Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
File: 3c7c4703-2876-4e04-b857-8c0298bd0897.roa (raw, json)
Hash identifier: 3BiWIWR90zZHHus5/c9gDly+Nrjqm+ZSxmhYK3acHo0=
Subject key identifier: 90:2C:AD:EA:BE:2F:0F:5A:7C:DA:36:80:97:64:AF:30:84:11:91:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 723A2D47EF44D664D2A5AA6456548A86781269B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
Signing time: Tue 20 May 2025 18:41:46 +0000
ROA not before: Tue 20 May 2025 18:41:46 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:3a:2d:47:ef:44:d6:64:d2:a5:aa:64:56:54:8a:86:78:12:69:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:46 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1ed311946c96025169ae7a00f04dba693d4d2603fada8d6b28f2e67dd2fcae1e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:68:b1:44:eb:9c:43:01:9f:92:63:05:3f:a3:
60:2b:3b:38:bf:13:2d:16:ab:1f:e8:d7:a9:e1:3c:
8a:0c:3d:9f:0b:29:20:4a:3a:99:ae:f6:87:5a:2a:
10:d7:14:70:ab:de:ac:8a:77:24:2a:2a:43:f0:84:
26:81:db:61:e2:25:15:97:bc:03:8a:a9:a7:f8:92:
c5:b4:b1:22:23:ba:95:0c:c8:64:b4:43:cd:9b:70:
db:43:18:bf:fc:8b:1c:5a:88:7c:99:73:1f:87:6b:
f9:55:d0:30:b9:e0:45:ba:c8:51:0b:ad:24:a2:e7:
3b:ff:eb:99:c3:94:c5:0c:33:18:22:f6:53:66:e7:
25:1d:b8:fa:f4:5e:f7:b1:d0:48:56:44:de:61:80:
cc:12:bb:cf:80:fe:8f:08:ca:38:97:3a:65:ec:33:
87:47:f2:c2:16:15:38:50:44:88:72:36:e0:ba:74:
d8:4b:4f:f3:74:41:ce:3b:0b:17:06:f5:39:66:1d:
d2:15:b7:fe:2d:b6:e7:c7:c6:58:19:ba:c2:36:25:
16:34:37:f3:e1:eb:ed:08:46:4d:8b:0d:00:12:55:
8d:a4:d1:d5:fa:ca:83:dd:8c:80:b4:5b:6e:9d:f4:
08:4b:4c:d2:e5:d2:bf:df:33:4d:74:7c:74:7c:fd:
1e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2C:AD:EA:BE:2F:0F:5A:7C:DA:36:80:97:64:AF:30:84:11:91:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:2e:84:22:bd:61:ce:cd:7f:1f:23:1e:68:98:b8:36:3f:60:
75:6f:69:d1:76:c1:72:68:b3:31:ee:4e:6d:a5:6c:e7:f7:e8:
93:3a:ae:f1:40:86:c2:20:5b:3b:5b:dc:ab:17:76:6c:45:b4:
5d:d0:2b:99:e3:7a:de:9d:9f:20:27:06:83:fa:65:0d:fa:f3:
f0:65:fd:7f:6f:6e:bb:5a:76:66:4d:9c:dc:61:04:a8:8c:ce:
97:02:ed:12:00:99:32:84:f3:69:94:89:52:b6:87:09:63:89:
fb:ca:1b:12:59:ce:05:46:94:e8:be:5f:aa:0b:7b:a1:53:59:
3a:c8:b4:7d:d1:89:a2:28:bb:f8:23:b9:88:a6:05:86:4d:73:
d0:ba:a2:4d:8f:8d:18:95:eb:c7:46:26:9e:63:9d:ae:4b:e1:
9b:53:48:a9:dd:bd:57:b5:6f:13:34:d8:73:ab:8b:aa:31:57:
f4:db:07:8c:3f:72:db:b9:4b:b1:0b:76:59:cc:2f:d6:1c:7c:
5e:c0:c7:8e:d0:a8:a8:c5:1d:1c:36:c7:89:26:4b:ec:d5:d6:
8e:b1:70:50:be:a9:5c:b2:3d:32:27:21:db:58:53:c9:07:4c:
54:e7:a0:2b:f9:b9:b8:d2:96:df:25:fa:27:79:90:6b:87:49:
66:a7:13:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcjotR+9E1mTSpapkVlSKhngSabIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxNDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlZDMxMTk0NmM5NjAyNTE2OWFlN2EwMGYwNGRiYTY5M2Q0ZDI2MDNmYWRh
OGQ2YjI4ZjJlNjdkZDJmY2FlMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJosUTrnEMBn5JjBT+jYCs7OL8TLRarH+jXqeE8igw9nwspIEo6ma72h1oq
ENcUcKverIp3JCoqQ/CEJoHbYeIlFZe8A4qpp/iSxbSxIiO6lQzIZLRDzZtw20MY
v/yLHFqIfJlzH4dr+VXQMLngRbrIUQutJKLnO//rmcOUxQwzGCL2U2bnJR24+vRe
97HQSFZE3mGAzBK7z4D+jwjKOJc6Zewzh0fywhYVOFBEiHI24Lp02EtP83RBzjsL
Fwb1OWYd0hW3/i2258fGWBm6wjYlFjQ38+Hr7QhGTYsNABJVjaTR1frKg92MgLRb
bp30CEtM0uXSv98zTXR8dHz9Hi8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQLK3q
vi8PWnzaNoCXZK8whBGRxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M3YzQ3MDMtMjg3Ni00ZTA0LWI4NTctOGMwMjk4YmQwODk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w
MA0GCSqGSIb3DQEBCwUAA4IBAQAbLoQivWHOzX8fIx5omLg2P2B1b2nRdsFyaLMx
7k5tpWzn9+iTOq7xQIbCIFs7W9yrF3ZsRbRd0CuZ43renZ8gJwaD+mUN+vPwZf1/
b267WnZmTZzcYQSojM6XAu0SAJkyhPNplIlStocJY4n7yhsSWc4FRpTovl+qC3uh
U1k6yLR90YmiKLv4I7mIpgWGTXPQuqJNj40YlevHRiaeY52uS+GbU0ip3b1XtW8T
NNhzq4uqMVf02weMP3LbuUuxC3ZZzC/WHHxewMeO0KioxR0cNseJJkvs1daOsXBQ
vqlcsj0yJyHbWFPJB0xU56Ar+bm40pbfJfoneZBrh0lmpxML
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:19 2025 by rpki-client