Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
File: d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa (raw, json)
Hash identifier: y63jzuAjo2CPgA+wBAEkCb6aJyZUMhhXY6q/Bz4JOXQ=
Subject key identifier: 31:21:0D:77:8D:D9:1F:39:88:3E:AC:E7:26:B4:8C:E0:E4:0B:6C:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A2368EC4DF79DB6002890DBF0D9BF360DEE897F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
Signing time: Tue 20 May 2025 20:11:30 +0000
ROA not before: Tue 20 May 2025 20:11:30 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:23:68:ec:4d:f7:9d:b6:00:28:90:db:f0:d9:bf:36:0d:ee:89:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:11:30 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=283faa455c6278739799148657cf52186a62e763d58cea8396bdf99b38c863e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:af:a1:d8:c9:cf:8c:82:38:90:6a:3c:0a:93:
9b:36:6d:85:1f:b1:33:9d:4e:bb:ff:96:3b:89:63:
ee:0c:0c:92:2c:d4:47:45:a4:cf:d2:e8:e1:b3:96:
26:65:53:e6:46:73:67:f1:cf:e1:c0:d1:38:dd:9c:
ea:c4:36:ea:ca:0e:15:cf:4e:3f:21:04:b7:56:a5:
c9:45:b7:a3:4f:73:c9:2b:b6:28:33:d5:dc:e3:af:
0f:bd:29:ef:27:4f:82:3f:b9:50:74:80:0a:0c:dd:
08:c6:14:05:d5:0f:81:cd:96:8e:20:fd:25:35:6d:
ab:6f:9d:a3:4d:13:af:14:e2:01:b2:4f:08:d4:56:
9f:fb:f2:ec:54:c4:df:05:36:f1:48:35:2f:a8:46:
ee:2d:d8:91:d0:5d:06:1e:c8:0d:28:a8:81:87:ea:
7c:6b:78:83:93:c4:ed:74:8a:e6:09:65:95:db:3b:
7d:14:59:bd:7a:fd:1a:0f:50:09:4f:92:52:e9:d2:
0f:5f:f2:01:03:3e:f2:f4:13:11:ae:64:cc:43:c2:
dd:4d:0e:1c:bd:d8:f3:44:9b:08:87:15:62:10:07:
a7:32:66:8d:7a:6a:96:4a:b9:72:6d:0e:45:a6:79:
79:1a:59:e2:6e:9a:99:24:d2:10:47:de:5c:b5:80:
9f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:21:0D:77:8D:D9:1F:39:88:3E:AC:E7:26:B4:8C:E0:E4:0B:6C:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:1000::/40
Signature Algorithm: sha256WithRSAEncryption
86:e7:78:52:d2:86:e2:ba:32:f0:b8:b9:8e:b5:4e:1e:26:0d:
9b:c9:41:d3:be:1a:0f:86:2f:0f:35:63:51:a7:a5:00:fe:91:
39:35:d7:bf:0d:da:f3:1e:ea:a9:0a:3e:24:61:77:02:1f:46:
58:9e:a9:88:90:42:51:2d:fc:f1:01:49:92:9d:86:1a:3d:63:
68:cb:55:8e:49:f7:96:c5:d7:12:ee:17:3a:e7:d5:c0:7c:1c:
89:25:17:a8:83:06:46:9c:6a:9a:37:9a:06:24:6a:3d:53:8e:
b0:4b:24:64:96:b0:c0:40:58:0e:f0:18:6e:2e:f9:ef:25:90:
c8:71:2d:3e:b7:7d:24:6d:87:75:41:39:75:39:f2:77:25:fa:
6b:50:70:48:df:01:45:30:ec:c4:74:43:c5:c5:b4:36:dc:cc:
e3:03:78:4a:49:13:06:d5:cb:20:4a:3e:42:2e:27:b0:68:59:
70:cd:89:57:18:1b:87:d7:a4:91:96:7e:07:80:f5:bc:a9:0c:
74:83:74:5a:3d:a5:38:13:25:32:40:8c:75:d4:85:2e:f6:e8:
c1:78:68:9f:85:07:79:52:5d:30:e3:77:bb:03:93:18:d7:9f:
c9:f8:d2:31:75:d6:7d:d0:ee:3f:85:46:da:34:f2:20:be:78:
24:93:f0:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOiNo7E33nbYAKJDb8Nm/Ng3uiX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDExMzBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4M2ZhYTQ1NWM2Mjc4NzM5Nzk5MTQ4NjU3Y2Y1MjE4NmE2MmU3NjNkNThj
ZWE4Mzk2YmRmOTliMzhjODYzZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKivodjJz4yCOJBqPAqTmzZthR+xM51Ou/+WO4lj7gwMkizUR0Wkz9Lo4bOW
JmVT5kZzZ/HP4cDRON2c6sQ26soOFc9OPyEEt1alyUW3o09zySu2KDPV3OOvD70p
7ydPgj+5UHSACgzdCMYUBdUPgc2WjiD9JTVtq2+do00TrxTiAbJPCNRWn/vy7FTE
3wU28Ug1L6hG7i3YkdBdBh7IDSiogYfqfGt4g5PE7XSK5glllds7fRRZvXr9Gg9Q
CU+SUunSD1/yAQM+8vQTEa5kzEPC3U0OHL3Y80SbCIcVYhAHpzJmjXpqlkq5cm0O
RaZ5eRpZ4m6amSTSEEfeXLWAn9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQxIQ13
jdkfOYg+rOcmtIzg5AtsxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM4NWZmNGItN2Y4ZS00NWQyLThmOGItZmNkZTE0MjZhMDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCG53hS0obiujLwuLmOtU4eJg2byUHTvhoPhi8P
NWNRp6UA/pE5Nde/DdrzHuqpCj4kYXcCH0ZYnqmIkEJRLfzxAUmSnYYaPWNoy1WO
SfeWxdcS7hc659XAfByJJReogwZGnGqaN5oGJGo9U46wSyRklrDAQFgO8BhuLvnv
JZDIcS0+t30kbYd1QTl1OfJ3JfprUHBI3wFFMOzEdEPFxbQ23MzjA3hKSRMG1csg
Sj5CLiewaFlwzYlXGBuH16SRln4HgPW8qQx0g3RaPaU4EyUyQIx11IUu9ujBeGif
hQd5Ul0w43e7A5MY15/J+NIxddZ90O4/hUbaNPIgvngkk/BY
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:15 2025 by rpki-client