Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
File: c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa (raw, json)
Hash identifier: yfye/a6L0ocpHSWkBJTt5IstII1XzRrmH35A9NCWP5g=
Subject key identifier: F4:2C:90:E4:88:AA:68:4E:0A:28:D8:C6:EF:EC:E1:D6:9C:71:1C:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10F80442176F11EC1043D094CAE4BF3B86500B91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
Signing time: Tue 20 May 2025 19:11:19 +0000
ROA not before: Tue 20 May 2025 19:11:19 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:f8:04:42:17:6f:11:ec:10:43:d0:94:ca:e4:bf:3b:86:50:0b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:11:19 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a6c33e2317197dc6d221b8e52981c3f133993e9cc282abe459b6d4c23407f4ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c8:a5:35:ee:da:21:5e:de:94:6f:8e:22:49:
0f:de:e2:be:d9:be:b4:af:0a:f3:8f:2d:de:1c:f2:
30:45:da:85:45:14:7e:19:81:c9:0f:41:9c:82:ca:
9f:db:28:ae:d7:64:2f:2a:45:55:f3:b9:e3:1e:51:
c9:12:7e:1c:68:c0:99:62:0c:95:bd:e7:c0:9f:80:
b9:be:8f:65:47:7e:32:ec:44:cb:3d:45:69:6e:d4:
3e:ab:9d:f1:54:f0:31:11:c3:a8:08:8c:c7:c6:c3:
96:60:c1:7e:c0:5b:eb:23:c6:fc:bf:26:44:d0:ef:
c7:6a:f1:73:42:86:24:94:f4:8b:c4:49:7a:a8:5b:
83:4d:54:de:6d:8d:c3:3f:20:66:91:ff:da:43:f3:
5f:01:fd:8c:76:24:af:c4:28:6d:f3:05:d8:ed:00:
f9:a6:5b:7d:76:91:52:76:e1:1a:c2:f2:e8:d7:a8:
96:e9:50:47:e7:9a:93:f9:e0:68:a8:95:15:5a:e1:
71:bb:f8:af:eb:3b:c4:30:95:71:e8:0a:3c:b1:e5:
4b:50:d3:6d:e8:2d:ff:a6:24:38:20:13:d8:a0:c8:
ce:b3:7f:56:59:a3:bf:b8:a9:0f:8f:f4:79:ab:ae:
68:a4:49:5a:0c:3c:5d:a0:75:5b:ff:2c:5e:b3:ea:
01:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:2C:90:E4:88:AA:68:4E:0A:28:D8:C6:EF:EC:E1:D6:9C:71:1C:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:04:bc:81:2f:ef:fb:ce:2d:12:dd:a6:10:23:d0:72:37:b4:
ee:d0:7c:69:bd:07:ce:89:fe:f9:78:07:cf:e3:c9:db:c2:bd:
f3:8c:ac:61:71:a6:d5:9f:70:ee:06:b5:77:c2:48:12:af:8e:
44:52:f9:c7:6e:89:cb:4e:f3:59:06:ab:ff:32:12:a3:ee:68:
d2:54:a2:1f:f0:6f:88:ab:a1:46:21:c7:e9:43:df:9f:4c:20:
38:ea:e3:99:75:9e:2e:76:84:a5:c3:c5:50:c5:de:77:09:58:
f3:97:61:33:8b:88:c9:f7:df:94:94:49:9e:a7:5c:82:d8:34:
9d:ac:94:2c:64:69:82:94:38:f9:04:d2:ed:e4:aa:ca:78:71:
f4:4c:63:27:98:4f:c9:55:78:05:5f:46:f8:a5:fb:3e:63:59:
2a:f7:f4:ce:d7:67:bd:34:c7:df:0f:95:be:98:f0:91:a1:b8:
22:0d:be:5c:eb:d9:21:c0:aa:28:cc:2b:1e:2c:3d:f5:29:7b:
67:f4:a5:25:ea:f1:b2:2d:9c:59:74:d7:3e:34:f0:f5:6a:51:
60:81:22:af:4f:7a:c8:fb:01:5b:6e:3d:f8:a9:5e:21:b9:fb:
93:3e:a6:ba:7d:a2:7c:dc:5a:c9:57:0c:06:89:ce:c4:82:26:
ab:6d:13:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEPgEQhdvEewQQ9CUyuS/O4ZQC5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTExMTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2YzMzZTIzMTcxOTdkYzZkMjIxYjhlNTI5ODFjM2YxMzM5OTNlOWNjMjgy
YWJlNDU5YjZkNGMyMzQwN2Y0ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjIpTXu2iFe3pRvjiJJD97ivtm+tK8K848t3hzyMEXahUUUfhmByQ9BnILK
n9sortdkLypFVfO54x5RyRJ+HGjAmWIMlb3nwJ+Aub6PZUd+MuxEyz1FaW7UPqud
8VTwMRHDqAiMx8bDlmDBfsBb6yPG/L8mRNDvx2rxc0KGJJT0i8RJeqhbg01U3m2N
wz8gZpH/2kPzXwH9jHYkr8QobfMF2O0A+aZbfXaRUnbhGsLy6NeolulQR+eak/ng
aKiVFVrhcbv4r+s7xDCVcegKPLHlS1DTbegt/6YkOCAT2KDIzrN/Vlmjv7ipD4/0
eauuaKRJWgw8XaB1W/8sXrPqAUMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0LJDk
iKpoTgoo2Mbv7OHWnHEcWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzNmNGIwZTAtZGY2ZC00ODFhLThkNzUtNzcwOWU1NDVkMWU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIg
MA0GCSqGSIb3DQEBCwUAA4IBAQDBBLyBL+/7zi0S3aYQI9ByN7Tu0HxpvQfOif75
eAfP48nbwr3zjKxhcabVn3DuBrV3wkgSr45EUvnHbonLTvNZBqv/MhKj7mjSVKIf
8G+Iq6FGIcfpQ9+fTCA46uOZdZ4udoSlw8VQxd53CVjzl2Ezi4jJ99+UlEmep1yC
2DSdrJQsZGmClDj5BNLt5KrKeHH0TGMnmE/JVXgFX0b4pfs+Y1kq9/TO12e9NMff
D5W+mPCRobgiDb5c69khwKoozCseLD31KXtn9KUl6vGyLZxZdNc+NPD1alFggSKv
T3rI+wFbbj34qV4hufuTPqa6faJ83FrJVwwGic7EgiarbRPn
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:53 2025 by rpki-client