Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
File: 1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa (raw, json)
Hash identifier: eGyGt7wV5ymXkF9fJ/jLyEVNGucxKTWSGQf9yo5JwZk=
Subject key identifier: 7B:3A:3D:49:B1:10:61:C0:7B:A0:86:52:8E:A2:EC:87:E3:2E:BD:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36F195D5B2B70D2709310DD7156E60A7325289CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
Signing time: Fri 23 May 2025 00:41:13 +0000
ROA not before: Fri 23 May 2025 00:41:13 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:f1:95:d5:b2:b7:0d:27:09:31:0d:d7:15:6e:60:a7:32:52:89:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:13 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=805f77f6cb74873dbbc056983b6035b3af255a9fa0cf71bb94d11f7380559c26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:af:7c:47:37:72:b4:7d:e8:71:d0:bc:28:ae:
40:30:41:a5:54:b7:8f:4d:2d:a9:8b:f0:98:ee:1c:
87:43:9f:85:b3:34:92:b3:8a:77:ef:12:9d:e5:3e:
23:53:05:44:3d:40:54:d1:c2:df:00:bd:69:4e:95:
82:49:53:57:f1:6f:a1:3e:f6:9e:81:0f:b8:28:c5:
3d:a7:fb:21:dd:67:4d:13:d1:77:ac:9a:0a:5a:91:
97:52:1c:19:89:a2:fe:8d:1e:00:fe:f0:86:cf:64:
98:57:82:18:3c:f7:cc:ee:e3:19:16:3a:a3:4a:6b:
48:82:25:27:f0:6a:59:d7:fd:bc:cf:07:20:c6:bd:
7e:35:06:1d:43:11:bf:70:37:d6:76:59:b2:92:6b:
2e:9c:f2:75:c9:c1:dc:39:a2:ab:2d:4d:69:e9:e6:
0a:5e:3b:cb:13:6f:8f:00:59:97:b1:f2:38:45:f8:
0b:5f:2e:04:16:86:6b:83:f2:73:ee:56:db:6a:b5:
34:28:3c:a1:24:9e:8b:b9:90:34:4b:82:ef:6d:22:
5b:4e:49:2f:15:0f:43:71:fe:4e:30:f1:b4:55:f8:
60:dd:ae:4e:e7:42:cb:1a:73:59:21:cd:b1:a7:95:
d6:ff:b6:e6:4b:74:d4:d2:1f:b3:33:f0:f9:2e:e3:
f8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:3A:3D:49:B1:10:61:C0:7B:A0:86:52:8E:A2:EC:87:E3:2E:BD:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:c6:87:c2:35:79:b4:cd:22:01:e2:84:fa:e2:7c:2d:66:69:
ce:52:58:44:d1:2f:4c:91:f0:71:f8:d7:79:36:7b:6d:ad:33:
fe:1b:3a:99:c5:a9:cd:dd:cf:21:9d:2a:06:44:b2:ce:1a:55:
4f:c0:e4:28:2a:f2:8b:a8:77:be:7b:9a:cb:f3:99:32:7b:d0:
a9:c8:b2:59:59:fe:ee:97:f1:70:a0:e2:dd:62:9c:d2:57:34:
a0:c8:0a:5a:64:11:a5:c1:e2:13:f3:ae:dc:9b:f4:c0:6a:65:
7e:a2:e9:ab:b6:cb:e1:84:ef:01:4e:8d:e2:85:f8:55:84:bd:
e0:86:ac:0d:06:41:0a:48:af:03:47:86:aa:eb:01:55:84:19:
02:f6:21:25:1e:b1:9d:c1:89:4a:cd:7d:7c:e3:6f:f8:cf:da:
ea:bc:22:f0:f0:2f:73:e5:20:51:31:fa:fe:b7:85:28:ca:65:
c8:4d:f2:a4:4a:da:81:c5:0c:e7:65:75:20:68:a9:56:0a:b5:
0d:55:cd:82:75:0f:d4:42:4c:4a:90:77:c2:17:ed:ae:63:b8:
50:18:11:3d:7b:c7:a1:46:51:1f:99:28:8f:e2:38:c6:df:5c:
f4:1a:01:99:1c:92:fa:e1:33:8e:91:e9:a3:12:e6:86:9e:fd:
c1:9a:93:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNvGV1bK3DScJMQ3XFW5gpzJSicwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMTNaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNWY3N2Y2Y2I3NDg3M2RiYmMwNTY5ODNiNjAzNWIzYWYyNTVhOWZhMGNm
NzFiYjk0ZDExZjczODA1NTljMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2vfEc3crR96HHQvCiuQDBBpVS3j00tqYvwmO4ch0OfhbM0krOKd+8SneU+
I1MFRD1AVNHC3wC9aU6VgklTV/FvoT72noEPuCjFPaf7Id1nTRPRd6yaClqRl1Ic
GYmi/o0eAP7whs9kmFeCGDz3zO7jGRY6o0prSIIlJ/BqWdf9vM8HIMa9fjUGHUMR
v3A31nZZspJrLpzydcnB3Dmiqy1NaenmCl47yxNvjwBZl7HyOEX4C18uBBaGa4Py
c+5W22q1NCg8oSSei7mQNEuC720iW05JLxUPQ3H+TjDxtFX4YN2uTudCyxpzWSHN
saeV1v+25kt01NIfszPw+S7j+OkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7Oj1J
sRBhwHughlKOouyH4y69YzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWNjZmEzNjQtMDdhYi00YTVlLTgxYTktOTlmOWQ2YjNhMDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQAsxofCNXm0zSIB4oT64nwtZmnOUlhE0S9MkfBx
+Nd5NnttrTP+GzqZxanN3c8hnSoGRLLOGlVPwOQoKvKLqHe+e5rL85kye9CpyLJZ
Wf7ul/FwoOLdYpzSVzSgyApaZBGlweIT867cm/TAamV+oumrtsvhhO8BTo3ihfhV
hL3ghqwNBkEKSK8DR4aq6wFVhBkC9iElHrGdwYlKzX1842/4z9rqvCLw8C9z5SBR
Mfr+t4UoymXITfKkStqBxQznZXUgaKlWCrUNVc2CdQ/UQkxKkHfCF+2uY7hQGBE9
e8ehRlEfmSiP4jjG31z0GgGZHJL64TOOkemjEuaGnv3BmpPt
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:44 2025 by rpki-client