Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
File: f067aa52-ee52-4fb2-867c-8dc79786d43d.roa (raw, json)
Hash identifier: uvolk2MgQ9rnRxn2hUvSvl8ysjopcvs48FFEu88xuyA=
Subject key identifier: A1:27:2F:3C:93:41:CF:B6:10:C7:78:C4:0E:CC:F0:50:74:EB:09:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74DC0AF766706BB00979779662F97A65703B86F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
Signing time: Tue 20 May 2025 18:31:43 +0000
ROA not before: Tue 20 May 2025 18:31:43 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:dc:0a:f7:66:70:6b:b0:09:79:77:96:62:f9:7a:65:70:3b:86:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:31:43 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a7e2afefe64a6013f6ce9228390055a18714e392089a312a53242e1e77d73962, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:11:61:c2:d7:ce:95:1c:b4:c0:30:cd:f8:8b:
72:e5:11:60:27:74:5a:28:90:a1:bd:ba:f5:4f:85:
c0:77:26:49:c0:79:2f:75:5d:e6:29:86:d6:17:d7:
8f:5b:06:0e:d3:e6:1b:dc:67:72:9f:aa:7e:e4:0a:
ae:f5:dc:36:ef:61:1e:37:26:26:ea:19:3d:c3:33:
dc:3b:c7:87:d5:0c:85:06:db:4a:c7:94:da:c3:e6:
3e:28:6c:c4:4c:5e:fb:dc:80:94:58:27:0d:9d:48:
fd:2e:69:2b:23:34:ab:e8:5a:b3:81:00:57:cd:ef:
db:ea:6b:e8:bd:6d:4b:4e:89:1c:4b:7e:1c:99:cc:
1d:cb:3e:62:be:6f:9f:2f:96:30:b9:30:25:da:7a:
22:58:a6:e6:8f:a0:0c:ba:cc:c8:b6:c1:61:f3:b6:
4e:ce:2a:06:1d:99:06:9a:f7:fb:1b:79:02:a5:c4:
de:7f:c7:4b:2d:88:56:e9:c0:f1:de:46:bd:4f:da:
dd:90:c6:a3:45:b4:c6:31:60:89:c8:94:01:81:d0:
56:3e:02:80:b1:24:c0:72:51:3a:e1:bc:8b:c8:a0:
57:8f:33:26:63:d4:70:3c:bd:e5:aa:52:0f:59:05:
29:0d:95:c9:45:01:3b:86:7b:e0:ab:70:10:51:2d:
e0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:27:2F:3C:93:41:CF:B6:10:C7:78:C4:0E:CC:F0:50:74:EB:09:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2080::/48
Signature Algorithm: sha256WithRSAEncryption
3b:4c:ac:a1:96:4d:28:a6:56:ad:41:84:07:0c:08:92:10:09:
c4:cd:58:41:51:65:de:1f:f4:e1:7b:42:2d:93:a3:da:b8:09:
87:14:66:86:d4:a6:bf:c2:8c:e0:31:e2:a8:2c:21:5c:7f:a8:
ce:3f:ac:37:a0:55:d4:35:46:1b:a6:8a:08:82:e7:e3:ef:33:
d1:80:0a:15:81:67:3f:ea:4d:d6:0e:b2:0c:20:1f:e8:4e:21:
a2:3c:ff:9a:b5:d2:33:91:f2:1f:7a:f6:63:75:ee:ba:58:24:
1a:9e:6a:2b:23:cb:c3:9b:bf:ee:f2:35:34:26:08:c3:8c:2a:
c5:d4:9c:a9:71:1f:68:43:2e:d9:fc:0e:ae:43:c3:41:cc:fc:
6a:34:b3:3a:8e:80:b3:74:6b:e0:10:98:a9:a9:bb:73:d6:26:
5c:04:dc:49:1f:87:66:4a:b4:41:2c:dc:a7:86:5a:33:09:d7:
46:bf:14:c2:20:63:00:ce:54:61:97:3c:15:d2:ed:6a:8e:89:
2e:0b:df:da:82:b0:62:05:8a:d1:17:b7:29:ef:79:de:8e:98:
ad:36:f8:26:e7:03:c7:fd:7d:2b:a2:6e:92:3e:8d:39:02:47:
90:67:c4:14:11:26:66:a1:3c:cb:a9:a0:e0:76:d6:70:f6:55:
32:c6:7e:07
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdNwK92Zwa7AJeXeWYvl6ZXA7hvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMxNDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3ZTJhZmVmZTY0YTYwMTNmNmNlOTIyODM5MDA1NWExODcxNGUzOTIwODlh
MzEyYTUzMjQyZTFlNzdkNzM5NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMURYcLXzpUctMAwzfiLcuURYCd0WiiQob269U+FwHcmScB5L3Vd5imG1hfX
j1sGDtPmG9xncp+qfuQKrvXcNu9hHjcmJuoZPcMz3DvHh9UMhQbbSseU2sPmPihs
xExe+9yAlFgnDZ1I/S5pKyM0q+has4EAV83v2+pr6L1tS06JHEt+HJnMHcs+Yr5v
ny+WMLkwJdp6Ilim5o+gDLrMyLbBYfO2Ts4qBh2ZBpr3+xt5AqXE3n/HSy2IVunA
8d5GvU/a3ZDGo0W0xjFgiciUAYHQVj4CgLEkwHJROuG8i8igV48zJmPUcDy95apS
D1kFKQ2VyUUBO4Z74KtwEFEt4FcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBShJy88
k0HPthDHeMQOzPBQdOsJ/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjA2N2FhNTItZWU1Mi00ZmIyLTg2N2MtOGRjNzk3ODZkNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
gDANBgkqhkiG9w0BAQsFAAOCAQEAO0ysoZZNKKZWrUGEBwwIkhAJxM1YQVFl3h/0
4XtCLZOj2rgJhxRmhtSmv8KM4DHiqCwhXH+ozj+sN6BV1DVGG6aKCILn4+8z0YAK
FYFnP+pN1g6yDCAf6E4hojz/mrXSM5HyH3r2Y3XuulgkGp5qKyPLw5u/7vI1NCYI
w4wqxdScqXEfaEMu2fwOrkPDQcz8ajSzOo6As3Rr4BCYqam7c9YmXATcSR+HZkq0
QSzcp4ZaMwnXRr8UwiBjAM5UYZc8FdLtao6JLgvf2oKwYgWK0Re3Ke953o6YrTb4
JucDx/19K6Jukj6NOQJHkGfEFBEmZqE8y6mg4HbWcPZVMsZ+Bw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:53 2025 by rpki-client