Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
File: 739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa (raw, json)
Hash identifier: gTnKcR1+WWCYJLREhlvjtzPiUAQigPol4h3+mm+orF0=
Subject key identifier: 36:4C:5A:B0:38:54:61:85:8B:96:DB:C4:71:35:F3:49:4C:E8:FD:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73C987AEFC744CF9806D2F61CCED442E288774D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
Signing time: Tue 20 May 2025 20:21:38 +0000
ROA not before: Tue 20 May 2025 20:21:38 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:c9:87:ae:fc:74:4c:f9:80:6d:2f:61:cc:ed:44:2e:28:87:74:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:21:38 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=da45cfd6ec285dd3e4cfe9aa21049e0f303f537ccfbd5fae7eb6149298bb242d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3b:57:cf:e9:c5:ff:fd:ba:32:cb:76:da:11:
92:30:0a:fc:45:5b:c0:67:24:d3:43:31:7f:d8:70:
d7:9e:15:13:9f:73:eb:a2:6e:1a:20:ed:81:ad:b4:
9d:fc:a2:ac:e2:dd:f9:44:91:c0:56:1a:c8:03:2b:
38:23:68:27:16:af:4e:cd:c0:16:d9:87:1f:1b:21:
f0:5a:e2:fe:28:5c:0a:d8:c7:f2:6f:fb:4f:e2:e0:
c1:f2:6c:cd:cd:e8:9e:06:47:27:96:16:ec:7d:da:
06:8b:8f:57:36:e7:e6:65:25:e0:98:7e:a9:00:7f:
a2:fc:b2:cc:27:80:cb:4b:6f:36:88:d5:a0:16:aa:
72:41:5f:52:be:73:f3:27:1b:0c:9d:85:92:af:da:
ac:f9:8e:46:d5:47:cb:5a:e1:e0:4c:4c:db:0e:5a:
1f:89:e8:85:c6:45:45:e9:c3:c0:e6:27:13:c1:f0:
ae:0d:b1:a2:72:3a:cd:90:49:52:8c:55:53:81:c5:
c3:cd:ba:58:33:66:5a:e5:f0:98:25:53:39:51:9e:
f5:78:91:44:87:9f:9b:3d:f9:2c:27:8f:af:63:2c:
33:f6:d1:26:12:4d:ef:04:06:3c:19:11:09:99:7b:
96:92:e0:fc:fa:9d:0f:86:26:13:24:d0:a3:08:b4:
e2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4C:5A:B0:38:54:61:85:8B:96:DB:C4:71:35:F3:49:4C:E8:FD:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:9000::/40
Signature Algorithm: sha256WithRSAEncryption
53:f0:6d:4f:35:1f:c8:b2:c2:e0:8a:dc:dd:0f:33:09:b4:39:
e9:6f:3c:43:95:72:9a:02:ca:6d:c7:89:4d:cf:7b:ca:a1:72:
75:30:67:1a:53:7b:53:9e:6f:08:d2:74:f2:bd:bd:f7:37:88:
d3:4d:ef:88:84:53:b3:79:d8:b4:36:da:a4:d5:1c:4a:33:8f:
52:ad:8c:87:ed:e2:4e:19:2c:bd:62:86:da:85:23:9f:f8:ba:
0f:aa:0a:38:94:e5:0a:c3:d3:15:59:fe:55:69:5e:73:3e:ad:
c7:f1:93:d9:af:fb:89:fc:31:6f:95:6b:17:b8:87:30:4c:e9:
39:e3:eb:13:b0:64:eb:77:21:27:16:29:fb:b1:7f:72:55:f2:
bd:ee:b5:c7:00:bd:8a:e5:0e:f5:8b:64:cc:56:22:1d:ca:0b:
17:b4:5e:b1:84:3f:95:4d:df:29:9c:1e:4f:9c:10:a0:36:30:
db:7d:ea:9d:c0:4f:99:dd:d1:65:1c:b4:a9:23:61:81:54:83:
47:f2:98:6e:8f:b9:fe:00:54:6e:19:ad:0b:9c:71:8f:f9:a6:
01:c7:25:a5:1f:fc:9c:6e:60:3c:41:38:cb:5b:c3:54:74:99:
b4:93:03:70:c6:98:84:3e:e8:b8:f9:b7:a9:44:8f:74:4d:b6:
a5:ca:9b:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc8mHrvx0TPmAbS9hzO1ELiiHdNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIxMzhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhNDVjZmQ2ZWMyODVkZDNlNGNmZTlhYTIxMDQ5ZTBmMzAzZjUzN2NjZmJk
NWZhZTdlYjYxNDkyOThiYjI0MmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANM7V8/pxf/9ujLLdtoRkjAK/EVbwGck00Mxf9hw154VE59z66JuGiDtga20
nfyirOLd+USRwFYayAMrOCNoJxavTs3AFtmHHxsh8Fri/ihcCtjH8m/7T+LgwfJs
zc3ongZHJ5YW7H3aBouPVzbn5mUl4Jh+qQB/ovyyzCeAy0tvNojVoBaqckFfUr5z
8ycbDJ2Fkq/arPmORtVHy1rh4ExM2w5aH4nohcZFRenDwOYnE8Hwrg2xonI6zZBJ
UoxVU4HFw826WDNmWuXwmCVTOVGe9XiRRIefmz35LCePr2MsM/bRJhJN7wQGPBkR
CZl7lpLg/PqdD4YmEyTQowi04vECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ2TFqw
OFRhhYuW28RxNfNJTOj9lDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM5ZDhiMDgtZjgyYi00YTJhLTg0MWMtMmZhZjdhMzMxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBT8G1PNR/IssLgitzdDzMJtDnpbzxDlXKaAspt
x4lNz3vKoXJ1MGcaU3tTnm8I0nTyvb33N4jTTe+IhFOzedi0Ntqk1RxKM49SrYyH
7eJOGSy9YobahSOf+LoPqgo4lOUKw9MVWf5VaV5zPq3H8ZPZr/uJ/DFvlWsXuIcw
TOk54+sTsGTrdyEnFin7sX9yVfK97rXHAL2K5Q71i2TMViIdygsXtF6xhD+VTd8p
nB5PnBCgNjDbfeqdwE+Z3dFlHLSpI2GBVINH8phuj7n+AFRuGa0LnHGP+aYBxyWl
H/ycbmA8QTjLW8NUdJm0kwNwxpiEPui4+bepRI90TbalypuP
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:33 2025 by rpki-client