Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
File: 35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa (raw, json)
Hash identifier: w1I0BU6I9OmDlWPaZ6M84phAidbbHYvquI4pH9XPn/A=
Subject key identifier: 0A:F0:42:A9:D4:32:8F:F0:F6:9F:C3:6C:85:6D:24:B8:57:FC:7C:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0815192B10B520846077DE095BAFBB772AC79EBF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
Signing time: Fri 23 May 2025 00:41:18 +0000
ROA not before: Fri 23 May 2025 00:41:18 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:15:19:2b:10:b5:20:84:60:77:de:09:5b:af:bb:77:2a:c7:9e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:18 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=ccb7fb71741dbd2658c4bf2c5c09825701cf82122dd5042672902b4c5dc70f18, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fa:4d:e1:58:53:8b:76:b0:09:1c:5b:57:88:
d1:db:35:8c:92:93:2a:03:af:9a:33:b1:e7:63:74:
cc:72:4e:01:1e:cd:68:90:1c:20:48:88:4a:13:50:
9c:6b:c1:80:10:a0:25:53:b9:c9:31:1e:1b:c4:f7:
59:2d:4b:5b:23:14:a1:34:5b:05:77:ba:6a:d3:46:
4e:af:0a:0b:4a:cf:a5:d0:04:f1:60:d9:ed:2b:7d:
b6:68:85:0a:05:0a:18:7b:d8:d0:a2:4a:e1:1b:90:
f5:61:d7:30:dd:3b:87:b1:fc:0d:dc:66:d5:b5:d0:
e3:e4:23:5a:43:da:56:8f:6c:7f:ac:99:e7:2b:f8:
a1:7f:ac:ba:fe:40:7a:36:14:ee:ab:74:ec:e4:ce:
a2:8e:1f:97:55:94:d4:79:cf:33:60:c7:58:24:b3:
41:61:ad:db:0a:49:81:a7:e7:1a:03:7b:ab:71:bf:
ad:49:ae:a4:fb:1e:34:cd:2e:e4:16:71:e4:e8:b6:
61:1b:cc:c7:30:30:cf:a5:4b:a4:e2:0f:b9:0e:a0:
07:c1:02:ec:de:ca:e9:81:9b:cc:1e:7d:87:0c:cc:
b9:7b:3a:03:7e:b8:d3:ff:8d:af:f5:9a:dd:e2:72:
88:65:35:e1:71:01:8f:3c:ff:4a:69:68:ea:e2:05:
6f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F0:42:A9:D4:32:8F:F0:F6:9F:C3:6C:85:6D:24:B8:57:FC:7C:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:2000::/40
Signature Algorithm: sha256WithRSAEncryption
05:fc:e3:f9:74:4f:15:64:b0:23:cb:b8:a1:e8:25:87:ce:7b:
2b:49:12:77:1d:9f:64:a3:10:46:d0:30:c6:9a:9e:0a:8b:c9:
73:41:37:5c:16:9a:e1:15:3c:4a:8c:61:5e:c0:af:ab:d4:27:
d2:06:de:04:0b:57:53:8b:5e:20:c9:75:d8:75:87:8f:d7:91:
40:0e:1d:16:68:b0:a4:38:36:33:4b:44:78:90:32:79:07:60:
66:0d:81:79:c4:96:08:f7:f2:a0:c8:d2:9d:db:4d:c7:c9:14:
f0:24:ac:08:36:6f:6b:fe:2e:1e:73:01:95:ea:35:b5:ed:f7:
48:25:25:d7:e8:cd:71:23:5b:e5:1f:a2:c0:c4:12:04:37:e4:
0e:11:14:64:51:b6:1a:fb:54:49:be:25:66:0c:75:f0:6b:7d:
0e:74:ef:3a:d0:c5:7f:6b:20:72:38:2f:e7:90:d7:f8:45:f9:
f6:23:7f:1b:7d:57:a5:51:82:6c:cf:a5:a2:7d:4c:b6:77:3a:
b0:85:f6:19:ec:bf:80:0c:1c:87:3f:0b:7b:27:7d:73:a9:bd:
86:64:d5:90:71:07:8c:99:a1:57:ec:1b:a9:eb:c3:18:34:db:
56:c9:6d:1b:14:36:41:49:46:bb:2a:30:60:bc:f8:9d:3e:e8:
7e:e3:16:34
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCBUZKxC1IIRgd94JW6+7dyrHnr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMThaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjYjdmYjcxNzQxZGJkMjY1OGM0YmYyYzVjMDk4MjU3MDFjZjgyMTIyZGQ1
MDQyNjcyOTAyYjRjNWRjNzBmMTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKb6TeFYU4t2sAkcW1eI0ds1jJKTKgOvmjOx52N0zHJOAR7NaJAcIEiIShNQ
nGvBgBCgJVO5yTEeG8T3WS1LWyMUoTRbBXe6atNGTq8KC0rPpdAE8WDZ7St9tmiF
CgUKGHvY0KJK4RuQ9WHXMN07h7H8Ddxm1bXQ4+QjWkPaVo9sf6yZ5yv4oX+suv5A
ejYU7qt07OTOoo4fl1WU1HnPM2DHWCSzQWGt2wpJgafnGgN7q3G/rUmupPseNM0u
5BZx5Oi2YRvMxzAwz6VLpOIPuQ6gB8EC7N7K6YGbzB59hwzMuXs6A3640/+Nr/Wa
3eJyiGU14XEBjzz/Smlo6uIFb4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQK8EKp
1DKP8Pafw2yFbSS4V/x8ETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhODcxN2MtZWNmNi00Y2Y3LWE3M2MtZjU2NmY3ODg0YTE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg
MA0GCSqGSIb3DQEBCwUAA4IBAQAF/OP5dE8VZLAjy7ih6CWHznsrSRJ3HZ9koxBG
0DDGmp4Ki8lzQTdcFprhFTxKjGFewK+r1CfSBt4EC1dTi14gyXXYdYeP15FADh0W
aLCkODYzS0R4kDJ5B2BmDYF5xJYI9/KgyNKd203HyRTwJKwINm9r/i4ecwGV6jW1
7fdIJSXX6M1xI1vlH6LAxBIEN+QOERRkUbYa+1RJviVmDHXwa30OdO860MV/ayBy
OC/nkNf4Rfn2I38bfVelUYJsz6WifUy2dzqwhfYZ7L+ADByHPwt7J31zqb2GZNWQ
cQeMmaFX7Bup68MYNNtWyW0bFDZBSUa7KjBgvPidPuh+4xY0
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:28 2025 by rpki-client