Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: BZ+KMJWS4lb5CY/fbvftxnDfxt+7I1cGKSZXPgtr2cQ=
Subject key identifier: 62:41:E5:83:23:C2:F9:91:67:8D:D8:B4:8B:C2:62:84:55:04:5F:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69643C408AC074D84A604751A94AFC9AFBA9E79C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Tue 20 May 2025 20:30:25 +0000
ROA not before: Tue 20 May 2025 20:30:25 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:64:3c:40:8a:c0:74:d8:4a:60:47:51:a9:4a:fc:9a:fb:a9:e7:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:25 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=780927172556f2b4162230d0ca0626b5451b82e95781311104838cc907991ee0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d3:06:2e:4c:9c:57:38:e4:80:90:c9:c9:c1:
16:a4:68:89:9b:9e:81:23:06:51:76:a8:a3:19:63:
70:93:16:17:5f:b0:bc:4b:0a:29:b4:f3:ad:c1:45:
36:ea:13:7d:fd:32:aa:5a:80:3e:51:3e:ea:19:69:
4e:83:67:83:e7:83:97:dc:81:91:36:28:c5:fc:22:
f2:67:93:6a:04:09:cf:72:02:2e:c6:3e:64:03:3c:
de:e4:20:24:45:3f:1f:1b:a6:88:ec:97:5d:d8:28:
52:35:ef:7b:50:76:aa:a0:67:10:b5:aa:33:de:e4:
f4:02:b7:d7:65:03:4e:fb:a8:3f:33:4b:94:6b:04:
4f:7e:cb:d5:31:0e:83:76:17:32:2a:d3:7b:1f:a9:
7d:c0:95:c6:01:61:67:cf:b2:8d:4e:0f:b8:e4:7b:
a2:74:01:b2:86:ea:17:bd:f0:e5:fe:c5:36:c6:5b:
c3:86:33:45:45:77:5d:b0:9e:5c:5f:85:40:e2:20:
0a:3b:26:19:73:23:86:b7:5a:11:fd:03:66:f1:ca:
26:99:aa:3c:2f:4b:52:d4:e0:37:6e:33:3b:71:45:
35:7b:bb:5c:28:5f:3c:fc:22:3b:fa:38:97:30:de:
38:67:1f:d0:99:12:4a:e2:c9:e4:8c:6c:cc:61:2f:
1a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:41:E5:83:23:C2:F9:91:67:8D:D8:B4:8B:C2:62:84:55:04:5F:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
77:91:1f:1c:dd:f1:5d:a5:25:e2:65:0a:10:b9:27:93:08:ed:
46:0f:5b:4c:90:9b:b2:42:af:a3:6f:01:2f:86:d1:32:04:aa:
fc:c6:77:b3:e6:64:f4:51:30:59:c7:52:36:03:76:d6:3a:c5:
c9:bb:6c:a2:43:15:5f:b3:cc:73:7f:ef:09:61:5a:b2:ad:c8:
88:43:85:ea:23:fe:21:19:98:74:e8:3e:ef:95:56:dd:06:3e:
fd:27:ce:7e:df:c2:46:78:cd:e5:f2:09:55:36:41:84:e9:20:
36:c3:70:14:5d:a7:70:51:39:c9:95:d2:06:bf:d4:46:13:ea:
b0:28:d3:22:43:15:5a:c4:9b:2c:e3:c1:11:80:8c:1e:5e:23:
04:de:fd:da:3d:94:ab:69:b7:f6:f7:62:c0:b1:ca:ed:05:64:
84:bf:ec:f4:12:2d:23:12:36:64:18:ac:1f:30:e6:5d:7e:5b:
6e:10:0b:22:7f:40:38:4a:e9:32:50:5d:28:84:52:f1:c4:29:
98:d9:b2:a2:cf:47:ad:7e:95:89:18:c3:cb:af:03:83:cf:06:
a5:e8:90:94:d0:ec:79:b0:45:82:ba:8b:b5:0b:59:69:33:9a:
e9:12:9c:85:60:3f:ea:5f:57:5c:c6:5f:75:25:2b:5b:6b:25:
f5:da:99:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaWQ8QIrAdNhKYEdRqUr8mvup55wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwMjVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MDkyNzE3MjU1NmYyYjQxNjIyMzBkMGNhMDYyNmI1NDUxYjgyZTk1Nzgx
MzExMTA0ODM4Y2M5MDc5OTFlZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPbTBi5MnFc45ICQycnBFqRoiZuegSMGUXaooxljcJMWF1+wvEsKKbTzrcFF
NuoTff0yqlqAPlE+6hlpToNng+eDl9yBkTYoxfwi8meTagQJz3ICLsY+ZAM83uQg
JEU/HxumiOyXXdgoUjXve1B2qqBnELWqM97k9AK312UDTvuoPzNLlGsET37L1TEO
g3YXMirTex+pfcCVxgFhZ8+yjU4PuOR7onQBsobqF73w5f7FNsZbw4YzRUV3XbCe
XF+FQOIgCjsmGXMjhrdaEf0DZvHKJpmqPC9LUtTgN24zO3FFNXu7XChfPPwiO/o4
lzDeOGcf0JkSSuLJ5IxszGEvGmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRiQeWD
I8L5kWeN2LSLwmKEVQRfZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQB3kR8c3fFdpSXiZQoQuSeTCO1GD1tMkJuyQq+j
bwEvhtEyBKr8xnez5mT0UTBZx1I2A3bWOsXJu2yiQxVfs8xzf+8JYVqyrciIQ4Xq
I/4hGZh06D7vlVbdBj79J85+38JGeM3l8glVNkGE6SA2w3AUXadwUTnJldIGv9RG
E+qwKNMiQxVaxJss48ERgIweXiME3v3aPZSrabf292LAscrtBWSEv+z0Ei0jEjZk
GKwfMOZdfltuEAsif0A4SukyUF0ohFLxxCmY2bKiz0etfpWJGMPLrwODzwal6JCU
0Ox5sEWCuou1C1lpM5rpEpyFYD/qX1dcxl91JStbayX12pn0
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:56 2025 by rpki-client