Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa
File: 3f8d2f8f-3d48-47ce-8524-66406f0de004.roa (raw, json)
Hash identifier: NnuVeIntt0mv9oHmipcOAHrVdqiJUhlmLl3wlzO04R4=
Subject key identifier: 2E:24:22:10:FC:8E:F1:EC:B1:19:1C:6F:B6:7C:B7:BB:9A:78:C3:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A71310765D7C017B3797B8A29102E2BFB1298BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa
Signing time: Tue 20 May 2025 20:01:32 +0000
ROA not before: Tue 20 May 2025 20:01:32 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:71:31:07:65:d7:c0:17:b3:79:7b:8a:29:10:2e:2b:fb:12:98:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:32 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e5e131166a2ddc57f8c5dbac7ed2bc088ddb0eebff27c0871d6d7f6db5ad255e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:68:59:06:e6:4e:55:d7:fc:02:89:46:c4:f3:
1e:a4:09:70:c1:04:6e:c7:f2:96:35:19:6d:8d:d8:
0b:67:6d:d1:b6:a1:75:50:bc:ad:27:b2:1a:51:98:
65:3b:f8:c5:3c:a4:28:ac:8f:c5:39:4c:01:4d:f8:
f5:58:49:5c:5c:4c:c3:48:1c:7d:dc:24:68:48:b8:
89:ee:69:00:3a:30:28:a0:7f:67:7f:6c:e9:7d:13:
50:6f:7c:98:ac:3e:55:e3:e4:31:3d:34:c6:4d:74:
3a:f6:21:84:5f:24:90:f3:1b:dd:b8:53:76:7e:98:
1a:3b:ec:f6:9c:f5:a3:41:2f:d2:01:e3:df:9c:53:
07:19:ad:9f:9d:3e:59:98:86:66:c3:2f:78:0c:68:
27:d7:aa:fa:39:ea:ef:16:ce:0b:55:b5:31:9a:91:
48:74:9e:91:f4:7e:8a:2b:84:10:fe:45:a1:d9:5e:
fa:0f:d7:d5:7f:60:34:50:8b:e6:db:cc:51:7e:6a:
a0:f3:f2:9a:87:6b:2d:fd:de:72:05:55:fb:77:46:
06:64:3b:ae:09:43:7e:4b:73:12:f0:75:4e:32:e4:
c9:06:13:b7:b0:6f:7f:78:96:de:c7:da:75:22:96:
86:68:9b:e8:fc:43:65:ee:2e:39:34:fa:bb:c6:d7:
2f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:24:22:10:FC:8E:F1:EC:B1:19:1C:6F:B6:7C:B7:BB:9A:78:C3:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:b000::/40
Signature Algorithm: sha256WithRSAEncryption
5f:7d:f5:f8:2a:3d:1f:48:cf:d4:86:2a:65:4a:1d:4f:84:5d:
d6:e8:f6:70:ad:57:90:c1:bb:f4:dc:6b:20:ce:c3:82:fa:4c:
24:f6:01:ce:00:44:0c:a1:3d:09:86:fe:c2:bd:a4:4a:3d:d5:
72:e1:55:6a:4a:46:e2:3c:a2:a5:30:95:57:e4:a7:a8:5f:a8:
57:17:81:b6:40:1c:62:51:45:19:8c:b2:2e:5b:14:9d:94:80:
92:66:51:ef:de:9a:cd:f1:1d:27:ee:99:12:cb:56:57:e7:71:
22:05:7a:7f:be:c9:6f:53:b8:82:8d:48:eb:ac:b3:b1:55:19:
cc:97:e6:b9:3c:91:fe:24:9e:0b:80:88:0b:8c:42:48:4d:e9:
ba:df:dd:d9:fd:13:5f:a3:1f:ca:79:fd:2e:f4:02:c3:5b:9b:
3c:c9:07:fb:33:b5:0a:8e:fd:cf:b3:cd:1f:19:94:b5:53:51:
34:06:33:f7:77:32:1f:07:ea:77:e3:63:48:24:c0:05:8d:2d:
07:4a:8d:4c:31:40:ac:aa:a3:30:98:c7:13:80:6e:f5:87:8a:
57:6c:64:aa:74:d3:33:84:3d:95:8f:dc:c1:8d:a3:43:81:89:
80:ca:95:1e:79:80:bb:1d:5e:fc:b6:6c:5d:3f:55:2f:6e:07:
d5:2e:b6:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCnExB2XXwBezeXuKKRAuK/sSmL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMzJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1ZTEzMTE2NmEyZGRjNTdmOGM1ZGJhYzdlZDJiYzA4OGRkYjBlZWJmZjI3
YzA4NzFkNmQ3ZjZkYjVhZDI1NWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNoWQbmTlXX/AKJRsTzHqQJcMEEbsfyljUZbY3YC2dt0bahdVC8rSeyGlGY
ZTv4xTykKKyPxTlMAU349VhJXFxMw0gcfdwkaEi4ie5pADowKKB/Z39s6X0TUG98
mKw+VePkMT00xk10OvYhhF8kkPMb3bhTdn6YGjvs9pz1o0Ev0gHj35xTBxmtn50+
WZiGZsMveAxoJ9eq+jnq7xbOC1W1MZqRSHSekfR+iiuEEP5Fodle+g/X1X9gNFCL
5tvMUX5qoPPymodrLf3ecgVV+3dGBmQ7rglDfktzEvB1TjLkyQYTt7Bvf3iW3sfa
dSKWhmib6PxDZe4uOTT6u8bXL8cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQuJCIQ
/I7x7LEZHG+2fLe7mnjDDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y4ZDJmOGYtM2Q0OC00N2NlLTg1MjQtNjY0MDZmMGRlMDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSw
MA0GCSqGSIb3DQEBCwUAA4IBAQBfffX4Kj0fSM/UhiplSh1PhF3W6PZwrVeQwbv0
3GsgzsOC+kwk9gHOAEQMoT0Jhv7CvaRKPdVy4VVqSkbiPKKlMJVX5KeoX6hXF4G2
QBxiUUUZjLIuWxSdlICSZlHv3prN8R0n7pkSy1ZX53EiBXp/vslvU7iCjUjrrLOx
VRnMl+a5PJH+JJ4LgIgLjEJITem6393Z/RNfox/Kef0u9ALDW5s8yQf7M7UKjv3P
s80fGZS1U1E0BjP3dzIfB+p342NIJMAFjS0HSo1MMUCsqqMwmMcTgG71h4pXbGSq
dNMzhD2Vj9zBjaNDgYmAypUeeYC7HV78tmxdP1UvbgfVLrZZ
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:42 2025 by rpki-client