Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: WFl87X9P39xemoZhF9BEV/VdrVJEGXiGFzoSHkXpL/g=
Subject key identifier: 81:42:BA:77:D0:96:F9:78:36:C6:48:A6:1A:8F:FE:54:44:D6:E8:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 292F768832BCD142E69C47902509CB83F64AA918
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Fri 23 May 2025 00:40:54 +0000
ROA not before: Fri 23 May 2025 00:40:54 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:2f:76:88:32:bc:d1:42:e6:9c:47:90:25:09:cb:83:f6:4a:a9:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:54 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=302fd430a3448fc9e49aaeb34a8ca8f3d3556812aee5ec846d706b4647e5742c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:36:26:48:6e:bf:14:8b:a5:9f:1a:4c:1d:01:
87:b9:db:2f:33:4b:8e:b3:21:e6:4f:a0:3e:ca:3d:
2a:a7:1d:a6:34:28:34:ea:3c:9f:15:58:bf:26:83:
70:14:a1:cd:ea:3b:6f:10:a5:a7:6b:97:95:1c:08:
86:ca:85:96:6f:56:e8:52:f1:93:1e:55:52:ae:79:
1b:da:c6:aa:19:94:bb:76:4d:75:32:96:c8:4a:c7:
06:9c:85:9f:6a:a2:e5:1e:f7:ed:23:65:c4:82:de:
af:b8:5b:18:ad:98:4b:5b:fc:bc:50:7a:4f:e4:28:
9d:ae:a1:9e:45:70:35:0d:ee:06:bf:c1:bc:69:0e:
b2:4f:08:10:8a:a8:a4:92:42:dd:37:90:80:2c:53:
bd:51:8b:1e:93:c1:de:7c:9b:ed:58:1a:ff:a7:e5:
71:11:04:ee:96:f2:66:76:6e:06:5f:0f:11:98:bc:
60:f2:71:78:9d:d3:3f:93:a3:f6:8a:2e:54:89:5d:
c7:6a:1c:87:50:5f:30:80:dd:81:bc:4e:1b:7d:2a:
01:e6:8e:fe:48:02:3c:c8:03:6d:d0:c7:f8:38:a5:
43:c2:a7:bb:61:6e:da:2d:71:fe:f4:a0:dd:d8:7f:
62:ea:29:20:5f:19:07:ee:ed:09:16:81:bb:a4:11:
a5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:42:BA:77:D0:96:F9:78:36:C6:48:A6:1A:8F:FE:54:44:D6:E8:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
12:ac:7e:86:03:cd:4a:20:dd:38:d6:48:d0:92:b9:69:d0:80:
0e:51:75:17:40:be:a8:cc:43:60:f7:95:9e:05:51:ae:3d:4d:
da:99:78:3a:7d:16:4f:5a:12:ec:a6:04:78:29:07:e7:d4:e0:
1f:06:02:77:07:49:7c:32:e3:40:e9:71:55:37:d5:a1:23:ef:
77:b2:4d:2d:f2:61:7a:d8:dd:62:10:a0:3b:8d:39:20:d3:94:
d4:c3:49:54:18:5e:a7:fb:bd:c2:4e:2a:95:83:a5:d0:dd:3f:
11:a4:80:9b:31:7e:45:b8:2b:ab:f9:84:f1:4e:72:54:0d:cf:
27:27:0e:11:6d:15:8b:86:8a:44:e3:c3:e9:ad:08:af:3f:8c:
58:76:e8:98:24:5a:b3:be:ce:2d:85:a1:ed:82:6b:61:ac:46:
f7:55:3a:93:ab:93:c0:ff:38:f8:0d:d9:1b:14:b2:47:88:ee:
4f:0f:fe:34:77:6e:66:18:03:7e:25:5b:f6:e4:e4:71:e6:6a:
25:8a:c4:c0:5d:76:d6:24:f6:3e:7f:ac:cc:16:f5:da:6d:28:
a0:7a:a4:ec:01:9b:9e:96:75:14:89:d5:6f:45:db:81:a5:b7:
6a:e4:18:88:c9:8a:d5:10:3c:d5:08:d1:d9:c8:48:b9:7e:a1:
82:1f:40:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKS92iDK80ULmnEeQJQnLg/ZKqRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwNTRaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwMmZkNDMwYTM0NDhmYzllNDlhYWViMzRhOGNhOGYzZDM1NTY4MTJhZWU1
ZWM4NDZkNzA2YjQ2NDdlNTc0MmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJc2JkhuvxSLpZ8aTB0Bh7nbLzNLjrMh5k+gPso9KqcdpjQoNOo8nxVYvyaD
cBShzeo7bxClp2uXlRwIhsqFlm9W6FLxkx5VUq55G9rGqhmUu3ZNdTKWyErHBpyF
n2qi5R737SNlxILer7hbGK2YS1v8vFB6T+Qona6hnkVwNQ3uBr/BvGkOsk8IEIqo
pJJC3TeQgCxTvVGLHpPB3nyb7Vga/6flcREE7pbyZnZuBl8PEZi8YPJxeJ3TP5Oj
9oouVIldx2och1BfMIDdgbxOG30qAeaO/kgCPMgDbdDH+DilQ8Knu2Fu2i1x/vSg
3dh/YuopIF8ZB+7tCRaBu6QRpakCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBQrp3
0Jb5eDbGSKYaj/5URNboljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQASrH6GA81KIN041kjQkrlp0IAOUXUXQL6ozENg
95WeBVGuPU3amXg6fRZPWhLspgR4KQfn1OAfBgJ3B0l8MuNA6XFVN9WhI+93sk0t
8mF62N1iEKA7jTkg05TUw0lUGF6n+73CTiqVg6XQ3T8RpICbMX5FuCur+YTxTnJU
Dc8nJw4RbRWLhopE48PprQivP4xYduiYJFqzvs4thaHtgmthrEb3VTqTq5PA/zj4
DdkbFLJHiO5PD/40d25mGAN+JVv25ORx5molisTAXXbWJPY+f6zMFvXabSigeqTs
AZuelnUUidVvRduBpbdq5BiIyYrVEDzVCNHZyEi5fqGCH0Dk
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:23 2025 by rpki-client