Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
File: 3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa (raw, json)
Hash identifier: Xoc/X1dT8OtU8FTGkPdCCyD6C68un2J6DvbiBds6Yss=
Subject key identifier: C3:36:2C:D0:7B:92:39:12:BC:51:9B:3E:BB:81:3F:F0:BB:32:1C:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CDFD7EDB0DF293B4EAB22D1E27F9B3206D86689
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
Signing time: Fri 25 Apr 2025 19:40:47 +0000
ROA not before: Fri 25 Apr 2025 19:40:47 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:df:d7:ed:b0:df:29:3b:4e:ab:22:d1:e2:7f:9b:32:06:d8:66:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:47 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=87c29d90dd82a7ff2db31d61df41e611b10838de564064df565952cfbb33818a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:10:b3:82:b8:74:18:28:99:a6:06:bf:04:7e:
1b:c0:59:ad:13:79:4a:56:62:7b:0e:10:4c:17:48:
07:0e:7c:10:35:73:cc:43:53:85:43:57:90:31:79:
19:45:ca:0d:f9:46:b6:1d:58:68:65:8d:8d:db:43:
7e:03:d8:b6:01:e6:ef:2d:05:f4:08:b9:b1:4a:ad:
32:d8:74:d9:03:fa:19:6c:ac:e4:48:6c:c7:f2:d1:
8d:f9:ba:7c:bf:3a:db:65:61:48:2a:05:59:13:fd:
75:2f:02:f0:a6:4d:f5:48:6b:29:3f:4a:28:c1:40:
39:5c:ec:d0:c2:00:ee:48:ac:4a:11:fd:b1:59:9d:
04:d8:91:cc:e6:49:90:e5:0a:e9:ae:53:ff:86:2b:
23:ea:85:69:c9:91:a7:19:26:b4:30:01:98:8a:77:
50:62:f5:0e:a1:f3:07:04:bb:00:9b:5e:19:78:9f:
74:c7:e8:08:74:26:7f:dc:2d:f6:2f:ab:a7:d3:5e:
2b:e0:ca:3f:9d:e1:76:c3:65:f8:a5:0c:3e:16:11:
d8:7e:ff:a6:9e:d3:d8:f0:62:32:08:68:59:11:1a:
41:f5:c1:4e:5f:1e:f8:57:aa:8a:6b:de:56:bb:c2:
63:43:93:47:31:b4:84:59:23:b8:63:c9:ca:a0:c8:
ee:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:36:2C:D0:7B:92:39:12:BC:51:9B:3E:BB:81:3F:F0:BB:32:1C:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1080::/46
Signature Algorithm: sha256WithRSAEncryption
80:40:25:7b:9a:e9:fe:ab:9b:67:ba:e6:1b:50:96:3f:43:d7:
c9:9b:67:95:a5:28:c3:65:55:fa:6e:d6:c3:62:cd:5d:ee:1c:
4a:69:04:f7:ba:1f:aa:cc:75:c4:28:4d:72:7d:fd:f6:19:91:
c0:4e:eb:6e:7b:5e:07:02:a8:93:3a:08:7c:74:83:be:af:a1:
82:59:2f:1b:96:e4:63:a9:06:de:e0:1a:8e:ed:18:a5:ab:a7:
29:b4:e6:9d:39:30:5d:eb:2a:6d:c5:9b:d3:6d:1d:c6:f8:ee:
aa:b3:d7:a3:6a:ff:2e:e4:c7:3f:6c:1e:8e:66:10:5c:88:d3:
31:ca:3d:eb:39:21:ca:3b:2b:08:b3:16:4a:89:b2:c7:e8:00:
13:5f:58:77:d9:27:cf:71:c1:dd:72:6f:a7:6b:50:df:dd:64:
53:84:6f:5b:bf:6b:f5:92:4b:51:9f:0a:48:71:93:da:09:5d:
98:8e:4d:e2:e8:c7:7d:2a:89:be:db:07:1d:8e:5e:4e:3e:34:
06:8a:06:b1:a8:da:62:ba:f2:c6:aa:00:c7:1a:33:a7:71:3b:
e8:7f:9d:fb:7c:d5:66:67:27:05:69:36:ae:22:70:ff:5f:86:
60:9a:00:7f:f5:57:0c:49:cb:e5:35:ee:7b:3a:f6:49:e6:3a:
c4:b7:de:72
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHN/X7bDfKTtOqyLR4n+bMgbYZokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwNDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3YzI5ZDkwZGQ4MmE3ZmYyZGIzMWQ2MWRmNDFlNjExYjEwODM4ZGU1NjQw
NjRkZjU2NTk1MmNmYmIzMzgxOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4Qs4K4dBgomaYGvwR+G8BZrRN5SlZiew4QTBdIBw58EDVzzENThUNXkDF5
GUXKDflGth1YaGWNjdtDfgPYtgHm7y0F9Ai5sUqtMth02QP6GWys5Ehsx/LRjfm6
fL8622VhSCoFWRP9dS8C8KZN9UhrKT9KKMFAOVzs0MIA7kisShH9sVmdBNiRzOZJ
kOUK6a5T/4YrI+qFacmRpxkmtDABmIp3UGL1DqHzBwS7AJteGXifdMfoCHQmf9wt
9i+rp9NeK+DKP53hdsNl+KUMPhYR2H7/pp7T2PBiMghoWREaQfXBTl8e+Feqimve
VrvCY0OTRzG0hFkjuGPJyqDI7jsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTDNizQ
e5I5ErxRmz67gT/wuzIcnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NhOGIwN2YtOWIwYy00MTQ2LWJmNjQtMjZiMjUwNzhiYTMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAgEAle5rp/qubZ7rmG1CWP0PXyZtnlaUow2VV
+m7Ww2LNXe4cSmkE97ofqsx1xChNcn399hmRwE7rbnteBwKokzoIfHSDvq+hglkv
G5bkY6kG3uAaju0YpaunKbTmnTkwXesqbcWb020dxvjuqrPXo2r/LuTHP2wejmYQ
XIjTMco96zkhyjsrCLMWSomyx+gAE19Yd9knz3HB3XJvp2tQ391kU4RvW79r9ZJL
UZ8KSHGT2gldmI5N4ujHfSqJvtsHHY5eTj40BooGsajaYrryxqoAxxozp3E76H+d
+3zVZmcnBWk2riJw/1+GYJoAf/VXDEnL5TXuezr2SeY6xLfecg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:31 2025 by rpki-client