Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
File: f9753974-947c-42c4-885b-aa94c43c56a0.roa (raw, json)
Hash identifier: M3B+j91R8rfx0m/ZVh7Yq7MVIhRhwMRMa1o6r0H3zvU=
Subject key identifier: 3F:C3:94:19:2D:EF:0F:BC:E5:DA:40:3B:72:76:1D:5A:37:58:A0:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16C0BA75434408BB6EC7E4854A494AEFC469C147
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
Signing time: Tue 20 May 2025 18:21:15 +0000
ROA not before: Tue 20 May 2025 18:21:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:c0:ba:75:43:44:08:bb:6e:c7:e4:85:4a:49:4a:ef:c4:69:c1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:21:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=6d057f252d8382d543630a35c50bcecff205f24c407a0e72ccac61153972756b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:29:7b:bc:c6:86:35:15:e8:b0:99:78:fb:7b:
4f:af:2c:d6:4d:ff:2e:db:08:73:c9:b0:b3:3c:5d:
1e:bb:ab:57:f9:8a:a2:19:81:34:eb:94:86:85:57:
25:03:c1:29:c1:6e:16:a4:35:29:d5:3f:c1:b5:48:
c3:65:ff:31:d1:f8:d1:c5:81:16:dd:da:97:5b:03:
b4:83:98:fe:ba:23:4a:9c:ee:04:51:6f:59:fe:6d:
98:7a:41:97:81:c9:2e:2b:b7:43:33:df:eb:71:af:
a7:fe:1c:dc:0c:1d:21:0e:dd:5a:3d:3d:46:b1:80:
84:ca:f1:ac:08:72:35:e3:7e:9d:42:73:47:fd:17:
63:18:d2:bb:51:be:48:ce:ed:7f:e0:7b:6c:1f:81:
2b:d2:6e:70:a7:2a:11:b2:b0:99:98:da:d9:c2:69:
7d:ff:1e:b9:2e:76:d0:e2:18:7c:a8:c1:b5:0b:a0:
68:fb:7e:65:78:2b:9e:32:b9:fd:c7:78:53:c7:13:
2f:5b:e5:ec:60:c3:aa:aa:5a:dd:79:08:ab:8b:ab:
90:e9:86:70:68:15:50:b9:55:b0:c8:a8:c1:31:15:
7b:91:37:a0:24:f3:e6:7b:21:4e:ee:9d:f6:88:bf:
8a:4b:47:61:1d:10:90:0b:c2:ec:6b:bc:3d:6c:25:
fd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C3:94:19:2D:EF:0F:BC:E5:DA:40:3B:72:76:1D:5A:37:58:A0:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
61:19:11:de:b1:39:bf:9b:03:b5:cc:2b:80:95:e3:96:3b:f0:
a9:1b:56:7e:88:25:2c:02:35:df:85:c7:14:c5:58:e5:db:07:
6e:39:9c:2d:80:c4:b6:29:d7:04:d7:ed:9b:68:ca:13:aa:9a:
58:6a:3f:56:25:af:df:ca:9c:41:ab:77:78:bf:81:1e:a3:0b:
6b:72:96:4f:a1:89:d7:d1:52:be:ff:4a:ca:19:3f:fa:ce:9d:
27:33:a2:f4:8f:e4:f5:99:37:fc:25:08:c8:1e:3e:c0:a3:8b:
ef:7e:a8:5a:ca:1b:48:d9:a3:73:8a:50:2b:e5:fb:f7:e4:8f:
3c:e5:a4:cf:a9:fe:1c:d3:a3:d3:c9:13:3b:0e:23:82:29:52:
df:4c:50:91:88:c7:b1:36:c5:1a:e5:cf:e2:1e:5a:be:3e:25:
47:b2:a5:a4:50:02:79:4c:7d:80:3c:1f:77:04:c9:6c:c5:6d:
1c:e6:55:e6:0e:bc:fe:7b:ab:5f:16:8b:a1:d8:23:8a:00:44:
92:d1:3a:18:c8:c9:d2:06:ab:d5:33:da:3f:ae:d0:01:92:2f:
89:70:e8:8d:d5:ae:e4:29:2e:5a:b0:32:1a:69:a7:a3:f4:86:
c6:86:a4:f3:4c:15:56:6a:74:50:0e:d8:95:63:f2:e4:be:e6:
c6:f7:46:e6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFsC6dUNECLtux+SFSklK78RpwUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIxMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkMDU3ZjI1MmQ4MzgyZDU0MzYzMGEzNWM1MGJjZWNmZjIwNWYyNGM0MDdh
MGU3MmNjYWM2MTE1Mzk3Mjc1NmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMpe7zGhjUV6LCZePt7T68s1k3/LtsIc8mwszxdHrurV/mKohmBNOuUhoVX
JQPBKcFuFqQ1KdU/wbVIw2X/MdH40cWBFt3al1sDtIOY/rojSpzuBFFvWf5tmHpB
l4HJLiu3QzPf63Gvp/4c3AwdIQ7dWj09RrGAhMrxrAhyNeN+nUJzR/0XYxjSu1G+
SM7tf+B7bB+BK9JucKcqEbKwmZja2cJpff8euS520OIYfKjBtQugaPt+ZXgrnjK5
/cd4U8cTL1vl7GDDqqpa3XkIq4urkOmGcGgVULlVsMiowTEVe5E3oCTz5nshTu6d
9oi/iktHYR0QkAvC7Gu8PWwl/WECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ/w5QZ
Le8PvOXaQDtydh1aN1igjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3NTM5NzQtOTQ3Yy00MmM0LTg4NWItYWE5NGM0M2M1NmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
wDANBgkqhkiG9w0BAQsFAAOCAQEAYRkR3rE5v5sDtcwrgJXjljvwqRtWfoglLAI1
34XHFMVY5dsHbjmcLYDEtinXBNftm2jKE6qaWGo/ViWv38qcQat3eL+BHqMLa3KW
T6GJ19FSvv9Kyhk/+s6dJzOi9I/k9Zk3/CUIyB4+wKOL736oWsobSNmjc4pQK+X7
9+SPPOWkz6n+HNOj08kTOw4jgilS30xQkYjHsTbFGuXP4h5avj4lR7KlpFACeUx9
gDwfdwTJbMVtHOZV5g68/nurXxaLodgjigBEktE6GMjJ0gar1TPaP67QAZIviXDo
jdWu5CkuWrAyGmmno/SGxoak80wVVmp0UA7YlWPy5L7mxvdG5g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:24 2025 by rpki-client