Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
File: b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa (raw, json)
Hash identifier: Uq0tm/IjdHniv2xotDsKkm8yTAihlPeg8f134eKzzU8=
Subject key identifier: 29:81:10:12:9F:51:EE:94:33:D0:65:25:C5:E0:8D:8B:C8:50:C1:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64A860E9FD305E620A0C50E7E069E698522BF0AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
Signing time: Tue 20 May 2025 20:30:08 +0000
ROA not before: Tue 20 May 2025 20:30:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:a8:60:e9:fd:30:5e:62:0a:0c:50:e7:e0:69:e6:98:52:2b:f0:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:30:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=9ece1a2078460be9b11d65c0b33ababb72906e5d6349b4f269626c109d17bc7f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0d:7a:33:13:3b:b1:25:14:45:e2:0c:e0:54:
70:03:75:75:7d:c1:6a:a9:58:51:b1:cf:0d:e3:3b:
11:dc:fa:b3:a9:d0:a9:ca:e1:26:34:0e:f2:ac:61:
15:3d:54:a4:98:d8:a4:96:8d:a2:bd:5c:72:9e:13:
8f:96:da:23:d7:67:57:7a:29:62:a3:6e:44:b7:1f:
f6:6a:87:04:ad:d8:4b:b6:c0:f5:ac:0f:5d:a1:c7:
14:9f:86:46:a6:0c:3d:86:aa:4f:22:af:99:05:1d:
66:7c:dc:aa:09:95:71:1d:e6:dc:59:01:92:ae:77:
4e:78:d9:31:0a:2a:f9:06:e4:8c:e5:00:20:75:bb:
00:1e:ce:91:c7:e1:20:11:5c:34:b4:9a:5b:d4:fe:
58:f4:75:f9:6c:2c:ff:68:48:70:1e:e5:0e:2e:29:
02:8c:84:3a:c9:d0:85:62:9e:0f:f0:fe:38:d7:8e:
f2:f0:c4:85:dc:ed:0e:2a:7e:f9:2b:84:2d:ec:4f:
02:2d:8c:86:a6:6d:3b:11:78:7f:0f:7d:86:f1:1a:
2a:47:e9:db:37:8b:17:93:4d:8b:21:70:4d:01:b4:
3b:6e:7e:0a:aa:0d:be:48:19:0d:ac:9d:27:38:0c:
77:94:35:ca:99:d2:c8:c4:c5:1d:be:eb:ac:74:61:
27:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:81:10:12:9F:51:EE:94:33:D0:65:25:C5:E0:8D:8B:C8:50:C1:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b:800::/37
Signature Algorithm: sha256WithRSAEncryption
12:2a:d6:c7:99:79:f9:8a:16:64:ac:b2:b1:11:27:e3:5d:74:
af:ab:a9:55:27:55:cd:df:67:2d:61:b5:c0:6c:0e:ce:e4:ac:
26:4d:4c:46:20:c8:a0:e6:b6:05:6e:b6:d8:f9:ed:01:2b:d4:
8c:6b:3a:e4:9d:b9:62:5f:ca:54:29:fe:a9:f3:82:af:63:84:
4c:f4:54:6c:b2:e6:10:83:1f:d0:a0:a0:37:84:fd:f3:de:f5:
b4:dd:3d:30:f1:a6:41:ff:41:2b:bd:a0:ab:66:d8:20:9c:70:
df:a4:48:e9:22:32:86:83:0b:bc:00:e2:a4:6a:e7:a9:a7:b0:
49:4d:94:cd:60:db:e3:a9:2a:31:c6:61:99:4b:c0:a6:4f:75:
cb:cd:7e:3d:43:42:06:2d:2b:c4:e9:99:07:e5:1d:b8:62:1e:
26:58:24:ee:e5:7a:0f:e2:1f:e0:b2:fc:e5:57:99:bd:7c:b6:
51:f4:38:72:ee:e6:4b:b5:b5:ef:cb:50:35:e5:da:f9:aa:d5:
84:3f:a5:7e:47:2a:97:f9:9c:ff:af:59:74:b1:fe:d9:7a:e4:
9d:e0:52:b3:5d:df:b4:13:55:2a:10:f1:e2:ac:1e:c0:58:16:
e2:54:ed:6b:71:8b:14:32:13:c6:f8:e8:95:89:dc:fa:c2:9f:
7b:52:92:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZKhg6f0wXmIKDFDn4GnmmFIr8K4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDMwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDllY2UxYTIwNzg0NjBiZTliMTFkNjVjMGIzM2FiYWJiNzI5MDZlNWQ2MzQ5
YjRmMjY5NjI2YzEwOWQxN2JjN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANENejMTO7ElFEXiDOBUcAN1dX3BaqlYUbHPDeM7Edz6s6nQqcrhJjQO8qxh
FT1UpJjYpJaNor1ccp4Tj5baI9dnV3opYqNuRLcf9mqHBK3YS7bA9awPXaHHFJ+G
RqYMPYaqTyKvmQUdZnzcqgmVcR3m3FkBkq53TnjZMQoq+QbkjOUAIHW7AB7Okcfh
IBFcNLSaW9T+WPR1+Wws/2hIcB7lDi4pAoyEOsnQhWKeD/D+ONeO8vDEhdztDip+
+SuELexPAi2MhqZtOxF4fw99hvEaKkfp2zeLF5NNiyFwTQG0O25+CqoNvkgZDayd
JzgMd5Q1ypnSyMTFHb7rrHRhJ+UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpgRAS
n1HulDPQZSXF4I2LyFDBpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNiMTg2NDgtYmVhMC00ZjdlLThmMGYtNWFkMmQyZjA1ZWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsI
MA0GCSqGSIb3DQEBCwUAA4IBAQASKtbHmXn5ihZkrLKxESfjXXSvq6lVJ1XN32ct
YbXAbA7O5KwmTUxGIMig5rYFbrbY+e0BK9SMazrknbliX8pUKf6p84KvY4RM9FRs
suYQgx/QoKA3hP3z3vW03T0w8aZB/0ErvaCrZtggnHDfpEjpIjKGgwu8AOKkauep
p7BJTZTNYNvjqSoxxmGZS8CmT3XLzX49Q0IGLSvE6ZkH5R24Yh4mWCTu5XoP4h/g
svzlV5m9fLZR9Dhy7uZLtbXvy1A15dr5qtWEP6V+RyqX+Zz/r1l0sf7ZeuSd4FKz
Xd+0E1UqEPHirB7AWBbiVO1rcYsUMhPG+OiVidz6wp97UpIf
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:21 2025 by rpki-client