Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
File: ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa (raw, json)
Hash identifier: hHpw42awU+z6/Rqbp9H+buHsJEt4unn5dR54hpMate0=
Subject key identifier: 77:40:67:0A:B0:E6:B1:96:5B:F2:50:EE:C9:A7:D4:45:F4:8C:19:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72A67DA39D4801EF8B01354CF50F136E1D54B06D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
Signing time: Thu 22 May 2025 01:22:10 +0000
ROA not before: Thu 22 May 2025 01:22:10 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:a6:7d:a3:9d:48:01:ef:8b:01:35:4c:f5:0f:13:6e:1d:54:b0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:10 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=52d230974d4894e7371f5e3feaca85b22072f7a44f6fb8c50fca81fda3c11c3a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e5:28:56:0e:78:51:f6:55:de:42:ea:6a:88:
54:31:c1:34:c1:5f:e9:ce:2b:82:ae:d5:85:37:48:
65:5a:5c:24:ac:22:79:5f:5a:15:b5:43:d8:3c:9f:
fa:88:29:63:67:64:22:7a:22:31:22:74:61:47:c2:
4e:df:3a:d0:fd:ca:fb:9e:31:c5:54:e3:7f:d4:c9:
cb:b8:f7:3b:27:6d:2b:d8:f4:63:ad:04:9c:10:32:
b6:11:39:1b:5c:51:77:0d:a0:d4:ef:3b:4f:87:9a:
e9:99:db:94:28:4c:3a:de:5b:4b:0d:4a:d1:d9:77:
b4:9e:66:63:bd:f9:02:ad:a5:80:4a:5e:f2:55:c8:
89:f1:58:c5:e0:d4:71:6f:a7:3c:0f:eb:58:21:db:
34:62:01:31:24:b4:88:81:cc:dd:a7:fc:97:f3:0a:
21:e1:42:9e:db:f8:ce:11:fb:d9:7d:26:e9:99:2a:
e0:53:3b:24:90:5d:19:30:63:43:af:86:ea:b6:f4:
e7:05:36:c2:45:a0:8c:1e:dc:c7:7c:33:ed:f7:a1:
f1:14:7a:97:ec:b5:5c:2f:b2:f2:17:86:f1:18:b9:
1d:58:05:a4:d0:79:e4:d8:6c:66:f2:54:73:e5:2b:
bc:2c:4b:73:aa:0c:1c:c0:75:d1:5f:79:b1:78:22:
ae:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:40:67:0A:B0:E6:B1:96:5B:F2:50:EE:C9:A7:D4:45:F4:8C:19:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:2000::/40
Signature Algorithm: sha256WithRSAEncryption
63:ac:fb:52:0e:8c:06:37:36:b9:08:fc:0a:46:85:23:d7:f1:
e4:a8:91:7f:58:29:3a:d0:c9:be:56:f3:9a:1d:90:12:ad:1e:
25:dd:f9:e1:45:b1:6f:9e:40:fd:ab:c2:dd:83:41:b3:4a:62:
5d:26:cd:99:91:eb:6f:21:6f:c7:f2:18:39:b1:a2:e5:38:cf:
c2:77:f0:91:e3:0e:db:38:18:19:cb:ab:fb:80:4b:ef:5a:4e:
c8:8b:8e:88:09:28:cb:c1:24:fc:06:f8:d8:6e:b1:ca:67:de:
e9:2d:ef:06:f8:a6:24:44:21:bd:34:79:f5:78:82:a0:f8:29:
c4:a0:51:a2:0a:ed:09:2a:25:32:0c:25:83:ca:cb:34:0b:a8:
9c:6e:a9:16:ba:b9:c6:ab:87:82:ac:58:ac:88:82:93:6e:87:
9a:7c:38:b4:bf:f6:ef:ad:8c:8c:fd:60:fb:dc:a1:0c:6b:71:
85:fa:e7:e5:56:57:be:97:d6:65:93:c3:50:51:d0:d3:c4:92:
23:5d:0e:ea:66:2c:b0:5c:03:36:91:e9:d3:b4:13:13:9c:55:
8d:01:17:de:3c:fa:d7:f2:2d:3d:78:f4:7a:68:f7:80:9d:26:
9e:07:ee:58:60:5e:cd:3e:f1:72:87:43:dd:67:71:8d:e6:42:
04:63:c9:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcqZ9o51IAe+LATVM9Q8Tbh1UsG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMTBaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyZDIzMDk3NGQ0ODk0ZTczNzFmNWUzZmVhY2E4NWIyMjA3MmY3YTQ0ZjZm
YjhjNTBmY2E4MWZkYTNjMTFjM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO3lKFYOeFH2Vd5C6mqIVDHBNMFf6c4rgq7VhTdIZVpcJKwieV9aFbVD2Dyf
+ogpY2dkInoiMSJ0YUfCTt860P3K+54xxVTjf9TJy7j3OydtK9j0Y60EnBAythE5
G1xRdw2g1O87T4ea6ZnblChMOt5bSw1K0dl3tJ5mY735Aq2lgEpe8lXIifFYxeDU
cW+nPA/rWCHbNGIBMSS0iIHM3af8l/MKIeFCntv4zhH72X0m6Zkq4FM7JJBdGTBj
Q6+G6rb05wU2wkWgjB7cx3wz7feh8RR6l+y1XC+y8heG8Ri5HVgFpNB55NhsZvJU
c+UrvCxLc6oMHMB10V95sXgirlMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR3QGcK
sOaxllvyUO7Jp9RF9IwZljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2U1NzdiYTItZDJhYy00ZTJhLWE0ZjktZWEzN2U5ZDU2OTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0g
MA0GCSqGSIb3DQEBCwUAA4IBAQBjrPtSDowGNza5CPwKRoUj1/HkqJF/WCk60Mm+
VvOaHZASrR4l3fnhRbFvnkD9q8Ldg0GzSmJdJs2ZketvIW/H8hg5saLlOM/Cd/CR
4w7bOBgZy6v7gEvvWk7Ii46ICSjLwST8BvjYbrHKZ97pLe8G+KYkRCG9NHn1eIKg
+CnEoFGiCu0JKiUyDCWDyss0C6icbqkWurnGq4eCrFisiIKTboeafDi0v/bvrYyM
/WD73KEMa3GF+uflVle+l9Zlk8NQUdDTxJIjXQ7qZiywXAM2kenTtBMTnFWNARfe
PPrX8i09ePR6aPeAnSaeB+5YYF7NPvFyh0PdZ3GN5kIEY8mD
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:29 2025 by rpki-client