Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
File: 182e091e-259f-44bd-bb67-c5e36fa6958b.roa (raw, json)
Hash identifier: fjLWEn9KxjZxkN1wYn2ev+zDch/0huDnJ7q5eEkjWMg=
Subject key identifier: DC:55:37:8B:7B:79:B3:69:AA:07:5D:2A:4B:B2:BF:F9:35:EE:28:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B6CE77A4EDC113AD8064A36AC62E3622B3110F0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
Signing time: Tue 20 May 2025 20:30:50 +0000
ROA not before: Tue 20 May 2025 20:30:50 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:6c:e7:7a:4e:dc:11:3a:d8:06:4a:36:ac:62:e3:62:2b:31:10:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:50 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=306325f5f60b0ecedebb176431a0a53098b2dca4b2a2751d5a948517936cc1ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a9:e0:e2:0f:83:50:a4:42:31:3c:ce:7a:27:
0e:99:9f:1a:53:5e:36:9a:40:cc:d7:d4:ca:ef:44:
7f:ad:ca:dc:ca:d8:40:5b:1f:50:96:fb:1d:de:82:
82:ac:af:e4:f5:6d:00:74:0d:b1:ed:5c:ef:c5:7e:
bb:9d:1c:59:ec:06:6b:20:36:3f:24:17:73:80:d4:
0d:5f:0e:ed:97:a5:97:bd:96:b8:3c:4d:d8:00:3d:
6c:ae:c5:b2:5b:55:c6:0a:5d:88:ea:11:0b:e5:22:
f6:a4:c9:d4:b6:59:09:1d:5b:79:22:9d:16:7a:60:
f2:06:9b:f7:ee:23:00:fb:94:ee:1a:18:17:6f:86:
32:af:06:1a:b0:2e:73:14:80:b4:c5:9b:2a:de:88:
3e:6d:50:a2:6f:8a:86:7c:fe:62:4d:c7:41:81:63:
b1:af:e1:9c:d2:fe:1d:18:79:3c:16:70:6e:3f:a1:
1d:c1:81:79:12:d8:bc:ea:68:59:86:33:be:d6:e4:
31:7b:50:2e:b7:e2:cb:db:37:5b:36:61:49:59:84:
78:4f:76:06:3c:0f:90:fa:95:0a:67:41:aa:93:34:
98:fd:1b:c7:69:db:f2:d7:69:80:61:cc:c8:4a:4a:
9f:2f:54:9d:bc:b3:21:d7:73:04:99:cc:dd:fa:0a:
d2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:55:37:8B:7B:79:B3:69:AA:07:5D:2A:4B:B2:BF:F9:35:EE:28:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:400::/38
Signature Algorithm: sha256WithRSAEncryption
35:da:af:e2:ee:00:23:ed:77:eb:2c:fc:ae:08:c1:c6:34:b8:
03:04:db:de:79:21:3c:83:f0:64:99:15:a3:15:48:0f:8a:cc:
75:69:ba:bb:51:8c:74:54:20:29:ac:f9:c2:64:3b:fa:30:63:
a9:0c:90:52:88:9c:40:d4:cf:b1:c6:c1:c3:33:21:4d:46:1f:
97:79:ab:ea:90:33:1a:6f:46:9f:68:a8:08:81:b5:f2:e0:71:
cf:d4:09:78:71:f0:c1:09:96:6a:44:23:03:a0:9b:b9:99:32:
b7:e1:a2:fe:3f:a6:ef:0d:de:7f:27:fe:7b:fd:04:a8:b3:67:
8d:9b:8b:2e:e2:7c:19:f2:98:8c:9c:28:a8:fe:c0:3a:8a:05:
b5:89:35:9d:61:40:62:52:6b:68:8a:46:db:0a:2f:13:f1:6e:
f5:ce:7c:03:df:12:5e:d1:f0:42:96:8f:90:c0:c2:00:90:5b:
a1:ec:f1:b5:d1:8a:79:f9:c0:c9:26:15:07:de:55:f6:b2:82:
86:b6:da:32:dd:57:44:c0:24:71:a0:83:3f:80:24:6b:a4:74:
97:34:e3:f0:1e:10:20:84:63:ad:b9:c6:2c:3a:40:7c:a7:9a:
57:ae:d8:74:3f:2c:3f:5d:2d:d2:7b:ab:a9:11:b6:bd:55:19:
1b:d9:23:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO2znek7cETrYBko2rGLjYisxEPAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwNTBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwNjMyNWY1ZjYwYjBlY2VkZWJiMTc2NDMxYTBhNTMwOThiMmRjYTRiMmEy
NzUxZDVhOTQ4NTE3OTM2Y2MxYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJip4OIPg1CkQjE8znonDpmfGlNeNppAzNfUyu9Ef63K3MrYQFsfUJb7Hd6C
gqyv5PVtAHQNse1c78V+u50cWewGayA2PyQXc4DUDV8O7Zell72WuDxN2AA9bK7F
sltVxgpdiOoRC+Ui9qTJ1LZZCR1beSKdFnpg8gab9+4jAPuU7hoYF2+GMq8GGrAu
cxSAtMWbKt6IPm1Qom+Khnz+Yk3HQYFjsa/hnNL+HRh5PBZwbj+hHcGBeRLYvOpo
WYYzvtbkMXtQLrfiy9s3WzZhSVmEeE92BjwPkPqVCmdBqpM0mP0bx2nb8tdpgGHM
yEpKny9UnbyzIddzBJnM3foK0jECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcVTeL
e3mzaaoHXSpLsr/5Ne4o5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgyZTA5MWUtMjU5Zi00NGJkLWJiNjctYzVlMzZmYTY5NThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwE
MA0GCSqGSIb3DQEBCwUAA4IBAQA12q/i7gAj7XfrLPyuCMHGNLgDBNveeSE8g/Bk
mRWjFUgPisx1abq7UYx0VCAprPnCZDv6MGOpDJBSiJxA1M+xxsHDMyFNRh+Xeavq
kDMab0afaKgIgbXy4HHP1Al4cfDBCZZqRCMDoJu5mTK34aL+P6bvDd5/J/57/QSo
s2eNm4su4nwZ8piMnCio/sA6igW1iTWdYUBiUmtoikbbCi8T8W71znwD3xJe0fBC
lo+QwMIAkFuh7PG10Yp5+cDJJhUH3lX2soKGttoy3VdEwCRxoIM/gCRrpHSXNOPw
HhAghGOtucYsOkB8p5pXrth0Pyw/XS3Se6upEba9VRkb2SPG
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:50 2025 by rpki-client