Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa
File: 92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa (raw, json)
Hash identifier: aH9R5/AYpsNT0rJuWyuXjJAlxz5skdkpgD8MZqu3QoU=
Subject key identifier: D8:1F:42:C3:DB:69:CF:47:61:40:53:00:75:0E:68:C3:1B:AD:A2:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F8A8F1DEEA0461D0A00B8C1250C4609D2B7456E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa
Signing time: Tue 20 May 2025 19:00:56 +0000
ROA not before: Tue 20 May 2025 19:00:56 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:8a:8f:1d:ee:a0:46:1d:0a:00:b8:c1:25:0c:46:09:d2:b7:45:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:56 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b50329a885e9330ee8a7382a2a395e7bb05f259640a8b22cb3a5babaee5520b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a6:58:be:9e:e5:58:14:75:5c:84:ad:34:f3:
09:5f:cc:4c:59:92:30:d6:44:47:c3:98:d3:7e:47:
4d:e6:6f:2d:83:c8:82:9d:e2:cd:4f:c6:9c:67:fe:
b7:63:96:16:03:c5:f0:7f:39:47:02:85:05:e8:bb:
92:aa:a1:0a:d4:c1:01:7e:e7:30:ad:6f:ef:90:5b:
58:b0:5e:cc:21:06:54:7f:85:c5:f4:73:c4:79:8e:
98:bb:cc:a3:13:dd:3b:15:14:4d:a0:af:ec:4a:51:
25:73:fb:8c:21:c7:82:6b:b4:a1:9d:a8:2c:c6:5d:
5a:a5:97:8f:17:ba:0b:ec:e9:d1:2b:93:55:6d:fd:
02:c9:2f:62:19:62:d0:6a:00:fe:a3:66:84:65:de:
35:3f:27:b5:ba:de:ad:e6:4f:97:9b:9f:19:2e:88:
d9:b3:13:9a:7e:90:01:69:38:8e:15:7c:91:95:d0:
35:d8:a6:29:2d:ab:f2:c7:37:e3:8f:7b:e1:5a:a8:
96:7e:24:e3:d0:1a:37:e7:1e:26:07:dc:c7:be:86:
ff:c0:a1:9b:07:87:5f:ba:c4:0d:e8:e1:e8:8c:95:
cb:96:e1:eb:3b:87:77:0a:a2:09:7d:9c:88:a5:78:
d4:78:e1:da:24:9f:44:22:2d:04:54:65:b8:90:ec:
4d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1F:42:C3:DB:69:CF:47:61:40:53:00:75:0E:68:C3:1B:AD:A2:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:19:5d:e1:0d:93:90:86:35:74:8e:34:b8:43:bd:b2:5b:c3:
9e:01:52:3b:8d:6a:fc:3a:83:19:4a:4b:a7:3f:5c:54:26:8a:
49:ff:70:15:ee:4e:be:26:61:fa:08:72:5d:a7:d7:cb:ee:9e:
b5:46:65:22:43:31:ff:0f:18:bd:f2:9e:20:c8:15:91:94:50:
dc:9d:f7:c1:e3:21:e8:d0:84:69:75:75:73:e8:5f:55:cd:64:
d6:77:3e:b6:83:15:05:96:39:6f:23:14:50:7f:62:3d:dc:0f:
f8:00:0e:36:cc:42:be:5b:d1:81:61:06:6f:94:20:3c:07:c0:
24:e1:e9:ad:aa:1b:1a:c3:bc:f7:c9:36:02:28:77:95:e5:be:
00:a4:ae:de:4c:4a:46:bc:81:74:fd:df:f7:2a:2f:67:a7:ea:
28:c6:f2:08:91:30:8d:35:e2:18:c7:8f:fc:33:22:6c:4c:ca:
23:f9:5b:e1:02:fa:67:4b:df:f7:a5:70:5e:a2:7a:c2:05:fd:
0d:08:e7:26:f3:c0:c1:23:bf:c3:0e:e2:37:3e:23:b5:16:35:
5a:1d:82:7b:e4:36:e9:c6:ef:61:d6:7c:f5:3c:bc:0e:ff:bb:
6a:59:b7:89:25:70:7d:30:fd:9b:1a:bd:1f:b5:0d:84:bf:26:
4c:25:aa:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD4qPHe6gRh0KALjBJQxGCdK3RW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwNTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1MDMyOWE4ODVlOTMzMGVlOGE3MzgyYTJhMzk1ZTdiYjA1ZjI1OTY0MGE4
YjIyY2IzYTViYWJhZWU1NTIwYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6mWL6e5VgUdVyErTTzCV/MTFmSMNZER8OY035HTeZvLYPIgp3izU/GnGf+
t2OWFgPF8H85RwKFBei7kqqhCtTBAX7nMK1v75BbWLBezCEGVH+FxfRzxHmOmLvM
oxPdOxUUTaCv7EpRJXP7jCHHgmu0oZ2oLMZdWqWXjxe6C+zp0SuTVW39AskvYhli
0GoA/qNmhGXeNT8ntbrereZPl5ufGS6I2bMTmn6QAWk4jhV8kZXQNdimKS2r8sc3
44974Vqoln4k49AaN+ceJgfcx76G/8ChmweHX7rEDejh6IyVy5bh6zuHdwqiCX2c
iKV41Hjh2iSfRCItBFRluJDsTXECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTYH0LD
22nPR2FAUwB1DmjDG62i/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIzNDRhNzYtZDU4Mi00YmM5LThmY2ItZDI4YTdjZDgzM2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEg
MA0GCSqGSIb3DQEBCwUAA4IBAQC7GV3hDZOQhjV0jjS4Q72yW8OeAVI7jWr8OoMZ
SkunP1xUJopJ/3AV7k6+JmH6CHJdp9fL7p61RmUiQzH/Dxi98p4gyBWRlFDcnffB
4yHo0IRpdXVz6F9VzWTWdz62gxUFljlvIxRQf2I93A/4AA42zEK+W9GBYQZvlCA8
B8Ak4emtqhsaw7z3yTYCKHeV5b4ApK7eTEpGvIF0/d/3Ki9np+ooxvIIkTCNNeIY
x4/8MyJsTMoj+VvhAvpnS9/3pXBeonrCBf0NCOcm88DBI7/DDuI3PiO1FjVaHYJ7
5Dbpxu9h1nz1PLwO/7tqWbeJJXB9MP2bGr0ftQ2EvyZMJaqT
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:11 2025 by rpki-client