bf:7b:5e:3e:4a:af:11:
d6:21:2c:c7:b9:fd:b8:87:8d:8f:a4:3d:a6:b0:42:e5:8d:58:
7c:de:c4:f9:2f:0d:cd:1d:aa:20:78:73:94:84:a5:3a:0d:ff:
93:9a:40:2f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF8GdqxBI5ONaUM4rw+ML9+kR+k0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMxMzJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZjZhYTk2ZDc2ODA3MzYyYTFkNGFhYWZkOTJkYWE3ZDJkOThjOTRmYWQz
MjhmZTc4OTBlNjg4NzBhZTY0ZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFI/9oPynBF7iF6/0MjVTAzQbyjG7z9l4fpR902FymJoWPfYZ1vAvzB9HV0
oAXlXNt5duugqzo0boVPmAZmWVzr7fqpsydEBXc8EPQ+f4we4XUo0OUKx1X/UWNN
7pkd8nb8+mXB0z09+MgTCwDx51TefsTf2/YNwc8ga2wnTBR00THLfMZxymCnbM4P
qairHD+ysbCEC5mDZvbHjlQOnxp9UiIdAkD+2PypOpgrdoHDUvQmpHJ9Qj/VWuYn
n6NWT1yTdEA00Rs/6pGNE83+FXOhux9z4zC/d5irEF6p25NuGPI5B3hyMr9++eM6
DA43mMFLnREnLW+2f4xtV2op/oUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRe5DSZ
VNw5Z3/IvCBf154ukBsJQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEAJk5TohAc66zfDw45px4eQhTSYIIeupqZTo6T
jPY5nPhlITL/8HFmKy5F+KLUTy3q9sXyPzPscwHOFtNlL5aZLeXExtTTP1LO6m2v
OE5AXRr/hlazQiV9YYuwMznd5ZXaJGTiYP0HvGYtzN7ucDw6MW4LW0Ud9myR5fvM
DscyKcAfCUEwCPwSkdIak8YirWbabOy9gHLPDoed7g3S+T98laL/ECeS35BYT5Ab
P3yf6ykJMmXREjqB8wKXPShntYsuJDQ5JSVKfoICYVzzXcYf4Me/e14+Sq8R1iEs
x7n9uIeNj6Q9prBC5Y1YfN7E+S8NzR2qIHhzlISlOg3/k5pALw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:31 2025 by rpki-client