Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
File: e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa (raw, json)
Hash identifier: dJrRM38XMgOcY5ZOdg2Ap0rE+HweuguKLgeaB1YCAds=
Subject key identifier: 2B:97:25:93:AF:2D:E0:96:F0:4E:56:E5:7E:AC:4A:FF:22:8A:06:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26C53DBF74A660D1FA8826C98CBFC915CA205045
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
Signing time: Fri 06 Jun 2025 15:10:09 +0000
ROA not before: Fri 06 Jun 2025 15:10:09 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:c5:3d:bf:74:a6:60:d1:fa:88:26:c9:8c:bf:c9:15:ca:20:50:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:09 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=517997d1dfc3c8d138542ea59084189840f5447ca253f646b366ba154be204c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:df:97:99:e8:8a:06:62:d4:0f:9c:1c:4a:7a:
45:4f:cd:9b:80:e0:3a:a0:f9:42:c7:de:93:cc:d2:
4c:d1:71:9d:47:25:1f:83:d0:55:ad:3a:65:34:54:
3e:ae:28:69:09:e7:98:eb:07:7a:35:68:59:f6:c1:
11:bd:39:31:04:b9:e4:29:62:19:e3:f4:bc:83:bb:
a1:74:d5:8c:db:3c:b8:86:5a:70:4f:69:49:83:4b:
21:fb:49:7f:af:04:b9:30:12:5a:d5:c8:15:c8:7d:
4c:69:16:2f:88:08:77:18:1e:ef:4b:1f:ea:99:47:
b9:67:53:cb:27:b1:57:a5:23:28:ac:0d:5c:cd:81:
af:a7:6d:f6:ec:1b:7e:80:39:5f:fe:a9:06:3f:72:
f8:a9:1d:50:8d:38:81:ab:9a:a2:df:8f:57:df:63:
f4:3e:fb:46:9d:9f:4f:30:a0:23:ea:ca:d8:28:4b:
ca:9f:74:a0:9f:44:9e:20:29:5d:38:08:cb:92:f2:
36:44:84:02:0c:49:04:dd:f9:ae:30:bd:69:f6:12:
8f:97:ab:f2:7a:61:24:bc:3b:2a:ca:e2:37:79:06:
f7:18:6d:6a:ed:d0:f3:0d:6b:89:9b:ba:6b:81:53:
fb:51:8e:00:5d:1b:8e:0e:f8:ef:58:e2:d2:a4:95:
47:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:97:25:93:AF:2D:E0:96:F0:4E:56:E5:7E:AC:4A:FF:22:8A:06:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/48
Signature Algorithm: sha256WithRSAEncryption
b7:1f:e8:0a:7f:26:85:c5:81:1c:0c:95:94:2a:67:49:6f:cf:
17:b7:4d:dd:b4:9d:a6:4f:d5:b1:15:3d:15:81:d6:92:56:d6:
0a:35:13:58:11:06:8c:1c:f6:2b:56:83:58:99:e4:5e:ec:57:
53:72:eb:79:bc:13:72:7b:f2:ad:02:c8:7c:cd:ce:70:57:9c:
d1:dc:a3:75:e4:db:23:3b:07:c0:61:ae:00:93:56:40:bb:38:
d6:92:bc:91:95:9e:80:d5:57:8b:c0:18:58:7d:6b:80:fd:15:
ec:23:a2:bc:31:59:6a:39:06:df:16:3d:7a:10:73:3b:70:bc:
b7:76:3c:49:0f:b7:8a:0c:56:da:af:75:e2:a3:2f:fc:a8:ed:
06:f2:f0:20:26:69:aa:0b:e8:03:e5:2b:7b:88:8d:44:1c:d0:
d5:0f:f3:1c:0e:c5:aa:fc:da:7f:cd:1d:f5:23:b2:de:f2:bb:
fc:0d:c9:3b:52:cb:cc:02:9f:0b:95:cc:a8:50:5f:38:38:36:
fa:19:e6:79:76:c7:39:bb:1d:06:3a:15:c2:97:01:0c:2f:ae:
54:3f:b3:30:d4:c1:16:fb:aa:18:0e:b3:62:a6:c3:65:ea:85:
ec:2a:54:0d:f1:c2:2a:87:46:e8:31:f1:42:72:11:9a:3b:d0:
42:5e:15:04
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJsU9v3SmYNH6iCbJjL/JFcogUEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMDlaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNzk5N2QxZGZjM2M4ZDEzODU0MmVhNTkwODQxODk4NDBmNTQ0N2NhMjUz
ZjY0NmIzNjZiYTE1NGJlMjA0YzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPXfl5noigZi1A+cHEp6RU/Nm4DgOqD5Qsfek8zSTNFxnUclH4PQVa06ZTRU
Pq4oaQnnmOsHejVoWfbBEb05MQS55CliGeP0vIO7oXTVjNs8uIZacE9pSYNLIftJ
f68EuTASWtXIFch9TGkWL4gIdxge70sf6plHuWdTyyexV6UjKKwNXM2Br6dt9uwb
foA5X/6pBj9y+KkdUI04gauaot+PV99j9D77Rp2fTzCgI+rK2ChLyp90oJ9EniAp
XTgIy5LyNkSEAgxJBN35rjC9afYSj5er8nphJLw7KsriN3kG9xhtau3Q8w1riZu6
a4FT+1GOAF0bjg7471ji0qSVR4cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQrlyWT
ry3glvBOVuV+rEr/IooGVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTliMjRhZDEtMDY5Yi00OTE2LTlkMzMtMzFhZDY5MzdmYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZg
ADANBgkqhkiG9w0BAQsFAAOCAQEAtx/oCn8mhcWBHAyVlCpnSW/PF7dN3bSdpk/V
sRU9FYHWklbWCjUTWBEGjBz2K1aDWJnkXuxXU3LrebwTcnvyrQLIfM3OcFec0dyj
deTbIzsHwGGuAJNWQLs41pK8kZWegNVXi8AYWH1rgP0V7COivDFZajkG3xY9ehBz
O3C8t3Y8SQ+3igxW2q914qMv/KjtBvLwICZpqgvoA+Ure4iNRBzQ1Q/zHA7Fqvza
f80d9SOy3vK7/A3JO1LLzAKfC5XMqFBfODg2+hnmeXbHObsdBjoVwpcBDC+uVD+z
MNTBFvuqGA6zYqbDZeqF7CpUDfHCKodG6DHxQnIRmjvQQl4VBA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:31 2025 by rpki-client