Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
File: 37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa (raw, json)
Hash identifier: IeULWKHDRLXMOhp8JsDvSo26jSnk+MkCcZO0lV+JifA=
Subject key identifier: 02:54:5E:BF:8C:75:98:57:D6:32:AF:EC:4C:72:37:E9:A4:D7:78:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45B00E0766F4E1D99BA5A347B6B3C0F170D31C29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
Signing time: Tue 20 May 2025 20:10:18 +0000
ROA not before: Tue 20 May 2025 20:10:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:b0:0e:07:66:f4:e1:d9:9b:a5:a3:47:b6:b3:c0:f1:70:d3:1c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:10:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=93f9827a4a0bde6062c86adff581f664c91431e8b0e2f275327894f09eab8f17, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7b:9a:b2:2a:51:e2:83:24:91:84:bc:ce:e8:
e3:5d:b6:d8:15:cf:ca:6d:48:52:0a:c4:a2:d4:ac:
26:5a:d7:e7:ce:ff:02:13:79:1b:3e:63:3b:8d:e1:
03:23:5c:1b:a8:ab:c4:64:b4:5d:8f:d5:a4:c8:fd:
18:72:b4:30:2b:0a:27:fa:80:b7:4b:54:fd:ad:cc:
60:1e:91:fb:97:28:bd:50:47:99:1c:17:10:f6:50:
24:50:5d:58:e5:e5:29:76:8f:a9:26:ab:a7:e6:c8:
74:55:cb:55:2d:7e:2f:11:6b:7a:23:fc:c8:77:d9:
10:7d:0f:0b:ed:c2:34:17:6f:b3:5c:27:49:e1:c1:
77:85:2f:82:66:4c:61:f0:37:07:28:be:5f:ff:b3:
83:80:05:31:7a:95:9a:39:3c:92:72:28:9a:92:34:
45:aa:7c:3d:fa:45:5c:9d:e9:d8:f9:fd:35:73:76:
8e:1e:40:fc:4d:b5:31:23:f2:54:9f:ab:fe:26:07:
0d:f7:7e:86:23:88:aa:2a:81:4c:7f:af:60:fc:1a:
e7:e6:2f:83:e5:5a:b8:0f:2e:70:0a:2e:a0:61:11:
53:67:64:be:77:a5:da:a1:20:f7:51:36:68:29:7a:
ed:41:36:3a:69:41:2a:b3:7d:c2:d4:2a:01:8f:a8:
ae:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:54:5E:BF:8C:75:98:57:D6:32:AF:EC:4C:72:37:E9:A4:D7:78:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:8000::/40
Signature Algorithm: sha256WithRSAEncryption
29:07:0e:5c:e0:7f:61:ed:17:24:8b:ef:2d:f4:d2:cc:45:f6:
62:24:f6:98:fd:33:7c:2e:c8:4c:41:42:3e:c7:4e:af:84:51:
2d:81:6e:10:64:db:50:0e:b1:22:01:48:50:2e:23:9c:d5:5b:
a9:1b:a2:20:44:cd:82:b8:a0:c4:0e:07:af:ad:3e:42:8c:b9:
70:ca:39:4b:10:40:c0:e3:ac:78:8d:ce:9b:6a:87:68:07:8a:
2a:5d:43:02:14:bb:da:cd:4a:d2:10:6d:64:0e:b5:44:fe:89:
67:45:ac:f3:37:f2:9f:71:e2:65:9e:8d:19:b4:5d:73:3c:33:
ac:d8:d3:3d:36:fe:d2:cd:b7:ec:57:e1:de:65:63:52:f5:76:
10:20:3e:f6:d8:f8:c0:4e:c6:c2:6b:bf:c9:3a:70:aa:81:aa:
0a:57:5e:ed:0a:cc:33:e2:08:74:95:50:79:bc:70:ff:c2:aa:
12:c7:24:fa:e9:cf:91:e4:05:7a:fc:5e:da:96:32:8e:cd:e4:
08:5e:46:d2:4f:56:cc:81:2c:45:53:eb:5f:0b:5d:dd:73:2c:
d7:2e:b4:9f:42:df:69:be:44:34:e3:97:0f:d5:71:4d:e1:57:
77:55:f0:20:e5:31:f6:f6:39:5e:6b:ff:d5:ef:0b:17:f0:4d:
8c:a2:f1:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURbAOB2b04dmbpaNHtrPA8XDTHCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDEwMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzZjk4MjdhNGEwYmRlNjA2MmM4NmFkZmY1ODFmNjY0YzkxNDMxZThiMGUy
ZjI3NTMyNzg5NGYwOWVhYjhmMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI97mrIqUeKDJJGEvM7o41222BXPym1IUgrEotSsJlrX587/AhN5Gz5jO43h
AyNcG6irxGS0XY/VpMj9GHK0MCsKJ/qAt0tU/a3MYB6R+5covVBHmRwXEPZQJFBd
WOXlKXaPqSarp+bIdFXLVS1+LxFreiP8yHfZEH0PC+3CNBdvs1wnSeHBd4UvgmZM
YfA3Byi+X/+zg4AFMXqVmjk8knIompI0Rap8PfpFXJ3p2Pn9NXN2jh5A/E21MSPy
VJ+r/iYHDfd+hiOIqiqBTH+vYPwa5+Yvg+VauA8ucAouoGERU2dkvnel2qEg91E2
aCl67UE2OmlBKrN9wtQqAY+orrUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCVF6/
jHWYV9Yyr+xMcjfppNd4rjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdmODQ3OGYtNWVmOC00ZmU1LWI5YTItMWJiZDYwNWE2YWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA
MA0GCSqGSIb3DQEBCwUAA4IBAQApBw5c4H9h7Rcki+8t9NLMRfZiJPaY/TN8LshM
QUI+x06vhFEtgW4QZNtQDrEiAUhQLiOc1VupG6IgRM2CuKDEDgevrT5CjLlwyjlL
EEDA46x4jc6baodoB4oqXUMCFLvazUrSEG1kDrVE/olnRazzN/KfceJlno0ZtF1z
PDOs2NM9Nv7SzbfsV+HeZWNS9XYQID722PjATsbCa7/JOnCqgaoKV17tCswz4gh0
lVB5vHD/wqoSxyT66c+R5AV6/F7aljKOzeQIXkbST1bMgSxFU+tfC13dcyzXLrSf
Qt9pvkQ045cP1XFN4Vd3VfAg5TH29jlea//V7wsX8E2MovFw
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:25 2025 by rpki-client