Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4a512a3-4257-431f-b201-8d747948cebb.roa
File: d4a512a3-4257-431f-b201-8d747948cebb.roa (raw, json)
Hash identifier: S7KLBUY+GDfLjK6F3bLK8XNvb2gvDl0hOlFhNgdxmqI=
Subject key identifier: 3A:17:9F:89:F9:64:CE:DF:E1:B0:51:CD:52:07:B2:12:8E:6C:48:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D8035D4FF5AD8A5D2FAB5B1F0EA8B9C8F2CE2A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4a512a3-4257-431f-b201-8d747948cebb.roa
Signing time: Tue 20 May 2025 18:50:03 +0000
ROA not before: Tue 20 May 2025 18:50:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:80:35:d4:ff:5a:d8:a5:d2:fa:b5:b1:f0:ea:8b:9c:8f:2c:e2:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:50:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c51af23bba25102b5c7f1480dbcb381fe994e003a6ca7b5d57e8398bf58511e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b1:74:9d:7c:2f:81:9f:7e:63:ab:89:4a:4a:
22:6c:25:ff:8e:b6:09:cd:32:af:57:ea:a8:f4:03:
d6:46:c0:04:8d:84:ce:72:ba:40:9e:87:06:8e:50:
f6:58:16:dc:e3:56:3f:dd:90:e6:7c:21:81:db:9f:
fe:76:e5:d5:1a:db:37:f6:16:90:38:01:37:7d:f5:
ca:f9:8d:98:d9:91:2f:c6:fb:18:9f:07:05:48:90:
a4:da:93:fa:57:7e:1a:28:63:5d:1f:02:cf:cd:bc:
68:bb:28:ed:1b:b6:40:ac:61:a6:cb:fb:20:35:78:
ea:9f:52:97:3d:f8:71:31:fc:6b:70:b6:0d:5b:f2:
68:58:8d:94:d8:ab:d4:f7:f3:7e:3f:10:99:b1:d7:
3e:f9:cf:d8:56:4d:67:fd:df:ae:fd:cd:64:1d:de:
d8:6e:da:8c:89:4a:81:e4:e2:c6:59:72:97:0e:ef:
cf:0c:09:f7:29:4b:aa:d6:26:6d:e1:7f:a0:22:c9:
1f:b7:79:c5:9a:fd:ec:b1:7f:11:4d:46:0a:82:63:
18:1b:66:0b:57:f3:87:00:fb:70:ca:b6:a9:4a:c7:
80:c0:57:d5:16:4c:63:f6:8e:84:26:64:44:82:cf:
86:21:c3:32:d1:e6:98:d9:54:d0:78:14:db:3b:37:
07:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:17:9F:89:F9:64:CE:DF:E1:B0:51:CD:52:07:B2:12:8E:6C:48:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4a512a3-4257-431f-b201-8d747948cebb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
26:fa:73:2d:a2:00:59:45:48:dc:12:46:85:f6:d0:6b:7c:1f:
6d:4c:ce:2f:54:1f:dc:35:35:9e:c8:e4:6b:bd:7d:5a:c7:6e:
d9:5e:38:37:0d:d9:3c:03:46:ed:be:ea:09:48:05:d0:b4:b7:
42:55:9d:fa:59:56:a8:70:24:98:ce:b3:6b:ec:48:44:0f:64:
70:ed:31:1c:4f:75:1e:ea:77:e7:d0:90:67:b7:60:41:d3:95:
17:04:ff:86:9e:d1:df:8c:f7:70:9c:eb:57:9e:25:95:db:03:
5f:29:24:f4:b3:14:66:f7:1d:de:40:ca:e6:97:5f:c0:e1:48:
2a:a4:bf:df:97:d2:e1:36:2a:6e:ea:5b:69:82:9b:e5:d2:21:
80:fd:ee:4c:8e:3b:af:bd:b0:cd:f1:62:9c:0a:4c:e9:2b:2b:
b8:40:b2:0a:43:e3:f5:f7:f1:a1:e0:ad:48:42:ee:04:5b:33:
52:26:32:2f:9d:68:00:a4:f1:ac:29:e8:fa:e1:e4:49:06:94:
53:3a:4e:70:92:99:07:e1:e1:20:82:7e:15:92:02:c8:cb:72:
7c:f2:a5:a2:a3:74:f0:23:24:80:a2:e5:f3:8d:4e:55:bb:50:
c3:e0:bd:cf:2f:4f:8d:16:9d:3e:5b:5f:8a:62:8a:fe:74:37:
75:87:b9:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTYA11P9a2KXS+rWx8OqLnI8s4qAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUwMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1MWFmMjNiYmEyNTEwMmI1YzdmMTQ4MGRiY2IzODFmZTk5NGUwMDNhNmNh
N2I1ZDU3ZTgzOThiZjU4NTExZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOxdJ18L4GffmOriUpKImwl/462Cc0yr1fqqPQD1kbABI2EznK6QJ6HBo5Q
9lgW3ONWP92Q5nwhgduf/nbl1RrbN/YWkDgBN331yvmNmNmRL8b7GJ8HBUiQpNqT
+ld+GihjXR8Cz828aLso7Ru2QKxhpsv7IDV46p9Slz34cTH8a3C2DVvyaFiNlNir
1Pfzfj8QmbHXPvnP2FZNZ/3frv3NZB3e2G7ajIlKgeTixllylw7vzwwJ9ylLqtYm
beF/oCLJH7d5xZr97LF/EU1GCoJjGBtmC1fzhwD7cMq2qUrHgMBX1RZMY/aOhCZk
RILPhiHDMtHmmNlU0HgU2zs3BzcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ6F5+J
+WTO3+GwUc1SB7ISjmxIqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDRhNTEyYTMtNDI1Ny00MzFmLWIyMDEtOGQ3NDc5NDhjZWJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
wDANBgkqhkiG9w0BAQsFAAOCAQEAJvpzLaIAWUVI3BJGhfbQa3wfbUzOL1Qf3DU1
nsjka719Wsdu2V44Nw3ZPANG7b7qCUgF0LS3QlWd+llWqHAkmM6za+xIRA9kcO0x
HE91Hup359CQZ7dgQdOVFwT/hp7R34z3cJzrV54lldsDXykk9LMUZvcd3kDK5pdf
wOFIKqS/35fS4TYqbupbaYKb5dIhgP3uTI47r72wzfFinApM6SsruECyCkPj9ffx
oeCtSELuBFszUiYyL51oAKTxrCno+uHkSQaUUzpOcJKZB+HhIIJ+FZICyMtyfPKl
oqN08CMkgKLl841OVbtQw+C9zy9PjRadPltfimKK/nQ3dYe59g==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:48 2025 by rpki-client