Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
File: ea31a166-ce12-4108-9868-894ac9df0e65.roa (raw, json)
Hash identifier: WEhy4U3PmmSpJTKkYFGBP0/HLerxpTnS7BLqRxF8Ceg=
Subject key identifier: 1B:7D:4B:B8:24:81:5F:9E:CB:D5:66:CD:F7:60:DE:50:8B:FF:07:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7982E4649FD1AE855860A1E386A8EF2C425DB7A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
Signing time: Tue 20 May 2025 18:41:45 +0000
ROA not before: Tue 20 May 2025 18:41:45 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:82:e4:64:9f:d1:ae:85:58:60:a1:e3:86:a8:ef:2c:42:5d:b7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:45 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0c0557b1aaf4ecdd2ff5c0f24b208a0c1d01339048edd76074983a28c905f0ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:28:ed:30:61:1f:ef:f1:cd:c2:29:f3:eb:9f:
f1:5f:42:17:00:78:95:9d:a9:69:45:ca:fd:c9:a5:
ba:5c:6a:47:63:f1:c2:b7:d2:34:b8:14:b2:5d:6d:
39:e4:de:6d:5c:12:7a:75:57:12:92:7d:b6:de:bf:
32:57:4a:f3:14:e1:58:e5:2e:12:cf:11:2d:3c:97:
24:9f:a4:00:7c:03:b9:18:29:51:35:92:90:7b:40:
26:0b:ba:56:f7:c2:16:43:c4:e2:fc:69:09:ec:46:
60:87:c7:91:68:f2:46:13:99:60:ad:0e:81:23:65:
ad:20:4d:26:3f:3f:93:af:7d:04:43:89:d9:a7:d0:
01:ea:68:44:2c:f7:70:17:e4:17:bc:d7:f3:0d:57:
e2:25:95:10:0e:65:97:51:bc:84:cc:65:6f:c9:13:
55:18:7f:91:7e:0e:2e:a3:e5:ad:1f:68:47:a8:93:
51:ef:50:30:fa:c9:03:da:d7:8d:4f:20:d7:32:a4:
72:d9:ff:91:14:69:bd:da:ef:46:90:8a:ab:db:15:
8a:19:b6:7a:61:fc:12:b5:91:24:f1:ce:99:a9:e7:
87:e8:3d:d0:09:c1:17:4a:70:eb:e4:a8:5f:2c:8b:
41:fd:2e:29:e5:fb:9b:ee:e9:3d:ba:42:a1:ed:8e:
83:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7D:4B:B8:24:81:5F:9E:CB:D5:66:CD:F7:60:DE:50:8B:FF:07:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b080::/48
Signature Algorithm: sha256WithRSAEncryption
2b:63:b5:78:87:a1:75:5c:d9:3b:3a:f8:21:e5:f2:a9:5b:3c:
78:ea:d9:80:21:33:97:cf:2e:ce:5d:1e:09:09:15:c8:20:97:
77:f5:ed:7d:db:2e:11:3e:4b:29:54:fc:99:03:4b:1d:6d:75:
a8:83:4c:40:54:63:dd:98:2f:f2:5a:67:7f:f2:0d:bd:ac:73:
1a:c5:31:dc:aa:1d:58:3f:db:4e:b1:90:3f:ef:73:db:21:59:
a9:92:05:99:fd:eb:37:fc:78:82:07:97:c9:7e:ee:d6:ea:11:
18:7a:87:8a:d7:10:41:f1:4d:66:03:60:2d:06:05:3d:dd:2b:
cd:03:13:c6:e2:bc:d2:42:9d:00:3b:08:72:dd:32:f4:9d:3c:
cc:1a:39:86:aa:d1:c8:92:33:46:a2:7b:2f:c0:05:4f:25:27:
2d:d2:2c:91:82:d2:12:78:11:83:89:a1:dc:a8:df:86:08:2e:
17:49:42:bf:4c:00:0b:3a:be:61:27:c8:52:ab:e1:63:40:d5:
e8:13:d6:00:83:de:2f:f5:a8:11:b7:b7:1c:81:98:70:6c:d4:
cd:2c:86:93:cf:fc:4a:5e:fc:e4:1c:08:c4:5a:a9:0b:64:b7:
2f:de:40:22:5f:a0:9f:45:bc:16:69:34:32:d3:a8:79:c5:f9:
f2:c8:99:77
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeYLkZJ/RroVYYKHjhqjvLEJdt6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxNDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjMDU1N2IxYWFmNGVjZGQyZmY1YzBmMjRiMjA4YTBjMWQwMTMzOTA0OGVk
ZDc2MDc0OTgzYTI4YzkwNWYwYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPwo7TBhH+/xzcIp8+uf8V9CFwB4lZ2paUXK/cmlulxqR2PxwrfSNLgUsl1t
OeTebVwSenVXEpJ9tt6/MldK8xThWOUuEs8RLTyXJJ+kAHwDuRgpUTWSkHtAJgu6
VvfCFkPE4vxpCexGYIfHkWjyRhOZYK0OgSNlrSBNJj8/k699BEOJ2afQAepoRCz3
cBfkF7zX8w1X4iWVEA5ll1G8hMxlb8kTVRh/kX4OLqPlrR9oR6iTUe9QMPrJA9rX
jU8g1zKkctn/kRRpvdrvRpCKq9sVihm2emH8ErWRJPHOmannh+g90AnBF0pw6+So
XyyLQf0uKeX7m+7pPbpCoe2Og5kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQbfUu4
JIFfnsvVZs33YN5Qi/8HGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEzMWExNjYtY2UxMi00MTA4LTk4NjgtODk0YWM5ZGYwZTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+w
gDANBgkqhkiG9w0BAQsFAAOCAQEAK2O1eIehdVzZOzr4IeXyqVs8eOrZgCEzl88u
zl0eCQkVyCCXd/XtfdsuET5LKVT8mQNLHW11qINMQFRj3Zgv8lpnf/INvaxzGsUx
3KodWD/bTrGQP+9z2yFZqZIFmf3rN/x4ggeXyX7u1uoRGHqHitcQQfFNZgNgLQYF
Pd0rzQMTxuK80kKdADsIct0y9J08zBo5hqrRyJIzRqJ7L8AFTyUnLdIskYLSEngR
g4mh3KjfhgguF0lCv0wACzq+YSfIUqvhY0DV6BPWAIPeL/WoEbe3HIGYcGzUzSyG
k8/8Sl785BwIxFqpC2S3L95AIl+gn0W8Fmk0MtOoecX58siZdw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:29 2025 by rpki-client