Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
File: d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa (raw, json)
Hash identifier: rFQwgwXg/Sm3PyFrpGbkfhZJtz30yHn6iMGNdC67tCM=
Subject key identifier: 6C:ED:CC:30:C2:67:B1:A4:BF:D3:6E:55:5D:FC:FD:9E:6A:F4:20:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 109C8E6614F1676DAB7ACC3EAC80680AE5B57E4D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
Signing time: Tue 20 May 2025 20:20:16 +0000
ROA not before: Tue 20 May 2025 20:20:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:9c:8e:66:14:f1:67:6d:ab:7a:cc:3e:ac:80:68:0a:e5:b5:7e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:20:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=14be946d98288c91ad740ace2f9f1fb2cb901dfe63ed64ef6160f41b4ef0db79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:51:88:e5:f7:07:2c:0d:93:f7:f8:3b:dc:ff:
4a:21:c0:d6:84:f8:74:e5:74:1b:26:ec:5b:cf:34:
66:86:81:98:16:1b:de:19:eb:f3:57:16:5d:00:df:
a2:11:1e:25:dc:c6:f8:28:d9:c3:e3:b0:7c:07:37:
37:03:f4:e1:c3:7d:a7:d4:33:1d:ca:ac:b0:88:ea:
dd:8f:07:a3:b1:3b:d5:c0:71:91:e4:3c:3a:a8:84:
57:b5:8d:b4:d6:94:33:a0:b8:a4:45:55:fc:6c:ab:
52:f4:77:3b:b7:92:43:93:60:b7:6a:3a:44:d3:80:
ea:dc:38:52:fe:ef:6f:47:0d:00:a9:c2:84:dd:cf:
52:7a:4f:a1:96:65:dd:ff:39:96:3b:74:47:fd:da:
ae:b8:4c:0d:a3:d8:96:3c:4c:4f:1e:c2:0a:ac:31:
00:e4:64:b7:f1:3d:d5:0e:4b:d4:c1:d8:15:bd:55:
bf:8a:c2:fd:a7:bb:38:eb:48:d7:e1:e1:f2:58:af:
51:df:5d:39:ef:ab:15:3e:80:3a:b8:69:13:68:e4:
2a:52:33:18:24:91:1d:ae:13:01:d6:95:42:aa:8f:
c2:9e:81:7c:29:56:31:b9:d8:34:47:79:50:c9:60:
1a:5d:06:b9:62:bd:30:fb:b5:e4:3c:a6:7a:69:0d:
74:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:ED:CC:30:C2:67:B1:A4:BF:D3:6E:55:5D:FC:FD:9E:6A:F4:20:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016:400::/38
Signature Algorithm: sha256WithRSAEncryption
5a:18:43:58:5b:90:d1:a4:a3:69:9d:39:f6:9e:e9:f0:5a:2a:
82:4b:16:5a:7f:c6:8e:47:8a:ca:e7:c3:bb:dc:d1:e7:9c:15:
6d:b8:d7:5a:26:44:01:3a:61:0a:bd:10:36:9e:78:d8:74:d2:
d5:44:60:6a:91:d8:72:7d:f1:8c:c0:81:e3:3c:fc:6c:05:0e:
79:2b:64:86:a3:ec:28:6e:f7:92:d1:76:e6:7f:d5:1b:6e:0b:
ac:3a:6c:0e:bf:52:8e:b0:ab:b8:ae:93:a8:b0:99:d6:cf:56:
d7:56:da:76:bd:78:9a:74:f1:79:60:34:9a:e7:ab:12:00:ed:
d0:80:5d:52:86:30:66:b7:24:d5:1e:bb:e1:e8:e0:a8:98:77:
56:e0:e3:ad:fb:1d:71:3d:b1:88:e5:db:1e:5b:f7:12:cf:b0:
76:06:8f:19:61:da:a4:48:0c:89:b4:1d:1d:76:b7:ad:bf:a3:
6d:f5:9a:c2:44:2d:9d:94:c5:e9:f1:98:33:a8:a5:8a:3e:cd:
c5:0c:89:f1:bf:60:90:2a:4e:8f:a4:c9:7b:22:98:38:27:12:
d4:96:79:75:c7:5c:09:2a:41:99:d4:ab:e7:f8:bc:e4:fb:f2:
00:7e:53:9a:82:17:ab:1a:4d:26:77:3b:01:28:82:00:a2:ff:
74:73:fe:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEJyOZhTxZ22resw+rIBoCuW1fk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIwMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0YmU5NDZkOTgyODhjOTFhZDc0MGFjZTJmOWYxZmIyY2I5MDFkZmU2M2Vk
NjRlZjYxNjBmNDFiNGVmMGRiNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1RiOX3BywNk/f4O9z/SiHA1oT4dOV0GybsW880ZoaBmBYb3hnr81cWXQDf
ohEeJdzG+CjZw+OwfAc3NwP04cN9p9QzHcqssIjq3Y8Ho7E71cBxkeQ8OqiEV7WN
tNaUM6C4pEVV/GyrUvR3O7eSQ5Ngt2o6RNOA6tw4Uv7vb0cNAKnChN3PUnpPoZZl
3f85ljt0R/3arrhMDaPYljxMTx7CCqwxAORkt/E91Q5L1MHYFb1Vv4rC/ae7OOtI
1+Hh8livUd9dOe+rFT6AOrhpE2jkKlIzGCSRHa4TAdaVQqqPwp6BfClWMbnYNEd5
UMlgGl0GuWK9MPu15DymemkNdB8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRs7cww
wmexpL/TblVd/P2eavQgrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDNhYzhhMGEtOGQwNi00MGRlLWEyOTItY2I4MjRiN2M0OGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYE
MA0GCSqGSIb3DQEBCwUAA4IBAQBaGENYW5DRpKNpnTn2nunwWiqCSxZaf8aOR4rK
58O73NHnnBVtuNdaJkQBOmEKvRA2nnjYdNLVRGBqkdhyffGMwIHjPPxsBQ55K2SG
o+wobveS0Xbmf9UbbgusOmwOv1KOsKu4rpOosJnWz1bXVtp2vXiadPF5YDSa56sS
AO3QgF1ShjBmtyTVHrvh6OComHdW4OOt+x1xPbGI5dseW/cSz7B2Bo8ZYdqkSAyJ
tB0ddretv6Nt9ZrCRC2dlMXp8ZgzqKWKPs3FDInxv2CQKk6PpMl7Ipg4JxLUlnl1
x1wJKkGZ1Kvn+Lzk+/IAflOagherGk0mdzsBKIIAov90c/5g
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:19 2025 by rpki-client