Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
File: a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa (raw, json)
Hash identifier: Jy9PKJsuMvWOJFWOjLAihMBCE4U/LWfxvP/xaKr8Nxo=
Subject key identifier: D6:29:BB:DA:E0:38:82:70:3E:A9:98:AA:10:7D:30:6D:02:90:6C:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36E915D956FD2C66865EF3B0EA95D0E74641E10C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
Signing time: Fri 23 May 2025 00:40:09 +0000
ROA not before: Fri 23 May 2025 00:40:09 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:e9:15:d9:56:fd:2c:66:86:5e:f3:b0:ea:95:d0:e7:46:41:e1:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:09 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=b0f541bbc95a8ea17bbe8ee870a910c5e3b643972127bac711fc84c6c30efbaf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5a:ac:ff:b3:69:ba:9d:a7:18:54:70:6f:74:
87:59:a1:04:d0:19:88:93:0e:7a:62:b2:ce:96:e9:
1a:ad:d3:00:c2:32:3d:37:46:12:72:3b:75:35:34:
aa:54:66:13:98:6c:7e:39:58:0b:bc:af:13:75:5d:
33:79:84:fa:11:40:b8:74:05:bc:90:f2:b6:71:b6:
1c:7d:6b:4c:c9:f8:39:2d:f2:80:9c:a5:8c:81:b6:
7d:ef:9f:59:01:04:64:35:3e:b7:2c:25:c1:b4:75:
28:07:69:74:5a:5f:fb:71:d7:62:17:08:9d:75:f0:
9f:6f:e1:bf:17:57:59:8a:13:8d:db:e9:f6:2b:8c:
9a:31:7c:38:d8:6a:18:be:0c:a3:cc:f7:0d:a5:d3:
56:69:b5:7d:35:09:37:6f:7f:ec:b0:0f:a5:33:08:
2b:ab:32:e6:e2:90:06:35:aa:f8:ec:e4:5e:a5:a6:
5e:09:04:3a:14:b1:65:7e:9a:13:07:65:0d:32:f9:
f4:eb:4f:9c:ec:50:1a:36:65:ae:b1:7b:da:6a:53:
9c:b2:f1:24:d8:ac:b1:c6:d9:c8:84:a5:58:ff:ec:
7f:a3:92:17:be:a0:3e:7f:59:f7:d4:bd:0e:ab:e1:
6c:17:8c:eb:50:03:6d:cf:6c:45:dc:0c:e7:83:59:
c2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:29:BB:DA:E0:38:82:70:3E:A9:98:AA:10:7D:30:6D:02:90:6C:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
a3:76:0a:22:78:46:34:e6:4d:8e:7f:4b:d8:28:1c:d1:d1:b6:
5a:33:ca:63:5e:41:ec:5f:b4:84:d0:02:1f:70:18:63:e9:e6:
61:aa:46:35:35:e7:d8:26:9b:da:5f:b3:7d:a4:cf:c6:a9:3f:
5a:97:65:6f:84:b3:bd:58:f2:14:b2:7e:92:fb:b7:31:e1:6f:
e5:b8:3d:9a:5c:69:3b:24:97:d8:6f:09:1a:be:54:4c:c0:32:
2c:1f:a0:38:69:08:02:25:89:84:b6:dd:20:e6:90:5b:e6:bf:
e2:87:db:ce:d4:12:94:6f:c3:e5:d5:9d:c9:e4:dc:29:34:2d:
1f:a5:87:69:11:49:b7:86:bd:90:80:15:4f:fa:6f:8e:d3:c4:
ef:a8:e0:35:c1:50:20:fb:2b:a9:c2:bf:2d:bc:bc:d0:67:ef:
84:01:b4:34:d9:86:07:ef:98:f9:18:4b:2b:10:9e:51:51:81:
2c:0a:4a:3d:e6:87:c6:69:7f:25:a0:dd:d9:3b:ee:25:6f:7e:
f7:ae:a6:70:fc:da:19:29:18:2f:37:db:ca:d4:33:4d:16:79:
d3:88:69:2e:b9:ce:26:a1:5a:a8:0a:d9:ed:15:f2:74:53:60:
13:2f:e1:19:28:f3:b0:fe:41:cc:8d:46:eb:c2:6b:87:ef:90:
f7:1f:94:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNukV2Vb9LGaGXvOw6pXQ50ZB4QwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMDlaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwZjU0MWJiYzk1YThlYTE3YmJlOGVlODcwYTkxMGM1ZTNiNjQzOTcyMTI3
YmFjNzExZmM4NGM2YzMwZWZiYWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZarP+zabqdpxhUcG90h1mhBNAZiJMOemKyzpbpGq3TAMIyPTdGEnI7dTU0
qlRmE5hsfjlYC7yvE3VdM3mE+hFAuHQFvJDytnG2HH1rTMn4OS3ygJyljIG2fe+f
WQEEZDU+tywlwbR1KAdpdFpf+3HXYhcInXXwn2/hvxdXWYoTjdvp9iuMmjF8ONhq
GL4Mo8z3DaXTVmm1fTUJN29/7LAPpTMIK6sy5uKQBjWq+OzkXqWmXgkEOhSxZX6a
EwdlDTL59OtPnOxQGjZlrrF72mpTnLLxJNisscbZyISlWP/sf6OSF76gPn9Z99S9
DqvhbBeM61ADbc9sRdwM54NZwmUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWKbva
4DiCcD6pmKoQfTBtApBsijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTlhNGYzY2QtNjAzYS00ZmRjLWJkNjUtOGQ5NDg4ZDRmZDA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCM
MA0GCSqGSIb3DQEBCwUAA4IBAQCjdgoieEY05k2Of0vYKBzR0bZaM8pjXkHsX7SE
0AIfcBhj6eZhqkY1NefYJpvaX7N9pM/GqT9al2VvhLO9WPIUsn6S+7cx4W/luD2a
XGk7JJfYbwkavlRMwDIsH6A4aQgCJYmEtt0g5pBb5r/ih9vO1BKUb8Pl1Z3J5Nwp
NC0fpYdpEUm3hr2QgBVP+m+O08TvqOA1wVAg+yupwr8tvLzQZ++EAbQ02YYH75j5
GEsrEJ5RUYEsCko95ofGaX8loN3ZO+4lb373rqZw/NoZKRgvN9vK1DNNFnnTiGku
uc4moVqoCtntFfJ0U2ATL+EZKPOw/kHMjUbrwmuH75D3H5S7
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:23 2025 by rpki-client