Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a31701b-6e08-4967-83cb-76ea10ffab6d.roa
File: 1a31701b-6e08-4967-83cb-76ea10ffab6d.roa (raw, json)
Hash identifier: 6v6mmlYoB36IkyIZCuaBFNEPBQhTA3AYa3m5l910C5k=
Subject key identifier: 37:92:A3:9D:5A:CC:C1:72:C9:CF:68:4D:2C:6B:DC:24:54:39:52:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24F0225CC840A9E7F5FDBD4959B38AECA9882D9F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a31701b-6e08-4967-83cb-76ea10ffab6d.roa
Signing time: Fri 25 Apr 2025 19:20:52 +0000
ROA not before: Fri 25 Apr 2025 19:20:52 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:f0:22:5c:c8:40:a9:e7:f5:fd:bd:49:59:b3:8a:ec:a9:88:2d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:52 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=55891504cd94b40acd77b9150119d16ec9bd705cbbe550c26a62c545629b02bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:11:31:bf:ff:ab:57:7a:2e:96:54:c1:3c:b6:
ba:3e:f0:ca:8a:af:31:e8:b2:fc:28:8e:e1:24:af:
b5:98:2d:f7:74:52:db:d1:47:fb:e1:8b:1d:eb:02:
98:c1:59:dc:16:2b:48:61:60:04:7f:31:ac:85:6f:
10:02:1e:a1:52:b2:db:e3:3a:c4:9e:c4:fe:fa:af:
3b:eb:ee:e3:23:e7:91:26:9f:43:75:bb:f2:ce:f6:
ab:46:ad:c7:11:39:08:ba:30:1a:8d:f2:f2:7d:c8:
7a:e7:48:74:77:c9:63:18:6d:79:83:cc:37:62:60:
0a:c6:a6:10:8c:5a:35:7e:d7:d9:ea:90:83:6c:ea:
d3:32:30:9d:75:3c:98:4b:6e:88:3d:72:0d:c8:65:
c5:2e:f5:9d:05:5b:f8:e0:96:9a:16:e1:23:61:c4:
44:ed:63:30:49:51:7d:a1:86:c8:c8:c3:ba:b5:ba:
93:75:65:6e:aa:2c:00:29:13:20:c8:74:37:9b:07:
69:5a:95:a7:22:72:83:f6:57:a4:b7:c9:bd:9e:53:
c8:9b:ad:b3:d4:18:a3:03:a7:b3:70:0b:2f:44:d9:
24:e8:c9:29:4d:3d:98:5c:7a:1d:38:65:92:64:7b:
ae:0b:6d:08:bb:d9:3c:dd:8d:4a:72:a1:5a:7f:10:
08:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:92:A3:9D:5A:CC:C1:72:C9:CF:68:4D:2C:6B:DC:24:54:39:52:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a31701b-6e08-4967-83cb-76ea10ffab6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:6c:50:1f:3a:73:bf:0e:d7:ad:ce:d2:2a:02:45:ac:43:3b:
13:93:44:18:fb:8b:88:24:47:0c:63:3a:e2:ea:19:86:37:64:
05:a6:f5:a3:ce:90:da:89:d6:f6:f4:77:15:ff:04:c3:0f:dc:
ab:da:c3:ec:0b:18:6c:ce:fe:13:e9:92:35:f1:92:98:24:9e:
c5:a2:dc:51:bf:4e:94:7a:3d:1a:73:d8:24:ef:00:7e:4e:11:
f0:38:fc:06:bb:91:15:7a:10:7d:6c:f3:d1:08:2a:ce:08:c7:
5c:1d:bb:35:37:15:64:8b:17:cb:cb:eb:96:ad:68:84:d6:38:
71:7d:0e:b5:e6:90:72:33:b6:2b:a9:58:13:99:67:f1:42:73:
f5:7f:f4:f5:79:4e:60:90:ce:7f:61:ad:d5:2f:05:18:18:b6:
c4:c1:b9:33:dc:90:6c:de:a6:b5:4f:d7:32:e2:cd:5b:50:34:
9b:24:2b:81:32:c3:ec:c6:0a:0b:30:d0:c7:a5:ec:51:43:cf:
cb:b3:6d:bc:b9:bb:37:06:d3:7b:85:2f:9b:8e:b9:a2:a3:0c:
95:80:e0:fd:6f:2d:10:82:91:ee:60:33:aa:85:2d:12:24:09:
ed:ff:6c:c7:75:47:ff:e8:02:c8:6a:68:bc:67:35:30:bd:8d:
44:0c:ad:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJPAiXMhAqef1/b1JWbOK7KmILZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwNTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1ODkxNTA0Y2Q5NGI0MGFjZDc3YjkxNTAxMTlkMTZlYzliZDcwNWNiYmU1
NTBjMjZhNjJjNTQ1NjI5YjAyYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0RMb//q1d6LpZUwTy2uj7wyoqvMeiy/CiO4SSvtZgt93RS29FH++GLHesC
mMFZ3BYrSGFgBH8xrIVvEAIeoVKy2+M6xJ7E/vqvO+vu4yPnkSafQ3W78s72q0at
xxE5CLowGo3y8n3IeudIdHfJYxhteYPMN2JgCsamEIxaNX7X2eqQg2zq0zIwnXU8
mEtuiD1yDchlxS71nQVb+OCWmhbhI2HERO1jMElRfaGGyMjDurW6k3VlbqosACkT
IMh0N5sHaVqVpyJyg/ZXpLfJvZ5TyJuts9QYowOns3ALL0TZJOjJKU09mFx6HThl
kmR7rgttCLvZPN2NSnKhWn8QCCsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3kqOd
WszBcsnPaE0sa9wkVDlSlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWEzMTcwMWItNmUwOC00OTY3LTgzY2ItNzZlYTEwZmZhYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWg
MA0GCSqGSIb3DQEBCwUAA4IBAQA+bFAfOnO/DtetztIqAkWsQzsTk0QY+4uIJEcM
Yzri6hmGN2QFpvWjzpDaidb29HcV/wTDD9yr2sPsCxhszv4T6ZI18ZKYJJ7FotxR
v06Uej0ac9gk7wB+ThHwOPwGu5EVehB9bPPRCCrOCMdcHbs1NxVkixfLy+uWrWiE
1jhxfQ615pByM7YrqVgTmWfxQnP1f/T1eU5gkM5/Ya3VLwUYGLbEwbkz3JBs3qa1
T9cy4s1bUDSbJCuBMsPsxgoLMNDHpexRQ8/Ls228ubs3BtN7hS+bjrmiowyVgOD9
by0QgpHuYDOqhS0SJAnt/2zHdUf/6ALIami8ZzUwvY1EDK0f
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:31 2025 by rpki-client