Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36e6bf1a-660d-40a9-a561-406ff743fc37.roa
File: 36e6bf1a-660d-40a9-a561-406ff743fc37.roa (raw, json)
Hash identifier: KiSL2MhGf6DMSFEV8mtdS93cfW9/ZbTRjE6kppo/Yhw=
Subject key identifier: 80:27:D3:D2:63:8F:E9:F2:E4:B2:59:45:74:E0:5B:00:74:00:77:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 758FD236A0B0FD0214691E7671DF63B639DCBF96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36e6bf1a-660d-40a9-a561-406ff743fc37.roa
Signing time: Fri 25 Apr 2025 20:00:18 +0000
ROA not before: Fri 25 Apr 2025 20:00:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:8f:d2:36:a0:b0:fd:02:14:69:1e:76:71:df:63:b6:39:dc:bf:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:00:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e311fa524dc0cbb173573e04b653aba113909ed00c7f64c5c8ba805b7d336fb9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:ce:dd:30:90:a7:21:36:de:b6:51:5d:ec:a1:
c0:25:d7:3e:93:c3:62:da:80:be:69:d0:78:a8:62:
43:b2:fd:42:bf:d8:b5:79:b1:38:d1:a4:02:d2:ed:
19:b6:98:69:ba:87:59:ee:e8:7c:e4:17:80:5a:84:
db:15:9b:27:b7:7d:21:32:e2:d3:35:7b:b7:11:76:
59:04:c9:83:3a:69:c3:d6:77:9f:1e:36:48:fb:ac:
2f:79:e2:a5:ec:8f:b3:46:3c:3b:1f:3a:05:21:87:
79:fe:e0:f4:d5:52:63:de:fb:b0:1b:65:2c:27:e5:
c2:de:0c:bd:b6:02:a0:f8:ce:3c:f4:0b:1c:2e:84:
99:12:a9:d5:64:a6:56:3c:8c:49:12:be:de:39:58:
c5:3f:0c:9e:d7:86:3d:5f:47:3a:48:30:a8:a8:70:
28:a6:74:2b:9e:04:27:aa:c7:86:0b:f3:8f:6e:0b:
8b:50:4e:ad:df:4e:d1:a4:f2:66:df:7a:65:4a:0c:
94:a7:cc:72:0c:db:e4:98:b0:1c:3f:83:0b:68:da:
8e:d7:92:91:e0:a7:ae:31:0c:dc:28:da:f7:87:8e:
fc:31:1e:5d:c4:bb:47:cb:27:0b:ed:a6:d5:79:ac:
9a:fb:ec:f0:cd:00:76:10:c3:e3:dc:d9:1a:4e:17:
5c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:27:D3:D2:63:8F:E9:F2:E4:B2:59:45:74:E0:5B:00:74:00:77:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36e6bf1a-660d-40a9-a561-406ff743fc37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:1000::/40
Signature Algorithm: sha256WithRSAEncryption
bd:3c:38:d4:23:c0:d8:23:b1:40:f1:9b:4a:43:c6:e4:aa:79:
51:b0:5c:bc:a9:b5:5b:2a:d4:8f:a2:0c:e3:04:8d:7f:1f:ee:
8a:44:aa:4e:ce:f9:a1:6e:e3:02:59:52:03:81:94:1d:17:8d:
3a:61:fb:99:83:6d:f6:86:6d:fa:98:76:20:55:bf:af:51:80:
a7:46:3a:5c:fa:8a:43:b6:32:fb:4a:99:dd:bf:53:7c:b9:4b:
4e:bc:49:af:4b:79:e0:97:ba:c3:6c:d4:c8:a2:7b:4e:24:83:
44:53:0c:4e:48:19:58:b1:c9:69:17:4c:2a:76:71:a2:95:83:
d8:23:2f:7a:2a:b8:17:e0:07:a1:25:16:42:14:5b:05:d5:7d:
17:c6:2e:c4:5c:b8:9c:b4:38:3f:49:75:b3:13:12:fd:ce:b9:
c8:eb:a0:2d:ac:af:d6:78:93:8c:6a:e0:92:d9:39:a6:20:3d:
44:a3:45:b1:8f:49:8c:1a:ec:d0:4f:33:81:5c:50:ea:04:bf:
e8:8e:6c:c1:6f:a6:fe:86:36:3a:c1:2e:3b:eb:a3:14:c0:6d:
83:b6:1e:bc:d9:c6:4d:52:68:9f:e9:ba:d3:1f:ad:86:3a:33:
33:71:97:26:bb:f5:b2:3f:34:fe:ce:dd:e0:2b:49:ac:0e:b9:
24:de:d7:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdY/SNqCw/QIUaR52cd9jtjncv5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAwMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMTFmYTUyNGRjMGNiYjE3MzU3M2UwNGI2NTNhYmExMTM5MDllZDAwYzdm
NjRjNWM4YmE4MDViN2QzMzZmYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPXO3TCQpyE23rZRXeyhwCXXPpPDYtqAvmnQeKhiQ7L9Qr/YtXmxONGkAtLt
GbaYabqHWe7ofOQXgFqE2xWbJ7d9ITLi0zV7txF2WQTJgzppw9Z3nx42SPusL3ni
peyPs0Y8Ox86BSGHef7g9NVSY977sBtlLCflwt4MvbYCoPjOPPQLHC6EmRKp1WSm
VjyMSRK+3jlYxT8MnteGPV9HOkgwqKhwKKZ0K54EJ6rHhgvzj24Li1BOrd9O0aTy
Zt96ZUoMlKfMcgzb5JiwHD+DC2jajteSkeCnrjEM3Cja94eO/DEeXcS7R8snC+2m
1Xmsmvvs8M0AdhDD49zZGk4XXHcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAJ9PS
Y4/p8uSyWUV04FsAdAB3XDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZlNmJmMWEtNjYwZC00MGE5LWE1NjEtNDA2ZmY3NDNmYzM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC9PDjUI8DYI7FA8ZtKQ8bkqnlRsFy8qbVbKtSP
ogzjBI1/H+6KRKpOzvmhbuMCWVIDgZQdF406YfuZg232hm36mHYgVb+vUYCnRjpc
+opDtjL7Spndv1N8uUtOvEmvS3ngl7rDbNTIontOJINEUwxOSBlYsclpF0wqdnGi
lYPYIy96KrgX4AehJRZCFFsF1X0Xxi7EXLictDg/SXWzExL9zrnI66AtrK/WeJOM
auCS2TmmID1Eo0Wxj0mMGuzQTzOBXFDqBL/ojmzBb6b+hjY6wS4766MUwG2Dth68
2cZNUmif6brTH62GOjMzcZcmu/WyPzT+zt3gK0msDrkk3tdg
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:00 2025 by rpki-client