Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
File: 24b496aa-161c-4d5d-a9ca-3ba09772390a.roa (raw, json)
Hash identifier: A3dr/yQ4pvxpO9OyHJINwGN3RSIzurFx+xIgtRf9WOM=
Subject key identifier: 85:8F:92:D6:5E:F5:E1:9D:03:85:85:1A:B5:69:2E:E0:18:01:EE:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FEDBC4A2BF095C35AFE74BF2F35129A41E4B317
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
Signing time: Tue 20 May 2025 20:10:16 +0000
ROA not before: Tue 20 May 2025 20:10:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:ed:bc:4a:2b:f0:95:c3:5a:fe:74:bf:2f:35:12:9a:41:e4:b3:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=564c5e683c928b0021f2e9d13073b344eede984907b85e7b015052fbc3048406, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:64:c1:52:9c:9a:de:10:09:e5:12:38:a3:e7:
3e:99:46:99:bf:2d:1a:6d:cb:0c:bd:09:4b:63:9a:
30:76:37:a8:13:8b:1c:9e:59:b7:0e:90:5c:0d:b0:
31:7b:76:38:be:d7:f4:ef:53:aa:de:03:e4:08:51:
07:4d:a9:ae:5b:b1:36:8f:f9:70:ee:6f:84:71:b5:
7b:0f:d6:f4:59:b8:3c:c6:d5:2e:bc:fa:0e:de:cc:
51:88:1a:f2:49:50:88:c8:fd:ad:72:64:ae:fe:01:
e1:d1:ab:5c:f3:5f:09:b7:6a:79:fa:d5:b3:21:eb:
a3:f8:c9:99:a9:68:03:d7:84:3c:ed:75:12:03:3e:
7d:7a:5e:74:86:ba:1b:84:34:43:3a:1e:cc:d5:cf:
2b:8d:6e:f7:cd:f8:99:67:de:b1:96:06:79:15:9b:
b6:ff:f6:9a:5e:b9:2d:70:84:fb:62:23:f4:4b:ad:
b5:f9:11:8a:b5:1b:f9:f1:69:97:0d:ad:68:58:f8:
f0:ed:3a:2e:6f:72:f6:23:0f:a0:33:1b:8c:89:89:
6f:cd:e0:62:c4:38:61:b1:eb:51:ee:8d:70:0f:28:
55:7b:d4:b6:6d:f8:d0:e9:8a:80:5b:fa:c3:f5:9b:
f6:3c:87:ed:97:f3:ff:5e:d3:71:ce:d8:a2:44:ed:
a2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8F:92:D6:5E:F5:E1:9D:03:85:85:1A:B5:69:2E:E0:18:01:EE:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24b496aa-161c-4d5d-a9ca-3ba09772390a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:6000::/40
Signature Algorithm: sha256WithRSAEncryption
07:a1:09:28:ab:27:fd:8f:b3:eb:ef:1e:75:e1:d0:4a:59:e5:
c7:f4:96:da:18:f8:0b:d6:32:12:83:a3:a7:60:31:63:3c:d3:
98:a0:10:00:79:87:e0:22:8e:84:42:62:45:41:8f:f9:e1:cc:
aa:82:da:16:ea:5e:30:be:af:82:68:90:79:c4:a3:5e:f1:2f:
3b:0c:48:f6:2f:a4:be:1f:a4:b6:16:e4:9c:97:5a:63:aa:ec:
c3:82:16:12:ad:c2:2b:5a:d1:70:6b:19:e1:95:28:45:2b:56:
18:f2:15:ed:9a:38:be:cf:d8:ee:93:5f:d2:09:75:c6:d3:88:
b1:b4:75:e8:77:3d:fd:b1:3a:88:f7:31:30:ad:22:45:f8:b2:
72:a3:77:e7:31:e8:82:70:7e:9f:79:51:be:85:b7:5b:7a:56:
12:5e:e9:78:da:3d:ac:55:26:c4:63:96:a3:99:60:49:2b:9b:
6e:6d:d1:68:c5:20:de:78:07:46:2b:e1:17:9a:37:65:a7:c1:
be:12:60:d6:bc:47:55:71:a1:4b:ff:84:7d:d0:1f:02:76:37:
e4:be:43:0f:ac:4b:1f:0a:70:8c:ca:80:61:5b:4f:93:1c:41:
a1:75:b7:06:79:7a:03:f2:03:0e:32:bf:c8:7a:a0:4b:fc:c8:
dd:1b:1b:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL+28SivwlcNa/nS/LzUSmkHksxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2NGM1ZTY4M2M5MjhiMDAyMWYyZTlkMTMwNzNiMzQ0ZWVkZTk4NDkwN2I4
NWU3YjAxNTA1MmZiYzMwNDg0MDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJkwVKcmt4QCeUSOKPnPplGmb8tGm3LDL0JS2OaMHY3qBOLHJ5Ztw6QXA2w
MXt2OL7X9O9Tqt4D5AhRB02prluxNo/5cO5vhHG1ew/W9Fm4PMbVLrz6Dt7MUYga
8klQiMj9rXJkrv4B4dGrXPNfCbdqefrVsyHro/jJmaloA9eEPO11EgM+fXpedIa6
G4Q0QzoezNXPK41u9834mWfesZYGeRWbtv/2ml65LXCE+2Ij9EuttfkRirUb+fFp
lw2taFj48O06Lm9y9iMPoDMbjImJb83gYsQ4YbHrUe6NcA8oVXvUtm340OmKgFv6
w/Wb9jyH7Zfz/17Tcc7YokTtolECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSFj5LW
XvXhnQOFhRq1aS7gGAHuhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjRiNDk2YWEtMTYxYy00ZDVkLWE5Y2EtM2JhMDk3NzIzOTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZg
MA0GCSqGSIb3DQEBCwUAA4IBAQAHoQkoqyf9j7Pr7x514dBKWeXH9JbaGPgL1jIS
g6OnYDFjPNOYoBAAeYfgIo6EQmJFQY/54cyqgtoW6l4wvq+CaJB5xKNe8S87DEj2
L6S+H6S2FuScl1pjquzDghYSrcIrWtFwaxnhlShFK1YY8hXtmji+z9juk1/SCXXG
04ixtHXodz39sTqI9zEwrSJF+LJyo3fnMeiCcH6feVG+hbdbelYSXul42j2sVSbE
Y5ajmWBJK5tubdFoxSDeeAdGK+EXmjdlp8G+EmDWvEdVcaFL/4R90B8CdjfkvkMP
rEsfCnCMyoBhW0+THEGhdbcGeXoD8gMOMr/IeqBL/MjdGxsx
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:08 2025 by rpki-client