Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b2e3e13-7ae6-418b-b8a8-9b4d61383b58.roa
File: 3b2e3e13-7ae6-418b-b8a8-9b4d61383b58.roa (raw, json)
Hash identifier: XbiKcpWnqfZkMHVqNH9y3dUCiEZesT+6W5RKHAdza34=
Subject key identifier: 43:BE:88:73:D2:B9:64:EB:A9:B8:18:D1:9A:B6:A0:FE:ED:99:7E:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C22332661827620053F91C1819A2D97285F3BCE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b2e3e13-7ae6-418b-b8a8-9b4d61383b58.roa
Signing time: Fri 25 Apr 2025 19:10:10 +0000
ROA not before: Fri 25 Apr 2025 19:10:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:b080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:22:33:26:61:82:76:20:05:3f:91:c1:81:9a:2d:97:28:5f:3b:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=770d85a40275b96515fa4ea64fc6f9e4208d25c36e8f0fe49d5fdc55fb5d8361, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:36:bd:ea:9d:00:a9:fe:b3:c8:d0:72:f1:c7:
70:ad:d1:45:a2:74:a2:64:06:96:25:8c:58:be:6a:
b1:d5:9f:c0:78:c4:65:34:9d:b3:ad:0d:39:ba:67:
b0:68:2f:71:93:7b:4f:72:a6:0e:76:3d:e9:b4:51:
47:49:1d:4f:35:4f:bf:49:76:f0:8f:da:77:3f:25:
f7:bf:a2:ed:cd:c4:c1:e0:2a:cd:36:76:4f:22:be:
78:e0:a4:a3:a0:68:6e:1d:f5:c0:35:f3:8f:1b:9a:
a6:72:03:11:50:4b:7e:03:3a:9b:26:d6:69:d5:5a:
27:2d:82:02:f3:13:06:42:c7:ad:0e:68:c2:c6:16:
27:a9:b8:9b:4a:d3:f9:47:9a:8f:00:19:70:6e:bf:
62:43:0f:6f:a8:8c:29:c8:e1:d7:3e:1f:71:eb:a8:
ce:87:7f:a0:37:83:d2:6d:b0:aa:66:c6:a5:27:5c:
8c:6d:a5:f9:81:a9:c6:c4:77:f1:0e:16:b0:d7:38:
ae:f8:ba:01:d0:6a:22:35:27:cd:f7:93:28:b7:25:
d1:dd:03:66:78:61:65:2b:dd:5c:7b:9b:c5:21:a2:
16:f0:d7:5e:1d:8b:e1:ee:84:2e:f3:24:cf:b7:33:
98:5e:b2:70:b5:b0:a0:f3:72:5d:95:39:58:e7:27:
dd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BE:88:73:D2:B9:64:EB:A9:B8:18:D1:9A:B6:A0:FE:ED:99:7E:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b2e3e13-7ae6-418b-b8a8-9b4d61383b58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:b080::/46
Signature Algorithm: sha256WithRSAEncryption
04:27:53:19:c6:f6:4d:dd:7b:fa:68:46:c1:a9:d7:b5:2c:64:
4d:bd:01:63:a6:36:3e:35:dd:67:da:c0:e6:11:8f:97:f2:cb:
ea:68:9c:da:4b:cb:ab:50:cd:8b:00:41:3f:77:c7:dc:25:07:
99:e1:69:50:e7:93:bb:8d:54:d6:86:fb:90:f8:b2:5a:36:20:
0c:ad:a7:e1:58:52:64:73:47:9d:8f:95:4d:15:15:07:f2:d8:
66:c9:4f:33:3b:56:c3:be:d7:9a:78:1c:6a:51:8b:7c:03:84:
f4:38:e5:6b:b2:b1:a2:6f:9f:be:20:74:7e:59:2f:c9:2d:2b:
a9:81:85:ce:e6:86:04:d9:e2:98:a1:6c:cb:8a:56:5e:71:36:
0e:20:4a:32:aa:cb:d9:c3:18:14:98:88:09:13:26:f0:46:9c:
ea:fd:1a:c6:fb:ff:6b:21:42:f9:34:1b:d0:1d:8e:6c:56:96:
c4:15:16:70:55:98:40:8d:d2:98:85:f0:00:d7:2d:ee:63:45:
04:1c:bb:a1:76:d2:88:72:19:1e:fa:b6:5a:73:34:08:5e:2f:
c4:ac:fe:dd:da:14:50:e3:4a:c5:69:56:c7:72:54:3e:71:a7:
55:38:c6:52:3d:1b:ab:8e:72:ac:9b:60:aa:af:af:33:3d:a7:
9c:c3:51:7c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPCIzJmGCdiAFP5HBgZotlyhfO84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3MGQ4NWE0MDI3NWI5NjUxNWZhNGVhNjRmYzZmOWU0MjA4ZDI1YzM2ZThm
MGZlNDlkNWZkYzU1ZmI1ZDgzNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ82veqdAKn+s8jQcvHHcK3RRaJ0omQGliWMWL5qsdWfwHjEZTSds60NObpn
sGgvcZN7T3KmDnY96bRRR0kdTzVPv0l28I/adz8l97+i7c3EweAqzTZ2TyK+eOCk
o6Bobh31wDXzjxuapnIDEVBLfgM6mybWadVaJy2CAvMTBkLHrQ5owsYWJ6m4m0rT
+UeajwAZcG6/YkMPb6iMKcjh1z4fceuozod/oDeD0m2wqmbGpSdcjG2l+YGpxsR3
8Q4WsNc4rvi6AdBqIjUnzfeTKLcl0d0DZnhhZSvdXHubxSGiFvDXXh2L4e6ELvMk
z7czmF6ycLWwoPNyXZU5WOcn3Q0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRDvohz
0rlk66m4GNGatqD+7Zl+rzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2IyZTNlMTMtN2FlNi00MThiLWI4YTgtOWI0ZDYxMzgzYjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWw
gDANBgkqhkiG9w0BAQsFAAOCAQEABCdTGcb2Td17+mhGwanXtSxkTb0BY6Y2PjXd
Z9rA5hGPl/LL6mic2kvLq1DNiwBBP3fH3CUHmeFpUOeTu41U1ob7kPiyWjYgDK2n
4VhSZHNHnY+VTRUVB/LYZslPMztWw77XmngcalGLfAOE9Djla7Kxom+fviB0flkv
yS0rqYGFzuaGBNnimKFsy4pWXnE2DiBKMqrL2cMYFJiICRMm8Eac6v0axvv/ayFC
+TQb0B2ObFaWxBUWcFWYQI3SmIXwANct7mNFBBy7oXbSiHIZHvq2WnM0CF4vxKz+
3doUUONKxWlWx3JUPnGnVTjGUj0bq45yrJtgqq+vMz2nnMNRfA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:22 2025 by rpki-client