Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa
File: dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa (raw, json)
Hash identifier: yaaLhlriRre6ERpCRBMDj+JwR1/4yQmqFGxmsmwLslw=
Subject key identifier: 8C:0C:09:F7:9B:AF:AA:30:2C:BA:F9:0D:89:39:7B:7D:52:F2:D5:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68D1A709AE58EB4BE60DF21021B2B09FFB8E340B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa
Signing time: Tue 20 May 2025 19:10:42 +0000
ROA not before: Tue 20 May 2025 19:10:42 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:d1:a7:09:ae:58:eb:4b:e6:0d:f2:10:21:b2:b0:9f:fb:8e:34:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:42 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=47b302074a29ed2a04a713d533e380cfc4e6b8509ce4de9bd2aa780f48eaba66, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:89:92:54:f5:56:c6:32:43:89:17:f1:d5:8f:
cf:37:86:6c:5e:c6:cc:95:c2:a2:ad:23:f4:20:00:
86:70:fe:a5:06:22:a2:76:6f:82:09:44:96:73:69:
85:e0:ea:24:ac:9b:a5:b9:2d:51:d5:c4:e6:0c:52:
23:17:39:89:18:f4:3c:45:2a:95:fc:c1:4b:b2:0a:
96:56:46:af:0e:c2:86:da:eb:4c:8f:67:e6:27:8c:
7c:6c:bd:59:a4:de:74:43:22:f3:66:d4:99:5e:a9:
04:5c:a3:39:57:fd:d5:2c:80:98:8a:86:6e:2f:e9:
e9:df:02:1a:cb:4f:79:10:66:3e:5e:a5:1a:fd:76:
9c:46:85:1e:c6:f6:98:41:1d:d3:61:ad:d3:43:fc:
43:a0:33:aa:98:75:84:bd:8d:8a:49:58:be:20:75:
74:e9:18:e9:d1:c3:04:93:41:a5:fd:77:9d:72:04:
16:85:a6:1a:76:f8:9b:e6:e3:f1:07:5a:22:2f:4c:
78:0c:72:1a:d4:c9:0c:6f:22:dd:21:d4:d3:f0:af:
03:2c:64:90:18:1f:80:75:ae:7e:9d:60:ae:f4:3c:
41:c7:e9:a6:1a:cf:3b:6a:20:44:79:f6:04:a2:dc:
c2:f0:1c:55:1c:d0:67:ad:74:18:91:b6:93:72:89:
51:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0C:09:F7:9B:AF:AA:30:2C:BA:F9:0D:89:39:7B:7D:52:F2:D5:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9040::/48
Signature Algorithm: sha256WithRSAEncryption
3a:06:2d:5d:78:2c:3b:37:84:e5:8a:87:b0:23:77:3d:28:7f:
88:c6:39:ef:fb:5d:1c:ae:2e:53:01:e4:c4:d4:4d:65:a8:aa:
3f:39:7a:f2:95:b6:f8:56:82:07:c5:5d:da:e6:2b:48:c4:7f:
c2:d5:66:23:a9:ef:ee:e1:b7:57:1f:3a:30:c7:1d:5a:c4:81:
d2:3f:ed:62:d3:79:cf:36:21:d8:aa:e2:dc:17:15:3c:b0:fe:
75:35:f2:33:ed:d5:18:a6:97:99:48:57:be:5b:51:39:6c:a5:
e8:41:46:96:4b:32:19:98:48:9e:e0:37:aa:44:0f:ba:d9:53:
b7:f8:96:80:ee:80:45:98:2e:42:26:61:2f:cd:4f:0d:44:37:
29:b9:39:59:91:97:fa:51:02:b7:7c:fa:bf:1b:23:4c:98:af:
c8:a7:52:ac:4f:7f:05:bf:c0:d9:f0:4c:f0:ec:13:b5:f1:a0:
17:69:2b:ed:ae:ee:67:08:13:99:6c:2a:a3:a8:4b:49:11:6f:
5d:50:2c:a4:cb:59:37:99:e1:ef:92:f0:b4:17:40:26:26:7c:
74:46:3a:a7:51:2a:8c:c9:29:5c:0f:9e:c3:c7:bd:7f:57:f4:
00:3c:3c:8a:61:d3:90:c5:ee:e9:33:91:ce:06:9e:f1:68:d1:
a8:57:8b:8c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaNGnCa5Y60vmDfIQIbKwn/uONAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwNDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3YjMwMjA3NGEyOWVkMmEwNGE3MTNkNTMzZTM4MGNmYzRlNmI4NTA5Y2U0
ZGU5YmQyYWE3ODBmNDhlYWJhNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGJklT1VsYyQ4kX8dWPzzeGbF7GzJXCoq0j9CAAhnD+pQYionZvgglElnNp
heDqJKybpbktUdXE5gxSIxc5iRj0PEUqlfzBS7IKllZGrw7ChtrrTI9n5ieMfGy9
WaTedEMi82bUmV6pBFyjOVf91SyAmIqGbi/p6d8CGstPeRBmPl6lGv12nEaFHsb2
mEEd02Gt00P8Q6Azqph1hL2NiklYviB1dOkY6dHDBJNBpf13nXIEFoWmGnb4m+bj
8QdaIi9MeAxyGtTJDG8i3SHU0/CvAyxkkBgfgHWufp1grvQ8QcfpphrPO2ogRHn2
BKLcwvAcVRzQZ610GJG2k3KJUSUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMDAn3
m6+qMCy6+Q2JOXt9UvLVWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMwYWFiNGUtOWRiYy00YjY4LTkzOGQtODAyMDJlM2QwYmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAOgYtXXgsOzeE5YqHsCN3PSh/iMY57/tdHK4u
UwHkxNRNZaiqPzl68pW2+FaCB8Vd2uYrSMR/wtVmI6nv7uG3Vx86MMcdWsSB0j/t
YtN5zzYh2Kri3BcVPLD+dTXyM+3VGKaXmUhXvltROWyl6EFGlksyGZhInuA3qkQP
utlTt/iWgO6ARZguQiZhL81PDUQ3Kbk5WZGX+lECt3z6vxsjTJivyKdSrE9/Bb/A
2fBM8OwTtfGgF2kr7a7uZwgTmWwqo6hLSRFvXVAspMtZN5nh75LwtBdAJiZ8dEY6
p1EqjMkpXA+ew8e9f1f0ADw8imHTkMXu6TORzgae8WjRqFeLjA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:27 2025 by rpki-client