Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa
File: 5f28c807-572d-4641-be39-53109963f4c3.roa (raw, json)
Hash identifier: HTx5x8sgUf1/4/Jaw4lcCUXoDjgbLmTrOpkUhchYtOM=
Subject key identifier: 10:C9:05:89:E2:8D:68:39:BF:F9:AC:E4:7E:B0:D2:1D:EB:F3:71:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3EB3A40037CFA3FE0DEA45CF3BE33A5250B8A4AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa
Signing time: Tue 20 May 2025 19:50:04 +0000
ROA not before: Tue 20 May 2025 19:50:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:b3:a4:00:37:cf:a3:fe:0d:ea:45:cf:3b:e3:3a:52:50:b8:a4:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:50:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=6201ee01ef0f3c4d2383744773eb2e80184c034cc011b1bbff3ce516cd022bdf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3e:aa:21:6f:92:c7:b9:1f:f3:0a:06:03:c1:
0f:13:ee:31:07:32:ab:d4:e3:cb:72:ee:10:0b:af:
f9:4b:a3:72:f6:93:32:aa:57:e5:e1:53:ee:49:71:
bb:8b:75:9f:cb:13:78:3e:3d:ce:ae:70:f8:4e:c9:
b1:08:f7:ce:4a:21:05:79:df:2b:e3:46:42:6e:d1:
b3:ae:78:bf:49:a0:7d:d6:e8:ff:bc:11:58:90:73:
28:1f:17:62:42:76:25:72:7c:56:a0:5a:12:89:78:
83:38:97:08:36:9b:c5:aa:fd:d1:fd:79:52:ce:b9:
62:49:8c:3d:09:0b:3e:f9:b4:5f:c6:2c:17:d3:77:
e5:56:0d:d0:fc:ab:f6:cc:bc:34:9c:d9:df:34:81:
8c:4c:d9:f3:43:6f:00:de:c4:96:b5:ce:4b:47:8a:
35:95:4a:7e:34:fc:3f:93:9f:82:b9:e0:6b:f3:b2:
6d:7e:81:22:3c:1f:db:05:88:b2:98:3f:4a:9a:59:
fa:cc:aa:56:58:ef:29:d1:d5:b6:d5:76:d0:39:67:
ad:42:92:fe:7e:1c:c6:6c:4e:e3:ce:c3:41:e6:34:
90:54:b0:a9:c9:eb:72:93:8d:a3:19:96:bd:74:28:
fe:d2:d9:b2:7c:eb:ce:59:a8:fc:c9:dd:0e:32:a3:
7a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:C9:05:89:E2:8D:68:39:BF:F9:AC:E4:7E:B0:D2:1D:EB:F3:71:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:a000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:44:a1:41:91:92:6b:b4:bf:ce:f6:90:f7:47:e7:4b:f6:54:
16:75:cf:30:c1:2c:2a:3e:3b:4c:74:cd:e2:21:c4:0c:80:69:
ce:e6:c3:d9:6d:c9:5b:b1:29:cf:7a:39:ad:75:d6:87:32:0e:
b6:38:c7:d6:44:d3:19:5d:a0:db:7d:c8:b9:4a:8e:44:4e:43:
b6:71:cd:54:db:b1:92:99:9f:cc:24:0b:1f:91:4c:fe:55:20:
7d:07:1c:6e:80:7b:65:ef:f2:a1:6f:b9:01:bd:24:78:ce:45:
da:3b:7b:a2:b0:28:ec:ff:7e:dc:81:34:2f:0a:32:d6:c5:4d:
b0:8f:20:d9:39:db:4c:2f:cb:b1:ab:33:24:4e:10:05:f1:8c:
63:0e:f2:a9:99:3a:b4:a5:37:d4:ce:94:fb:5f:4c:3c:e4:d3:
b5:83:a4:02:60:15:c6:6f:9f:db:92:d5:47:83:83:07:aa:c0:
8d:e8:70:46:0a:ba:c7:57:54:e7:80:60:63:96:f8:e4:c8:52:
90:35:8d:be:19:ea:e8:77:cb:2c:a7:a7:14:f5:e5:ac:43:df:
b0:fe:26:24:6a:a9:fb:3b:92:19:04:c6:4d:f6:aa:d9:99:2e:
4d:5b:19:e9:51:88:a3:f1:ff:7b:59:81:17:ac:03:ac:1b:43:
bd:c2:be:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPrOkADfPo/4N6kXPO+M6UlC4pK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUwMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMDFlZTAxZWYwZjNjNGQyMzgzNzQ0NzczZWIyZTgwMTg0YzAzNGNjMDEx
YjFiYmZmM2NlNTE2Y2QwMjJiZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMw+qiFvkse5H/MKBgPBDxPuMQcyq9Tjy3LuEAuv+UujcvaTMqpX5eFT7klx
u4t1n8sTeD49zq5w+E7JsQj3zkohBXnfK+NGQm7Rs654v0mgfdbo/7wRWJBzKB8X
YkJ2JXJ8VqBaEol4gziXCDabxar90f15Us65YkmMPQkLPvm0X8YsF9N35VYN0Pyr
9sy8NJzZ3zSBjEzZ80NvAN7ElrXOS0eKNZVKfjT8P5Ofgrnga/OybX6BIjwf2wWI
spg/SppZ+syqVljvKdHVttV20DlnrUKS/n4cxmxO487DQeY0kFSwqcnrcpONoxmW
vXQo/tLZsnzrzlmo/MndDjKjejkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQyQWJ
4o1oOb/5rOR+sNId6/NxuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYyOGM4MDctNTcyZC00NjQxLWJlMzktNTMxMDk5NjNmNGMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dag
MA0GCSqGSIb3DQEBCwUAA4IBAQCKRKFBkZJrtL/O9pD3R+dL9lQWdc8wwSwqPjtM
dM3iIcQMgGnO5sPZbclbsSnPejmtddaHMg62OMfWRNMZXaDbfci5So5ETkO2cc1U
27GSmZ/MJAsfkUz+VSB9BxxugHtl7/Khb7kBvSR4zkXaO3uisCjs/37cgTQvCjLW
xU2wjyDZOdtML8uxqzMkThAF8YxjDvKpmTq0pTfUzpT7X0w85NO1g6QCYBXGb5/b
ktVHg4MHqsCN6HBGCrrHV1TngGBjlvjkyFKQNY2+Gerod8ssp6cU9eWsQ9+w/iYk
aqn7O5IZBMZN9qrZmS5NWxnpUYij8f97WYEXrAOsG0O9wr5a
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:14 2025 by rpki-client