Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
File: dd7649a8-cae4-4d67-90f1-f01144285a2f.roa (raw, json)
Hash identifier: YfqFOiybm6d1DhJwO9L4oF6cUYc6hpOlcsylDQQtFuY=
Subject key identifier: D6:B4:F5:D3:B5:B8:A1:72:2F:C0:28:DF:7A:B4:5A:82:62:8C:FB:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 471D1DDA6063D5F676A10F3AA6030030646CF7FD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
Signing time: Tue 20 May 2025 18:31:38 +0000
ROA not before: Tue 20 May 2025 18:31:38 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:1d:1d:da:60:63:d5:f6:76:a1:0f:3a:a6:03:00:30:64:6c:f7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:31:38 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=48e9400b479b538d75398add675acd637721dbb33ccae4c668ede58436ce338a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4d:b6:38:65:07:2c:bb:20:d6:fe:13:1e:b6:
d2:56:8a:f3:34:3b:47:57:5a:da:7d:d9:4d:7a:de:
be:b6:43:36:36:f3:c2:c3:72:79:f5:3a:5b:36:6c:
3d:ee:5d:b8:0d:b1:8d:1f:c0:7f:ae:c4:53:2c:1e:
d3:e8:55:4e:e7:a1:89:4c:9b:ea:05:a1:7d:53:96:
20:5a:02:b9:b6:90:e3:0a:a3:60:dc:0c:5c:9c:4a:
42:3c:ad:06:f6:44:5e:e2:ec:a8:52:a6:8c:8b:2e:
16:62:f7:e7:2c:69:77:b1:c3:f2:79:1e:62:41:2f:
50:15:36:39:38:aa:ee:2e:07:56:d6:78:76:52:4f:
cc:77:1f:0d:77:e3:0b:b7:10:4b:b6:6a:eb:36:88:
32:61:e5:fe:c7:c2:2a:6f:d2:dd:49:9a:9f:ba:c5:
da:e0:4d:11:43:88:6a:c4:e4:80:8b:21:3c:95:2a:
c5:fe:b0:a5:f1:ae:f3:d9:e4:2d:f2:15:e2:01:3a:
be:d5:db:c8:2b:ac:a9:bf:8d:27:df:0d:19:c2:51:
55:8b:fe:f4:57:09:ac:1a:c9:a6:77:fd:a9:e6:12:
5a:01:0b:d4:c8:da:ec:74:54:55:99:d8:a8:43:d7:
94:03:8f:cc:ad:6c:f5:f0:19:e1:12:0e:14:1a:32:
31:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B4:F5:D3:B5:B8:A1:72:2F:C0:28:DF:7A:B4:5A:82:62:8C:FB:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4040::/48
Signature Algorithm: sha256WithRSAEncryption
7c:93:d6:36:cf:e0:a0:cb:05:53:21:73:da:65:18:b5:7e:89:
bb:4a:35:49:8c:7d:99:b1:8d:e0:b1:5b:38:47:38:8a:85:9d:
8a:c3:c2:42:15:7c:55:9f:c2:29:2f:99:b0:ea:99:97:9c:b0:
b5:26:e3:18:0c:85:a7:4e:56:48:0d:17:bc:de:a5:06:ed:d7:
52:82:ef:a4:62:8a:d2:2f:a1:01:ea:9b:73:4f:49:d8:52:5c:
f0:85:7b:fc:e3:dc:21:88:8d:7b:ce:e6:6d:4e:a2:28:2c:e4:
0a:42:4b:86:46:0e:f2:19:c3:a2:3d:78:70:04:10:4f:28:d4:
c1:4a:dd:e5:cb:2b:b8:ec:dd:26:fe:85:25:0f:e7:9f:9d:1a:
2d:23:4a:7a:1f:8f:b2:78:91:5c:da:6e:5e:22:16:88:40:1e:
2b:9d:ae:00:ec:f1:c9:45:8a:e1:ae:5c:ab:b7:06:d6:64:64:
ee:ee:d8:48:a8:3a:66:ca:0e:fe:1d:18:ad:9e:a9:be:2d:cc:
97:15:81:c0:e9:13:3b:12:71:f5:f8:b5:85:dc:db:62:19:6c:
a7:d2:f7:ca:08:e8:71:e1:43:74:08:06:af:f0:76:7a:79:23:
e6:1f:18:f9:af:9d:1d:3a:da:64:9f:06:0f:bc:0c:36:54:9b:
66:63:fe:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURx0d2mBj1fZ2oQ86pgMAMGRs9/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMxMzhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4ZTk0MDBiNDc5YjUzOGQ3NTM5OGFkZDY3NWFjZDYzNzcyMWRiYjMzY2Nh
ZTRjNjY4ZWRlNTg0MzZjZTMzOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJNtjhlByy7INb+Ex620laK8zQ7R1da2n3ZTXrevrZDNjbzwsNyefU6WzZs
Pe5duA2xjR/Af67EUywe0+hVTuehiUyb6gWhfVOWIFoCubaQ4wqjYNwMXJxKQjyt
BvZEXuLsqFKmjIsuFmL35yxpd7HD8nkeYkEvUBU2OTiq7i4HVtZ4dlJPzHcfDXfj
C7cQS7Zq6zaIMmHl/sfCKm/S3Uman7rF2uBNEUOIasTkgIshPJUqxf6wpfGu89nk
LfIV4gE6vtXbyCusqb+NJ98NGcJRVYv+9FcJrBrJpnf9qeYSWgEL1Mja7HRUVZnY
qEPXlAOPzK1s9fAZ4RIOFBoyMZsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTWtPXT
tbihci/AKN96tFqCYoz7YDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3NjQ5YTgtY2FlNC00ZDY3LTkwZjEtZjAxMTQ0Mjg1YTJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
QDANBgkqhkiG9w0BAQsFAAOCAQEAfJPWNs/goMsFUyFz2mUYtX6Ju0o1SYx9mbGN
4LFbOEc4ioWdisPCQhV8VZ/CKS+ZsOqZl5ywtSbjGAyFp05WSA0XvN6lBu3XUoLv
pGKK0i+hAeqbc09J2FJc8IV7/OPcIYiNe87mbU6iKCzkCkJLhkYO8hnDoj14cAQQ
TyjUwUrd5csruOzdJv6FJQ/nn50aLSNKeh+PsniRXNpuXiIWiEAeK52uAOzxyUWK
4a5cq7cG1mRk7u7YSKg6ZsoO/h0YrZ6pvi3MlxWBwOkTOxJx9fi1hdzbYhlsp9L3
ygjoceFDdAgGr/B2enkj5h8Y+a+dHTraZJ8GD7wMNlSbZmP+FA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:45 2025 by rpki-client