Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36e6bf1a-660d-40a9-a561-406ff743fc37.roa
File: 36e6bf1a-660d-40a9-a561-406ff743fc37.roa (raw, json)
Hash identifier: uJtDCSK9OfEkVdNJnKSkuqJM+4i1v1jIVXkxQtbIxpA=
Subject key identifier: 87:C8:A7:11:F6:39:20:D3:35:8A:60:30:E9:3C:09:40:43:F2:5D:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16284E5C0061573235148562E49571A7BE16A977
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36e6bf1a-660d-40a9-a561-406ff743fc37.roa
Signing time: Tue 20 May 2025 20:11:36 +0000
ROA not before: Tue 20 May 2025 20:11:36 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:28:4e:5c:00:61:57:32:35:14:85:62:e4:95:71:a7:be:16:a9:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:36 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d77d47dd028ee8bd18f72db8ca57f2788d0b6806ab65195145d054370ae161ba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:02:5a:a0:04:da:c3:0d:a6:c5:e9:12:62:1d:
97:09:a6:c1:36:98:6f:4d:d8:28:f6:c9:15:f3:5b:
aa:3f:a0:3c:66:52:0d:89:68:75:82:3e:2c:ce:a5:
ae:37:81:14:d3:9b:aa:d8:84:94:8d:84:38:bc:bf:
cc:07:7d:ad:39:cc:60:6d:be:d7:9b:f8:75:00:e3:
03:b7:4d:d3:7e:90:e3:aa:9e:35:b8:ff:5c:fc:4f:
be:0c:3e:62:ff:17:bb:16:a1:e7:69:d6:65:4c:e2:
49:b6:34:59:54:58:5c:10:24:75:5a:0a:06:4a:37:
b7:28:42:93:da:5c:3b:89:24:da:56:b2:58:c7:3a:
bb:d3:01:a6:27:9b:78:b1:c6:37:34:75:52:b2:b7:
7e:6a:97:b5:46:47:83:61:b4:31:1c:b8:6c:2c:32:
31:f4:90:93:33:99:a0:5d:d6:fa:cb:7d:b3:dc:4f:
1e:16:e9:c7:dc:13:16:99:63:37:97:77:71:60:f4:
79:10:06:38:ea:a3:6a:8d:66:a5:e0:94:f8:5a:d4:
c6:ec:68:74:77:15:3b:6a:1b:a9:70:23:6d:8d:22:
54:ed:67:5c:a0:b1:4a:75:23:4c:57:78:90:48:63:
b1:da:79:3d:de:3b:cb:8c:62:3a:35:84:9a:c8:3e:
20:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C8:A7:11:F6:39:20:D3:35:8A:60:30:E9:3C:09:40:43:F2:5D:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36e6bf1a-660d-40a9-a561-406ff743fc37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:1000::/40
Signature Algorithm: sha256WithRSAEncryption
62:2d:60:38:24:cb:c7:a6:e1:ff:e4:0c:04:0a:80:7f:31:1c:
4b:26:76:a4:9b:70:9d:d3:e0:e6:bd:09:06:9a:2f:09:f0:16:
b3:f9:d6:f5:76:dc:09:33:60:51:cd:41:22:bc:b5:7e:35:2a:
fc:d1:94:35:82:d2:d4:f3:12:c2:2b:eb:b4:17:38:91:df:aa:
60:53:0c:a3:fa:1f:9f:0f:59:98:d2:c4:50:9a:d5:04:4d:05:
84:fb:9c:3b:af:25:5d:af:d7:5f:df:4f:9d:a6:4a:56:cc:35:
f9:0d:23:f2:79:1d:55:57:6f:b8:84:ca:a6:22:49:33:13:c4:
ff:fc:4d:ef:c0:70:82:4f:78:e6:03:58:ed:31:6b:8c:45:c5:
4e:3f:ac:23:b2:2a:52:c8:ed:6f:e7:6b:84:af:ff:e0:70:0f:
96:17:a7:fe:d0:2d:a3:78:fc:47:a6:cf:2a:47:d3:21:ec:14:
2f:d3:ee:96:93:1e:46:d6:18:f9:51:e6:7f:0a:55:81:53:70:
9b:73:89:9d:44:24:51:60:a5:65:ce:fa:1b:50:99:92:9c:5a:
11:7e:cf:25:e7:bc:4d:d2:89:06:3f:f5:58:36:d5:3e:a5:4a:
b8:8d:37:c2:81:9b:dd:a9:4f:3e:21:7a:36:3b:e9:68:e6:cf:
31:e2:08:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFihOXABhVzI1FIVi5JVxp74WqXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMzZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3N2Q0N2RkMDI4ZWU4YmQxOGY3MmRiOGNhNTdmMjc4OGQwYjY4MDZhYjY1
MTk1MTQ1ZDA1NDM3MGFlMTYxYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8CWqAE2sMNpsXpEmIdlwmmwTaYb03YKPbJFfNbqj+gPGZSDYlodYI+LM6l
rjeBFNObqtiElI2EOLy/zAd9rTnMYG2+15v4dQDjA7dN036Q46qeNbj/XPxPvgw+
Yv8Xuxah52nWZUziSbY0WVRYXBAkdVoKBko3tyhCk9pcO4kk2layWMc6u9MBpieb
eLHGNzR1UrK3fmqXtUZHg2G0MRy4bCwyMfSQkzOZoF3W+st9s9xPHhbpx9wTFplj
N5d3cWD0eRAGOOqjao1mpeCU+FrUxuxodHcVO2obqXAjbY0iVO1nXKCxSnUjTFd4
kEhjsdp5Pd47y4xiOjWEmsg+IC0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHyKcR
9jkg0zWKYDDpPAlAQ/Jd2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZlNmJmMWEtNjYwZC00MGE5LWE1NjEtNDA2ZmY3NDNmYzM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBiLWA4JMvHpuH/5AwECoB/MRxLJnakm3Cd0+Dm
vQkGmi8J8Baz+db1dtwJM2BRzUEivLV+NSr80ZQ1gtLU8xLCK+u0FziR36pgUwyj
+h+fD1mY0sRQmtUETQWE+5w7ryVdr9df30+dpkpWzDX5DSPyeR1VV2+4hMqmIkkz
E8T//E3vwHCCT3jmA1jtMWuMRcVOP6wjsipSyO1v52uEr//gcA+WF6f+0C2jePxH
ps8qR9Mh7BQv0+6Wkx5G1hj5UeZ/ClWBU3Cbc4mdRCRRYKVlzvobUJmSnFoRfs8l
57xN0okGP/VYNtU+pUq4jTfCgZvdqU8+IXo2O+lo5s8x4ghg
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:52 2025 by rpki-client