Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b2e3e13-7ae6-418b-b8a8-9b4d61383b58.roa
File: 3b2e3e13-7ae6-418b-b8a8-9b4d61383b58.roa (raw, json)
Hash identifier: 0zPAH5aHRCCMUU6+ok/S6PNauB/PoDjAJfsfSJsp6Po=
Subject key identifier: D4:30:E4:9B:7F:F8:5C:26:B0:23:34:0C:0B:F4:C4:1E:D4:8F:A8:53
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33B8E6ED6060FB22AB228B3D513F7B0F02E535FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b2e3e13-7ae6-418b-b8a8-9b4d61383b58.roa
Signing time: Tue 20 May 2025 19:21:07 +0000
ROA not before: Tue 20 May 2025 19:21:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:b080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:b8:e6:ed:60:60:fb:22:ab:22:8b:3d:51:3f:7b:0f:02:e5:35:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c371d08b2cf86b851c3431fbe26173b8267353af844a9662297ab22987de6767, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1b:6f:e3:02:d8:9e:58:16:e6:34:61:03:26:
29:ed:eb:f6:5b:11:4c:f2:af:44:18:82:0e:fa:50:
eb:cf:66:8e:a6:22:42:eb:de:ab:93:34:3d:78:37:
f3:d1:19:ce:62:77:bc:42:a4:21:78:ba:ce:f6:ae:
73:4d:e6:d6:87:43:bc:8a:d8:6b:00:4d:6e:7d:97:
ec:a7:d2:3d:a1:be:6d:7e:f1:d1:8b:6c:e2:65:c1:
aa:29:a1:71:27:97:dc:5b:04:38:54:cc:00:c2:83:
3b:83:f8:b8:64:eb:83:dd:21:ed:dd:09:d1:84:a4:
24:ee:08:4c:8e:b2:4c:05:e7:e0:aa:f2:17:4e:ee:
26:44:ab:80:9c:4c:a5:cd:34:14:72:4e:17:9e:a4:
f2:b9:c3:d6:70:2e:6f:33:ce:cd:ec:fa:3f:58:be:
16:21:78:71:7f:e9:97:8e:ea:e6:04:fe:46:e7:8d:
1d:c1:c6:95:a6:1a:1a:73:76:e3:16:57:59:60:de:
a2:e0:a8:7d:ee:c2:94:83:ef:57:81:0c:52:15:14:
95:54:da:1e:ca:75:fe:0f:7d:05:78:5a:7d:b7:9b:
16:94:0f:02:c9:42:fd:60:10:1f:60:51:e5:e7:08:
77:e8:91:af:05:f5:d4:19:68:fa:ce:67:83:5f:c3:
e8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:30:E4:9B:7F:F8:5C:26:B0:23:34:0C:0B:F4:C4:1E:D4:8F:A8:53
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b2e3e13-7ae6-418b-b8a8-9b4d61383b58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:b080::/46
Signature Algorithm: sha256WithRSAEncryption
1a:2b:52:63:f9:2a:91:13:05:cd:6f:79:48:7c:a8:3f:be:0a:
73:a3:8b:d4:84:86:95:33:8b:b0:89:d8:86:90:a3:f3:89:4f:
45:c1:79:38:f3:7c:08:af:ea:39:e3:ae:f7:19:bf:be:ca:16:
69:3a:6b:9b:9d:5b:4a:be:87:88:6b:1b:e0:7b:30:42:b9:d6:
ec:c3:e9:48:a8:a2:6a:b9:38:de:dc:88:0a:9e:62:8b:76:c2:
e6:87:47:6b:cd:00:a9:fd:f6:c7:10:31:3c:e1:bc:4c:c6:04:
6b:d9:6b:83:af:95:cf:58:dd:b0:e0:d1:39:62:bb:8b:ff:fc:
d1:af:9c:35:01:31:2f:ed:80:88:a3:40:f2:73:72:0a:5a:32:
7a:cc:ca:32:63:3f:8e:8b:c9:46:a0:b0:09:55:63:44:df:b9:
dd:fe:82:2f:05:05:dd:84:af:13:a8:45:70:22:aa:f4:0f:eb:
0a:ca:3b:a0:65:d3:5a:a4:da:df:1a:d4:51:b4:b4:5d:93:8c:
84:9d:85:44:88:30:3c:cd:e0:bb:cd:94:31:9d:09:02:3e:cb:
1e:79:b0:33:ac:96:10:86:e9:c0:2b:51:69:98:c3:cc:16:21:
86:ee:06:59:42:0a:0b:c9:52:e9:36:41:b4:64:24:e1:aa:a8:
00:56:b9:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUM7jm7WBg+yKrIos9UT97DwLlNfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzNzFkMDhiMmNmODZiODUxYzM0MzFmYmUyNjE3M2I4MjY3MzUzYWY4NDRh
OTY2MjI5N2FiMjI5ODdkZTY3NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYbb+MC2J5YFuY0YQMmKe3r9lsRTPKvRBiCDvpQ689mjqYiQuveq5M0PXg3
89EZzmJ3vEKkIXi6zvauc03m1odDvIrYawBNbn2X7KfSPaG+bX7x0Yts4mXBqimh
cSeX3FsEOFTMAMKDO4P4uGTrg90h7d0J0YSkJO4ITI6yTAXn4KryF07uJkSrgJxM
pc00FHJOF56k8rnD1nAubzPOzez6P1i+FiF4cX/pl47q5gT+RueNHcHGlaYaGnN2
4xZXWWDeouCofe7ClIPvV4EMUhUUlVTaHsp1/g99BXhafbebFpQPAslC/WAQH2BR
5ecId+iRrwX11Blo+s5ng1/D6P8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTUMOSb
f/hcJrAjNAwL9MQe1I+oUzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2IyZTNlMTMtN2FlNi00MThiLWI4YTgtOWI0ZDYxMzgzYjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWw
gDANBgkqhkiG9w0BAQsFAAOCAQEAGitSY/kqkRMFzW95SHyoP74Kc6OL1ISGlTOL
sInYhpCj84lPRcF5OPN8CK/qOeOu9xm/vsoWaTprm51bSr6HiGsb4HswQrnW7MPp
SKiiark43tyICp5ii3bC5odHa80Aqf32xxAxPOG8TMYEa9lrg6+Vz1jdsODROWK7
i//80a+cNQExL+2AiKNA8nNyCloyeszKMmM/jovJRqCwCVVjRN+53f6CLwUF3YSv
E6hFcCKq9A/rCso7oGXTWqTa3xrUUbS0XZOMhJ2FRIgwPM3gu82UMZ0JAj7LHnmw
M6yWEIbpwCtRaZjDzBYhhu4GWUIKC8lS6TZBtGQk4aqoAFa5+Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:21 2025 by rpki-client