Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
File: 35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa (raw, json)
Hash identifier: to0PGNy3mta+cU+ksyhj/XQ1MFQFUEW+AgIgtinmjFI=
Subject key identifier: 48:1F:FD:24:1C:D6:3C:45:7D:1A:4A:1F:73:1E:09:9A:FB:27:75:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04F0EBDC14108606E43C8B2BE1B8B095550A3406
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
Signing time: Tue 20 May 2025 20:30:48 +0000
ROA not before: Tue 20 May 2025 20:30:48 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f0:eb:dc:14:10:86:06:e4:3c:8b:2b:e1:b8:b0:95:55:0a:34:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:48 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f726932d97d53b2a17f6ba2ffdaf5b968a43d2495299f9f00676d5d4a6d831cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1c:53:d2:07:e5:9a:3d:28:89:c0:b4:fc:74:
a6:d6:d5:24:79:31:7f:05:4b:d7:48:ba:1a:9b:ae:
58:b2:8f:c3:b8:f4:be:41:32:33:88:83:f3:4a:ea:
88:0c:6b:de:58:2a:20:e3:47:87:f4:44:25:1b:4f:
4a:81:79:94:0c:45:c5:f6:3d:c0:35:ee:06:c4:c1:
0c:36:84:d8:b8:1a:bb:0d:c7:16:16:79:6b:43:4e:
e1:43:3e:3a:10:74:f2:83:76:85:a1:c6:33:83:ea:
71:8c:5a:76:dd:4e:ff:87:ac:8c:30:5b:a3:9c:31:
6f:53:25:3a:13:de:22:e0:63:5d:52:a7:cf:df:43:
32:26:fc:a4:ea:41:8f:89:dc:57:e9:03:cd:e6:f7:
c2:a5:53:8c:33:65:d5:3b:62:20:a6:38:96:ba:81:
7f:7b:a8:94:7f:8a:20:da:78:b6:71:87:6f:48:e5:
7a:b5:33:b3:27:97:d2:6e:bf:8f:12:6e:45:5a:3d:
9d:97:f2:b2:b8:38:4e:9f:0f:f2:dc:ee:9d:19:b0:
88:fc:7d:71:24:76:1c:78:6e:b5:7b:88:ac:d9:be:
16:de:e0:93:a2:67:f7:4a:37:03:01:e9:fb:8b:0c:
e7:c4:51:21:b2:24:94:91:e5:6b:2c:e2:36:11:6e:
2e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:1F:FD:24:1C:D6:3C:45:7D:1A:4A:1F:73:1E:09:9A:FB:27:75:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/38
Signature Algorithm: sha256WithRSAEncryption
8f:33:59:1f:8f:99:9c:c4:6b:12:45:c6:74:e3:59:02:20:c6:
53:83:5f:b8:66:63:32:8b:d3:de:f8:b5:b9:22:7f:a4:da:de:
fa:16:ae:3a:88:d4:61:88:a4:78:d4:12:1a:ed:45:ff:5f:5d:
15:81:d3:c6:aa:fc:8c:f5:78:98:76:b5:0d:5a:65:39:c0:99:
c5:c3:46:6f:6e:17:05:f0:82:1b:5e:a5:dd:43:6e:72:95:0c:
b5:c1:a8:3e:a1:08:e0:19:36:03:93:de:4e:51:ec:9a:20:ee:
fd:9c:ca:46:70:4a:23:63:1b:84:b7:52:f3:8f:eb:f3:f8:37:
77:73:39:28:f6:cd:01:38:a1:ea:e5:8d:90:2f:96:32:f9:93:
82:42:bd:4c:0c:b8:ed:a1:ba:a3:0f:6d:ec:c3:a6:af:0d:24:
9a:86:1b:0c:ab:7d:05:1d:e2:4e:c0:96:91:8c:0c:a0:e7:44:
5e:3e:6c:23:a8:56:23:09:64:5a:3c:51:43:24:88:cc:d4:a0:
87:31:3e:98:a7:6f:87:7c:6c:7d:52:e3:fa:52:ab:c3:f9:b6:
56:3c:be:12:f1:dd:69:d1:5b:11:53:86:56:85:02:53:7c:94:
5d:7d:5f:80:60:6f:8b:62:93:01:a0:9b:e9:ec:4a:75:35:b7:
0e:07:e8:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBPDr3BQQhgbkPIsr4biwlVUKNAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwNDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3MjY5MzJkOTdkNTNiMmExN2Y2YmEyZmZkYWY1Yjk2OGE0M2QyNDk1Mjk5
ZjlmMDA2NzZkNWQ0YTZkODMxY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwcU9IH5Zo9KInAtPx0ptbVJHkxfwVL10i6GpuuWLKPw7j0vkEyM4iD80rq
iAxr3lgqIONHh/REJRtPSoF5lAxFxfY9wDXuBsTBDDaE2Lgauw3HFhZ5a0NO4UM+
OhB08oN2haHGM4PqcYxadt1O/4esjDBbo5wxb1MlOhPeIuBjXVKnz99DMib8pOpB
j4ncV+kDzeb3wqVTjDNl1TtiIKY4lrqBf3uolH+KINp4tnGHb0jlerUzsyeX0m6/
jxJuRVo9nZfysrg4Tp8P8tzunRmwiPx9cSR2HHhutXuIrNm+Ft7gk6Jn90o3AwHp
+4sM58RRIbIklJHlayziNhFuLqcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIH/0k
HNY8RX0aSh9zHgma+yd1RjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzViYjBkYTUtMGEyZC00YjgwLWFhZmUtYWY3ZTc0Y2Y1ODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCPM1kfj5mcxGsSRcZ041kCIMZTg1+4ZmMyi9Pe
+LW5In+k2t76Fq46iNRhiKR41BIa7UX/X10VgdPGqvyM9XiYdrUNWmU5wJnFw0Zv
bhcF8IIbXqXdQ25ylQy1wag+oQjgGTYDk95OUeyaIO79nMpGcEojYxuEt1Lzj+vz
+Dd3czko9s0BOKHq5Y2QL5Yy+ZOCQr1MDLjtobqjD23sw6avDSSahhsMq30FHeJO
wJaRjAyg50RePmwjqFYjCWRaPFFDJIjM1KCHMT6Yp2+HfGx9UuP6UqvD+bZWPL4S
8d1p0VsRU4ZWhQJTfJRdfV+AYG+LYpMBoJvp7Ep1NbcOB+h6
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:25 2025 by rpki-client