Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json)
Hash identifier: LJ8LcJtukp8s0KqZyZ332hR6RjQbKyWI+CiIDPaUZ20=
Subject key identifier: 60:11:34:EC:DB:79:94:E1:E2:0D:B7:E7:17:56:89:F9:0D:E2:40:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4811BED9B7FDE2941ECE7343593CF89663680263
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
Signing time: Tue 20 May 2025 20:30:49 +0000
ROA not before: Tue 20 May 2025 20:30:49 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:11:be:d9:b7:fd:e2:94:1e:ce:73:43:59:3c:f8:96:63:68:02:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:49 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=acb4981f56f2931847f8cfa22e2ec625eaba1898ee2510f60e59e433dd3ddba3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6f:7b:69:66:7f:23:60:4a:53:58:16:62:77:
61:d1:4c:a0:77:27:e6:32:1a:b3:c6:0a:3f:05:77:
3f:59:83:4e:9c:b3:c1:16:6d:62:0a:df:ae:c9:01:
fe:c7:48:f4:d8:3b:e7:a6:42:61:c0:17:7d:03:c9:
33:a9:8c:55:de:ce:16:a9:06:28:e0:84:dc:ea:bb:
f9:48:d6:b4:a6:21:5c:9f:3e:17:c3:d3:a2:11:29:
02:b8:0f:c0:66:6f:0c:64:50:d1:72:5e:ba:76:8c:
19:df:46:2d:3d:99:78:9e:d9:b5:e1:b0:09:6d:11:
08:9a:4a:74:d2:45:46:b7:47:b7:07:6a:68:b1:17:
36:41:52:ae:0c:72:9b:9d:c9:ad:60:63:6c:a9:f7:
27:f0:1e:20:80:b6:3d:32:66:61:c0:bb:ec:28:20:
3b:bb:e9:1f:7f:f9:40:eb:74:f7:89:4c:82:5f:e9:
4d:b8:ef:7d:1b:8e:67:a7:68:cf:74:2d:aa:da:46:
5e:af:ae:32:8c:20:64:38:60:6f:d5:4e:bf:34:cc:
ef:42:6e:93:b8:b7:86:59:cd:3b:07:ed:4e:92:e5:
22:61:56:5a:cf:37:7a:e6:f5:4d:f6:db:33:5d:17:
0e:fb:03:f2:21:e6:06:d7:b4:62:e6:2c:6a:2f:00:
63:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:11:34:EC:DB:79:94:E1:E2:0D:B7:E7:17:56:89:F9:0D:E2:40:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
92:78:c1:03:34:ab:e1:f7:95:93:d6:13:e5:9e:c8:e5:97:49:
ff:0b:dd:b7:6d:cd:a0:c0:7e:9b:6f:42:a1:5a:4e:c8:74:7a:
b9:18:d2:7a:e2:a6:dc:8c:20:76:46:30:35:a2:5e:ed:e7:92:
cf:1f:a6:5e:ae:d0:ce:cc:ce:d1:b0:05:e4:ba:ce:f9:ee:17:
87:6c:ff:f2:0f:b1:73:0b:b7:11:42:c4:05:1e:14:06:7d:c7:
7e:cb:98:e2:c0:ad:ae:f6:e1:4c:fb:92:1f:a2:d4:f7:9e:1f:
44:d1:de:5f:3f:96:f2:84:bb:0e:70:fc:fd:fe:77:51:f2:3c:
f2:51:c2:f2:88:4e:c2:f6:4f:30:74:59:b2:65:d0:1c:ac:4b:
14:4b:f8:63:47:bd:56:bd:9a:d8:6d:05:db:8e:73:75:5d:12:
99:ea:d9:9e:00:0d:4f:ab:eb:9e:ea:db:c0:3b:5e:6e:06:0d:
de:4a:bf:ef:0a:40:af:6d:ce:4d:a1:e8:9f:3f:5d:e7:5e:e3:
15:98:85:67:ce:c1:b1:f2:99:20:f6:d5:2f:16:bc:2d:47:e5:
f3:35:43:7c:c2:bc:b5:85:48:47:12:97:ba:f7:40:74:1c:07:
5b:56:e1:45:c1:60:36:83:2e:95:45:30:59:f0:28:87:39:df:
8b:f2:89:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSBG+2bf94pQeznNDWTz4lmNoAmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwNDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjYjQ5ODFmNTZmMjkzMTg0N2Y4Y2ZhMjJlMmVjNjI1ZWFiYTE4OThlZTI1
MTBmNjBlNTllNDMzZGQzZGRiYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJve2lmfyNgSlNYFmJ3YdFMoHcn5jIas8YKPwV3P1mDTpyzwRZtYgrfrskB
/sdI9Ng756ZCYcAXfQPJM6mMVd7OFqkGKOCE3Oq7+UjWtKYhXJ8+F8PTohEpArgP
wGZvDGRQ0XJeunaMGd9GLT2ZeJ7ZteGwCW0RCJpKdNJFRrdHtwdqaLEXNkFSrgxy
m53JrWBjbKn3J/AeIIC2PTJmYcC77CggO7vpH3/5QOt094lMgl/pTbjvfRuOZ6do
z3QtqtpGXq+uMowgZDhgb9VOvzTM70Juk7i3hlnNOwftTpLlImFWWs83eub1Tfbb
M10XDvsD8iHmBte0YuYsai8AY58CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgETTs
23mU4eINt+cXVon5DeJAnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSeMEDNKvh95WT1hPlnsjll0n/C923bc2gwH6b
b0KhWk7IdHq5GNJ64qbcjCB2RjA1ol7t55LPH6ZertDOzM7RsAXkus757heHbP/y
D7FzC7cRQsQFHhQGfcd+y5jiwK2u9uFM+5IfotT3nh9E0d5fP5byhLsOcPz9/ndR
8jzyUcLyiE7C9k8wdFmyZdAcrEsUS/hjR71WvZrYbQXbjnN1XRKZ6tmeAA1Pq+ue
6tvAO15uBg3eSr/vCkCvbc5NoeifP13nXuMVmIVnzsGx8pkg9tUvFrwtR+XzNUN8
wry1hUhHEpe690B0HAdbVuFFwWA2gy6VRTBZ8CiHOd+L8olm
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:20 2025 by rpki-client