Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
File: f51bf20f-531a-411e-baff-37a38bc29ce9.roa (raw, json)
Hash identifier: MkMa+Alkp94ElyXvylrso/8ZsIBBQvqAEBt9v7ChLfE=
Subject key identifier: D7:05:6B:46:07:9A:66:74:30:20:9C:CD:D3:40:3D:0F:58:DF:41:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 158A6D28AD6D51EE208289B9F0E75402A4060F6B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
Signing time: Tue 20 May 2025 18:50:14 +0000
ROA not before: Tue 20 May 2025 18:50:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:8a:6d:28:ad:6d:51:ee:20:82:89:b9:f0:e7:54:02:a4:06:0f:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5bcc50069838b521a4e78b1eb790a59d62cf4cf09157df52d7808badb86bb87c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0f:ba:b2:af:69:3d:72:99:7d:8c:b0:87:c7:
f7:ef:56:90:57:f5:50:4d:17:58:8e:cf:22:8f:20:
4f:15:c9:c0:da:f1:ff:00:50:1e:43:03:2f:c2:bd:
2d:cf:3c:5b:d1:d6:75:57:69:e3:13:85:17:81:d0:
5c:11:26:8b:91:77:87:76:5e:f9:62:26:45:7a:47:
7a:7a:ac:c6:0b:0b:00:d3:32:62:8e:18:b3:3b:7e:
6b:f2:13:86:d1:1c:0f:e7:c3:a7:f3:87:44:57:27:
26:b3:e3:34:94:73:c2:f3:af:77:42:7e:6e:da:0d:
98:43:b6:eb:3f:dc:fc:19:dc:8d:b5:27:4d:96:33:
2d:f4:96:06:9f:5e:82:18:57:07:7b:02:47:b7:0a:
6b:b5:d9:16:74:d6:31:f2:5b:03:72:4a:ab:25:8c:
70:39:43:3b:1d:7c:5f:1d:54:42:84:27:dc:f6:4a:
4a:cd:50:e0:f8:da:f7:4c:c7:d8:e0:4e:f8:b5:85:
e8:df:16:8b:c7:ef:3f:33:4b:46:2e:09:6d:a7:09:
56:0e:17:72:30:b2:50:46:44:d3:7c:5b:03:59:f5:
c4:32:a8:7c:cd:5b:35:7d:be:9e:b3:99:68:60:d0:
33:11:ab:d7:8b:00:c6:cd:16:4c:62:9b:41:5e:80:
2b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:05:6B:46:07:9A:66:74:30:20:9C:CD:D3:40:3D:0F:58:DF:41:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8020::/48
Signature Algorithm: sha256WithRSAEncryption
92:e0:91:16:28:4f:be:eb:a3:00:f5:3f:ff:02:f4:61:02:5e:
e0:75:99:8a:6e:ee:4c:ba:26:ba:68:81:55:a6:11:06:aa:fb:
1c:fd:c5:12:00:62:6f:d9:fd:28:fe:81:55:e9:2f:c4:bd:8f:
31:be:91:54:a6:23:b0:71:6c:97:14:d0:92:fa:af:8a:05:12:
f5:1b:f1:6e:c5:14:be:15:9b:13:db:c8:3a:96:86:a3:8d:15:
43:80:d6:d7:df:04:a1:b9:bc:26:12:b7:d0:44:fe:0d:ab:69:
3c:2c:41:4a:13:75:e0:24:b5:6d:c5:30:0c:ef:c9:16:35:04:
71:eb:fb:11:f1:b4:35:73:9e:fa:d5:49:7b:d3:aa:34:a6:54:
5e:44:03:8a:0f:7a:e1:03:6a:09:93:01:42:bd:9c:7f:ac:1d:
c4:32:95:7f:c9:85:e8:25:28:83:8e:cb:40:27:bc:b3:e4:67:
84:f7:9e:35:4e:45:0e:a1:71:ab:b7:0b:17:51:55:f0:e5:3f:
ac:55:36:7f:e7:4f:0b:25:1b:fe:e5:41:76:87:ad:1c:2b:bb:
5a:e5:c1:99:df:b7:b0:7e:72:0e:d9:03:2d:3c:a3:35:31:dd:
65:17:ca:6b:8b:9c:45:2f:e3:59:39:b6:50:49:e5:0f:0c:6f:
86:79:69:7b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFYptKK1tUe4ggom58OdUAqQGD2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDViY2M1MDA2OTgzOGI1MjFhNGU3OGIxZWI3OTBhNTlkNjJjZjRjZjA5MTU3
ZGY1MmQ3ODA4YmFkYjg2YmI4N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQPurKvaT1ymX2MsIfH9+9WkFf1UE0XWI7PIo8gTxXJwNrx/wBQHkMDL8K9
Lc88W9HWdVdp4xOFF4HQXBEmi5F3h3Ze+WImRXpHenqsxgsLANMyYo4Yszt+a/IT
htEcD+fDp/OHRFcnJrPjNJRzwvOvd0J+btoNmEO26z/c/BncjbUnTZYzLfSWBp9e
ghhXB3sCR7cKa7XZFnTWMfJbA3JKqyWMcDlDOx18Xx1UQoQn3PZKSs1Q4Pja90zH
2OBO+LWF6N8Wi8fvPzNLRi4JbacJVg4XcjCyUEZE03xbA1n1xDKofM1bNX2+nrOZ
aGDQMxGr14sAxs0WTGKbQV6AK70CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTXBWtG
B5pmdDAgnM3TQD0PWN9BaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUxYmYyMGYtNTMxYS00MTFlLWJhZmYtMzdhMzhiYzI5Y2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
IDANBgkqhkiG9w0BAQsFAAOCAQEAkuCRFihPvuujAPU//wL0YQJe4HWZim7uTLom
umiBVaYRBqr7HP3FEgBib9n9KP6BVekvxL2PMb6RVKYjsHFslxTQkvqvigUS9Rvx
bsUUvhWbE9vIOpaGo40VQ4DW198Eobm8JhK30ET+DatpPCxBShN14CS1bcUwDO/J
FjUEcev7EfG0NXOe+tVJe9OqNKZUXkQDig964QNqCZMBQr2cf6wdxDKVf8mF6CUo
g47LQCe8s+RnhPeeNU5FDqFxq7cLF1FV8OU/rFU2f+dPCyUb/uVBdoetHCu7WuXB
md+3sH5yDtkDLTyjNTHdZRfKa4ucRS/jWTm2UEnlDwxvhnlpew==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:49 2025 by rpki-client