Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa
File: fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa (raw, json)
Hash identifier: yTm4jhJwioTiBvc7eG7d34vM0k2gDT/UsE6WBjOJl1U=
Subject key identifier: 5C:60:12:5C:A8:83:4A:56:40:B1:3A:06:A3:A7:3E:24:88:B9:54:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49FFBA85AEB561B54CA36E26645D7B858728F0F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa
Signing time: Tue 20 May 2025 18:50:55 +0000
ROA not before: Tue 20 May 2025 18:50:55 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ff:ba:85:ae:b5:61:b5:4c:a3:6e:26:64:5d:7b:85:87:28:f0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:55 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=50615f570fe98d9bf8d89e42c86153ee1886cdfc6ac38fa1f3ca886474777cfb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:6a:cb:5e:d1:e8:40:9d:a1:d1:03:af:ca:59:
93:d3:16:ff:10:44:aa:ae:e1:17:49:67:4b:94:2c:
26:64:bb:5e:62:8e:88:55:8f:80:6d:9f:46:54:2d:
03:4e:3d:f6:1c:8d:d8:bb:81:d1:5d:a6:ff:b5:27:
b8:b1:9a:fd:98:e6:bd:a3:cb:07:65:a1:ee:8a:b8:
e9:2a:6e:21:50:95:62:1a:69:6d:d4:60:45:9d:f4:
90:c1:64:56:09:c0:7e:6f:04:fa:05:9a:95:8f:3f:
88:f1:3e:75:4b:f0:5a:b5:76:3f:fe:95:f0:f9:2f:
ea:30:c3:3b:91:91:60:3f:ef:1e:a7:ea:0a:1e:04:
f4:55:78:b4:b8:1e:85:02:16:29:64:e6:db:22:f9:
5a:24:87:d7:a6:39:d7:6a:79:f4:d4:23:b5:79:88:
5a:c8:60:8f:9e:13:6c:3c:a4:7c:33:1b:68:4e:cd:
7d:28:09:0a:34:00:55:7c:ac:14:23:45:8b:c1:4b:
bc:b6:91:57:00:bd:6c:d8:36:1b:07:79:32:05:55:
89:b1:d1:53:63:c0:a1:b9:b3:95:e3:24:54:ef:6f:
c7:d4:d4:68:7e:f9:a7:cd:96:a1:2f:69:05:c4:45:
8e:dd:cf:61:91:28:65:6f:d4:29:15:be:92:f0:b4:
ea:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:60:12:5C:A8:83:4A:56:40:B1:3A:06:A3:A7:3E:24:88:B9:54:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2080::/48
Signature Algorithm: sha256WithRSAEncryption
96:6e:47:1d:a5:6e:61:58:ef:15:5c:ec:ad:47:42:93:c9:f9:
aa:63:6e:62:fa:5b:73:cb:b3:22:bb:0f:40:3a:37:02:9c:6f:
21:a3:a6:52:0d:9d:9b:27:98:b2:b2:f7:2e:13:2e:ef:05:69:
d0:05:7c:f1:f2:55:a5:16:40:4c:23:9a:03:aa:db:90:67:df:
a4:c9:82:f4:a1:a4:7a:ca:37:b2:fe:2e:e6:cf:ab:02:b0:58:
92:07:bc:de:0e:3b:28:8f:f2:23:25:02:d9:48:42:72:2f:65:
11:7e:e4:f7:1c:fd:2e:54:5a:94:3f:ce:80:a5:f6:2d:d1:28:
5b:03:a2:ce:c9:48:dd:05:25:e0:56:7c:ea:fe:1e:08:a9:9a:
b8:2b:f4:71:7e:bb:c5:51:66:32:08:30:6e:7b:3e:18:57:6d:
fb:d5:7e:dc:44:98:68:41:61:8b:9d:59:a6:62:29:04:10:1b:
71:3b:c2:5b:90:c0:a1:c6:45:c8:27:d5:41:0e:22:cf:90:32:
6a:a8:d4:3c:18:fe:e9:d0:f1:58:ff:d3:f2:a5:f9:3d:ce:9d:
cd:98:94:ac:80:e3:7a:77:fb:97:b2:d6:4a:60:65:83:bf:32:
48:85:87:c8:05:57:e1:62:96:64:d0:c1:36:57:07:a7:25:93:
86:87:ca:13
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSf+6ha61YbVMo24mZF17hYco8PIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwNTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwNjE1ZjU3MGZlOThkOWJmOGQ4OWU0MmM4NjE1M2VlMTg4NmNkZmM2YWMz
OGZhMWYzY2E4ODY0NzQ3NzdjZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPFqy17R6ECdodEDr8pZk9MW/xBEqq7hF0lnS5QsJmS7XmKOiFWPgG2fRlQt
A0499hyN2LuB0V2m/7UnuLGa/ZjmvaPLB2Wh7oq46SpuIVCVYhppbdRgRZ30kMFk
VgnAfm8E+gWalY8/iPE+dUvwWrV2P/6V8Pkv6jDDO5GRYD/vHqfqCh4E9FV4tLge
hQIWKWTm2yL5WiSH16Y512p59NQjtXmIWshgj54TbDykfDMbaE7NfSgJCjQAVXys
FCNFi8FLvLaRVwC9bNg2Gwd5MgVVibHRU2PAobmzleMkVO9vx9TUaH75p82WoS9p
BcRFjt3PYZEoZW/UKRW+kvC06lECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcYBJc
qINKVkCxOgajpz4kiLlUUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmI5ZDQ3MTYtYmYwZi00MGU1LWJlYjEtNGVhNWVmMDFiZDFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
gDANBgkqhkiG9w0BAQsFAAOCAQEAlm5HHaVuYVjvFVzsrUdCk8n5qmNuYvpbc8uz
IrsPQDo3ApxvIaOmUg2dmyeYsrL3LhMu7wVp0AV88fJVpRZATCOaA6rbkGffpMmC
9KGkeso3sv4u5s+rArBYkge83g47KI/yIyUC2UhCci9lEX7k9xz9LlRalD/OgKX2
LdEoWwOizslI3QUl4FZ86v4eCKmauCv0cX67xVFmMggwbns+GFdt+9V+3ESYaEFh
i51ZpmIpBBAbcTvCW5DAocZFyCfVQQ4iz5AyaqjUPBj+6dDxWP/T8qX5Pc6dzZiU
rIDjenf7l7LWSmBlg78ySIWHyAVX4WKWZNDBNlcHpyWThofKEw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:51 2025 by rpki-client