Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
File: 357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa (raw, json)
Hash identifier: sKlRnvkLi7A7AMIeQBW26Knn5mBZFdoDsm//XmIVlnQ=
Subject key identifier: E4:08:27:29:9A:A4:B7:4B:FF:8C:39:83:27:B4:C4:98:9E:49:60:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0797C338A6ED59AD36668D5ECE4FD4FD28DF78DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
Signing time: Tue 20 May 2025 19:10:20 +0000
ROA not before: Tue 20 May 2025 19:10:20 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:97:c3:38:a6:ed:59:ad:36:66:8d:5e:ce:4f:d4:fd:28:df:78:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:20 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=283575936ebd0add1c6f17e5029de30d79834f3fa57664caf5bc1fb5431e4ff9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a2:99:77:99:b5:de:d2:6e:6e:12:c0:ac:40:
ca:68:f0:e1:b7:18:ce:fb:05:b5:de:bc:8a:86:c6:
0e:bf:65:4a:40:c6:18:32:6e:4e:83:25:77:ef:a0:
5c:49:c4:16:7f:3e:dc:83:f2:f1:60:5d:fc:30:75:
02:8e:b7:6c:7a:90:9c:7d:c8:d6:22:db:0d:5f:f3:
4b:6a:f3:d1:7e:3b:80:04:be:58:e3:e3:c3:21:93:
7c:bd:7a:15:3d:70:96:75:44:ae:32:3e:a9:0e:d3:
f1:fe:ca:68:64:95:9c:56:7a:fc:a7:47:39:fd:63:
f2:b0:48:0b:2e:3c:8e:e9:28:dd:d6:0e:fa:8b:2e:
3d:05:26:4a:c4:53:fe:a1:be:2f:44:35:48:c3:2f:
77:d0:e4:25:82:fd:1d:d7:17:95:99:12:49:54:3e:
b5:62:0a:5c:8b:33:7b:7e:34:b3:be:56:43:19:79:
6e:54:72:3c:4f:67:ff:60:6a:68:83:90:e4:ed:74:
84:71:4d:70:78:7f:b2:07:cb:8a:32:b0:86:55:91:
cd:ca:c2:5f:62:b8:68:55:07:29:8f:cd:89:89:99:
45:06:43:92:3b:dd:8d:04:c7:b3:4f:8e:57:dd:4d:
62:5f:00:bc:39:14:32:54:04:bd:02:d9:46:77:51:
f7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:08:27:29:9A:A4:B7:4B:FF:8C:39:83:27:B4:C4:98:9E:49:60:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1000::/40
Signature Algorithm: sha256WithRSAEncryption
22:cc:69:21:64:b5:e7:dc:95:4b:6f:c3:7a:53:13:0f:9d:12:
53:d6:2c:bc:b2:64:a5:76:42:cf:19:25:d6:78:10:22:c4:e2:
a9:18:5e:0f:fe:23:24:d3:71:b9:67:ec:d4:8a:31:c1:61:ca:
8b:b5:8c:70:f4:ff:63:dc:d2:b9:d0:c0:f0:24:cd:69:c8:29:
91:49:bc:5f:52:f0:50:77:f5:23:d2:da:10:29:93:0b:bb:4a:
03:1a:d4:c1:bb:99:7f:79:58:58:de:3c:5e:fb:22:c7:60:63:
ed:16:f7:89:4b:ec:01:47:5c:b5:b3:c1:cb:f2:2e:b7:70:a2:
1c:82:27:ee:80:df:fe:61:91:92:84:54:a6:37:36:0a:03:60:
80:9e:f4:79:82:92:0b:59:b5:03:69:48:7b:14:ab:77:3c:c0:
d0:59:87:b8:00:59:71:cb:7f:df:01:13:38:95:3e:1e:53:0f:
9c:3c:7f:ff:97:8b:f7:57:1a:4b:6b:63:d3:bf:be:83:b1:6b:
f8:87:84:19:30:8e:8b:4a:d3:d4:7e:81:c0:09:14:be:0a:2b:
bd:7a:dd:90:10:1f:c9:23:35:1c:60:da:d2:90:d8:7d:77:21:
0a:53:97:ad:4b:00:d2:29:d5:42:d6:a9:82:ee:27:f1:82:c4:
c5:99:34:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB5fDOKbtWa02Zo1ezk/U/SjfeN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwMjBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MzU3NTkzNmViZDBhZGQxYzZmMTdlNTAyOWRlMzBkNzk4MzRmM2ZhNTc2
NjRjYWY1YmMxZmI1NDMxZTRmZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCimXeZtd7Sbm4SwKxAymjw4bcYzvsFtd68iobGDr9lSkDGGDJuToMld++g
XEnEFn8+3IPy8WBd/DB1Ao63bHqQnH3I1iLbDV/zS2rz0X47gAS+WOPjwyGTfL16
FT1wlnVErjI+qQ7T8f7KaGSVnFZ6/KdHOf1j8rBICy48juko3dYO+osuPQUmSsRT
/qG+L0Q1SMMvd9DkJYL9HdcXlZkSSVQ+tWIKXIsze340s75WQxl5blRyPE9n/2Bq
aIOQ5O10hHFNcHh/sgfLijKwhlWRzcrCX2K4aFUHKY/NiYmZRQZDkjvdjQTHs0+O
V91NYl8AvDkUMlQEvQLZRndR98kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkCCcp
mqS3S/+MOYMntMSYnklgIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU3YzY2MjItOTE2MS00NGQ3LWFiMTMtNmVhNmUwYmVkMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAizGkhZLXn3JVLb8N6UxMPnRJT1iy8smSldkLP
GSXWeBAixOKpGF4P/iMk03G5Z+zUijHBYcqLtYxw9P9j3NK50MDwJM1pyCmRSbxf
UvBQd/Uj0toQKZMLu0oDGtTBu5l/eVhY3jxe+yLHYGPtFveJS+wBR1y1s8HL8i63
cKIcgifugN/+YZGShFSmNzYKA2CAnvR5gpILWbUDaUh7FKt3PMDQWYe4AFlxy3/f
ARM4lT4eUw+cPH//l4v3VxpLa2PTv76DsWv4h4QZMI6LStPUfoHACRS+Ciu9et2Q
EB/JIzUcYNrSkNh9dyEKU5etSwDSKdVC1qmC7ifxgsTFmTRW
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:16 2025 by rpki-client