Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
File: e396d806-dffa-4609-8ae4-1e8fdbde728e.roa (raw, json)
Hash identifier: zaLTPEDgxUqVYb08xKC5eVFh124aSNiSUrAW0D3XM1k=
Subject key identifier: 52:14:BB:1C:C9:6F:05:1E:BD:F0:A8:7E:68:E8:14:24:37:72:3F:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 378768A03A8FCC44AB06B674589292C577C2FDB1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
Signing time: Tue 20 May 2025 18:40:19 +0000
ROA not before: Tue 20 May 2025 18:40:19 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:87:68:a0:3a:8f:cc:44:ab:06:b6:74:58:92:92:c5:77:c2:fd:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:19 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=3928b1e72accf5094f8f7cc28a843947941d27d5611ae7d9843701648263aff6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c9:a1:c1:d5:88:8a:1c:1f:44:3e:a3:f5:e7:
7e:f7:99:3f:a2:3c:97:fa:6c:cb:e2:7f:d3:f0:71:
b7:40:fc:c1:78:e7:8d:08:20:26:c3:db:7f:4b:e8:
b6:97:14:2e:cf:0a:64:48:d2:5c:5e:50:59:e0:c9:
9f:b7:5c:96:ee:de:70:f6:57:86:1d:b0:ab:d3:85:
97:67:0f:c3:53:c0:99:ab:0a:31:be:70:2f:73:7f:
74:a0:aa:ed:73:9d:84:98:bc:e4:3a:62:99:96:fc:
0b:72:3b:a3:23:d2:2d:f1:ef:4b:a5:09:92:08:3c:
b8:aa:1f:74:fe:e0:cf:e6:57:6a:36:b4:eb:a5:83:
f4:1d:66:d5:ac:9a:d5:b3:41:35:ae:5d:98:2a:df:
8b:8b:04:7a:60:db:55:2a:c4:78:e0:7f:57:ba:41:
20:1a:03:63:40:53:41:05:a8:d9:6b:97:71:c6:1a:
6e:97:af:58:4a:34:10:10:54:df:b6:c3:b5:be:16:
60:f4:4b:15:9f:a4:55:fb:9d:0a:99:d4:3b:80:0b:
bf:75:9c:57:e6:4c:80:7e:78:b4:48:95:28:02:bf:
5e:d2:6f:d2:9d:cf:92:4e:ab:c8:19:6b:93:7c:ab:
57:0c:92:7d:c7:b5:c4:97:88:2e:1a:10:cc:e7:07:
61:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:14:BB:1C:C9:6F:05:1E:BD:F0:A8:7E:68:E8:14:24:37:72:3F:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
02:34:38:9e:fe:43:c1:97:ba:f8:cc:6a:af:00:1d:20:8a:e0:
70:29:41:26:29:18:57:8c:fe:78:b9:77:c5:85:c3:9c:a1:1c:
a5:4b:4c:b3:b1:77:95:ff:1d:06:8b:e0:0b:1d:fb:b4:bd:35:
13:0d:1c:10:9b:d1:09:dc:87:47:43:6a:5e:ea:11:62:56:e8:
f0:9b:b9:73:df:7e:28:4f:8f:59:b6:a6:df:ce:ad:54:5d:6f:
84:0c:5e:a1:6c:78:64:1c:b7:3b:91:da:61:f3:8d:ad:e3:d6:
44:d7:87:5c:18:4f:40:82:56:db:3d:97:b0:5a:3f:de:a6:3b:
99:92:d3:32:1f:6e:38:33:c3:98:d5:f2:65:6b:e5:23:d4:4f:
76:54:9e:80:d4:47:59:f6:a3:57:d4:df:01:10:6b:ea:4c:c4:
71:0a:3d:9b:24:42:36:03:2a:af:d0:03:4f:4e:9a:96:ae:c6:
6c:c2:8f:f1:14:76:62:8d:79:82:4d:18:48:b4:79:27:d5:98:
b2:09:39:2e:34:31:a7:f4:df:b2:f7:43:cc:1b:c6:5e:a4:d4:
01:fe:c4:cf:b9:96:34:2e:dd:0f:c6:2c:8b:3d:34:67:e9:8b:
8b:da:7a:76:28:b2:50:60:2e:97:55:8d:66:8d:ae:07:e8:6a:
1c:a4:b3:33
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUN4dooDqPzESrBrZ0WJKSxXfC/bEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwMTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5MjhiMWU3MmFjY2Y1MDk0ZjhmN2NjMjhhODQzOTQ3OTQxZDI3ZDU2MTFh
ZTdkOTg0MzcwMTY0ODI2M2FmZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXJocHViIocH0Q+o/XnfveZP6I8l/psy+J/0/Bxt0D8wXjnjQggJsPbf0vo
tpcULs8KZEjSXF5QWeDJn7dclu7ecPZXhh2wq9OFl2cPw1PAmasKMb5wL3N/dKCq
7XOdhJi85DpimZb8C3I7oyPSLfHvS6UJkgg8uKofdP7gz+ZXaja066WD9B1m1aya
1bNBNa5dmCrfi4sEemDbVSrEeOB/V7pBIBoDY0BTQQWo2WuXccYabpevWEo0EBBU
37bDtb4WYPRLFZ+kVfudCpnUO4ALv3WcV+ZMgH54tEiVKAK/XtJv0p3Pkk6ryBlr
k3yrVwySfce1xJeILhoQzOcHYS8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRSFLsc
yW8FHr3wqH5o6BQkN3I/HTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM5NmQ4MDYtZGZmYS00NjA5LThhZTQtMWU4ZmRiZGU3MjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
wDANBgkqhkiG9w0BAQsFAAOCAQEAAjQ4nv5DwZe6+MxqrwAdIIrgcClBJikYV4z+
eLl3xYXDnKEcpUtMs7F3lf8dBovgCx37tL01Ew0cEJvRCdyHR0NqXuoRYlbo8Ju5
c99+KE+PWbam386tVF1vhAxeoWx4ZBy3O5HaYfONrePWRNeHXBhPQIJW2z2XsFo/
3qY7mZLTMh9uODPDmNXyZWvlI9RPdlSegNRHWfajV9TfARBr6kzEcQo9myRCNgMq
r9ADT06alq7GbMKP8RR2Yo15gk0YSLR5J9WYsgk5LjQxp/TfsvdDzBvGXqTUAf7E
z7mWNC7dD8Ysiz00Z+mLi9p6diiyUGAul1WNZo2uB+hqHKSzMw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:55 2025 by rpki-client