Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json)
Hash identifier: a5dmqWU49vNGSiVRqJwEjJ44pV1+S7P6ifFUI9tIYJ4=
Subject key identifier: 62:1C:43:D8:B6:89:2D:A8:51:05:9E:10:14:53:40:7A:54:0C:33:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29A2D0B930ECA3BCFFCD41E4F99910C92A725542
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
Signing time: Tue 20 May 2025 18:40:58 +0000
ROA not before: Tue 20 May 2025 18:40:58 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:a2:d0:b9:30:ec:a3:bc:ff:cd:41:e4:f9:99:10:c9:2a:72:55:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:58 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=3644ffa3d50c02a7d8ca83fceb54886ccd64e17ff7066b9b119844ac02dd9996, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f9:a1:e0:9a:6b:72:62:c7:23:a0:4e:19:28:
d8:cf:1c:a1:38:98:14:dd:cc:f8:d7:dd:00:b0:82:
c2:7d:61:ad:a0:36:cf:af:4c:3e:df:1c:0b:e4:55:
64:f0:4f:bc:e6:ec:a4:3f:f8:19:2f:dd:ff:c2:35:
7a:9b:2f:04:c7:b6:1f:eb:77:f2:56:0b:ff:c7:0f:
7f:aa:02:bf:47:8d:59:3e:b7:ae:ca:95:96:61:28:
f3:da:62:86:6f:46:15:21:f4:1f:bd:04:c7:fb:f0:
c4:41:9d:86:2d:66:2b:4e:61:d1:f6:54:fb:45:2e:
e6:92:1b:71:51:14:f9:74:d0:55:56:ef:4b:18:2d:
51:fc:85:a1:c6:37:2f:52:54:90:2d:b4:9b:4e:dc:
8f:fa:b8:5c:6d:40:f9:e7:ed:2d:93:76:07:ae:93:
18:07:42:27:58:4b:ed:02:27:40:c5:d8:1c:c2:c1:
f8:00:df:85:73:e4:13:1f:14:f5:b5:61:09:8f:74:
2e:d2:3f:2b:a5:54:3c:ca:25:86:87:7b:ce:65:4c:
0f:1b:d9:33:10:54:a2:a5:97:2d:76:a2:d8:40:40:
6e:be:58:48:5c:3f:64:4b:47:dc:07:2b:f1:ba:b8:
d1:87:5c:9d:01:ba:e4:64:23:a8:15:03:82:e2:f7:
aa:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:1C:43:D8:B6:89:2D:A8:51:05:9E:10:14:53:40:7A:54:0C:33:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:13:6f:11:62:17:bc:a1:c4:1c:84:e6:23:68:da:0e:9d:df:
2e:aa:70:5b:e6:a2:0b:b7:79:cf:ba:0b:e2:97:14:7c:03:15:
d0:c1:ca:c3:4d:48:43:2d:0a:21:df:1e:2a:0a:ce:ee:40:78:
e0:cd:a6:25:90:72:76:da:39:ed:99:20:77:08:e9:cb:51:18:
2b:a7:28:c9:3e:1d:8e:9b:f3:94:d8:f8:73:e0:d3:0e:82:80:
8a:a1:79:4b:4a:ee:68:6e:14:7d:ac:c9:3a:67:e8:23:23:f5:
47:e9:88:14:d0:e5:20:bf:60:2e:59:e1:0b:b9:5b:4e:d5:fb:
2d:7c:0a:0d:0a:48:d0:2b:69:22:36:96:c0:95:42:3e:50:ba:
08:7d:9b:17:59:ff:75:a5:75:6c:9d:77:d1:f0:ab:b6:31:a8:
12:7b:d2:b6:3b:e5:9d:54:a1:89:ff:29:a4:fe:a7:8e:bf:90:
0a:09:3f:3d:7c:99:e7:74:09:a3:40:bf:ee:0c:d3:f7:f5:dd:
91:f3:00:91:da:26:ee:21:71:ca:7a:24:da:74:ae:e3:63:3d:
a4:04:5d:25:27:60:42:e0:1d:34:f3:be:57:41:a7:86:3e:51:
07:38:31:e1:da:8a:ec:b3:21:e4:74:64:21:86:d1:2c:82:f9:
80:25:30:52
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKaLQuTDso7z/zUHk+ZkQySpyVUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwNThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2NDRmZmEzZDUwYzAyYTdkOGNhODNmY2ViNTQ4ODZjY2Q2NGUxN2ZmNzA2
NmI5YjExOTg0NGFjMDJkZDk5OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALP5oeCaa3JixyOgThko2M8coTiYFN3M+NfdALCCwn1hraA2z69MPt8cC+RV
ZPBPvObspD/4GS/d/8I1epsvBMe2H+t38lYL/8cPf6oCv0eNWT63rsqVlmEo89pi
hm9GFSH0H70Ex/vwxEGdhi1mK05h0fZU+0Uu5pIbcVEU+XTQVVbvSxgtUfyFocY3
L1JUkC20m07cj/q4XG1A+eftLZN2B66TGAdCJ1hL7QInQMXYHMLB+ADfhXPkEx8U
9bVhCY90LtI/K6VUPMolhod7zmVMDxvZMxBUoqWXLXai2EBAbr5YSFw/ZEtH3Acr
8bq40YdcnQG65GQjqBUDguL3qikCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRiHEPY
toktqFEFnhAUU0B6VAwzLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQAfE28RYhe8ocQchOYjaNoOnd8uqnBb5qILt3nP
ugvilxR8AxXQwcrDTUhDLQoh3x4qCs7uQHjgzaYlkHJ22jntmSB3COnLURgrpyjJ
Ph2Om/OU2Phz4NMOgoCKoXlLSu5obhR9rMk6Z+gjI/VH6YgU0OUgv2AuWeELuVtO
1fstfAoNCkjQK2kiNpbAlUI+ULoIfZsXWf91pXVsnXfR8Ku2MagSe9K2O+WdVKGJ
/ymk/qeOv5AKCT89fJnndAmjQL/uDNP39d2R8wCR2ibuIXHKeiTadK7jYz2kBF0l
J2BC4B00875XQaeGPlEHODHh2orssyHkdGQhhtEsgvmAJTBS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:19 2025 by rpki-client