Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa
File: 37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa (raw, json)
Hash identifier: XR1+eRyNe3wVqqMDUA8QHExre0lyX30GG9aDdZbe1fE=
Subject key identifier: 39:D4:88:10:4C:3F:21:48:8E:1D:06:A2:20:8C:FE:C8:59:59:88:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32C8294D96EA60D264B4EEF82574083C6B8DDD51
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa
Signing time: Mon 12 May 2025 16:11:38 +0000
ROA not before: Mon 12 May 2025 16:11:38 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:c8:29:4d:96:ea:60:d2:64:b4:ee:f8:25:74:08:3c:6b:8d:dd:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:38 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=63f79e7e2e329f84fe9af8f6d7f30fa7004e268179954b720c8729b6ec1d9b50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:50:e0:a6:95:9a:be:60:28:33:32:99:9a:f4:
57:44:a9:4e:fa:17:db:bf:db:c0:e8:1e:f0:e0:94:
9e:71:f2:06:51:e3:41:3b:1f:e5:a8:91:e7:f9:98:
70:88:d6:f1:80:58:b9:2b:03:b2:eb:67:14:ae:b3:
2a:27:76:74:d1:8e:86:53:bb:6c:8e:50:a0:91:10:
50:8b:96:cc:dc:bb:35:da:43:b5:d8:98:60:45:52:
b8:f8:db:46:36:b5:35:1a:76:aa:a7:70:b7:f2:7e:
87:28:9f:d7:9a:31:9c:53:6d:37:d8:ff:ab:19:13:
4c:27:81:9d:03:06:89:2b:dd:08:3c:3b:df:37:15:
b8:b2:b1:e4:6e:03:45:7d:fe:c5:af:4d:e6:e1:bb:
30:50:ca:20:af:30:70:d1:37:bf:c7:ff:1a:93:b2:
55:34:a7:de:be:65:f3:75:b9:22:45:bd:27:5a:40:
89:bf:03:b0:8b:2b:5d:1f:65:52:c0:e0:e3:38:42:
a4:1e:a0:80:15:a3:e3:59:61:b9:37:8f:3d:6e:9e:
43:6f:fe:0b:b0:ab:b8:90:87:3a:03:b0:8c:08:d1:
7b:b7:77:82:bd:f8:14:70:5c:97:90:b3:f4:23:e4:
89:79:82:b1:84:6a:b2:2b:fd:64:63:60:d7:14:06:
60:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D4:88:10:4C:3F:21:48:8E:1D:06:A2:20:8C:FE:C8:59:59:88:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/48
Signature Algorithm: sha256WithRSAEncryption
3e:09:ca:9b:5a:80:8d:7a:98:00:ea:e8:0b:bb:c4:a4:64:c1:
b4:03:13:be:42:d4:9e:84:9b:11:11:1f:4e:c5:1a:da:93:11:
21:7c:9c:32:c7:2a:a6:3d:6b:05:d6:36:85:3c:0e:47:8c:31:
06:0c:2a:8c:21:f2:67:f6:0b:31:94:17:ce:ff:4f:c1:35:11:
da:c5:b8:d2:e7:0b:c4:67:bb:2e:3f:8d:bb:f2:94:d7:22:60:
da:ee:1c:77:b1:67:bc:5a:22:6d:11:ad:56:7d:d9:2d:fd:83:
c2:27:b1:e6:87:64:51:50:eb:4a:bd:2d:f3:c9:cc:8a:a3:aa:
e0:e8:61:97:9d:85:6d:93:e8:a2:d5:15:64:fd:08:c8:a9:ab:
e4:e8:86:8d:09:5c:cb:7c:97:14:a3:be:ca:a8:6f:fc:05:91:
db:a0:ff:de:71:d5:9b:15:cd:41:04:af:02:8b:76:aa:d2:78:
f1:d4:de:3a:a4:49:e9:fa:07:93:a2:23:d3:5f:38:5a:51:27:
fb:cd:50:46:2c:0e:f1:23:e3:81:d0:15:c1:f9:d1:bb:91:52:
7b:7a:64:53:ba:f6:8d:af:2c:a2:e4:3f:93:2f:c2:d5:49:d5:
54:03:fa:03:73:54:1c:8e:ee:c5:45:b5:f1:fe:58:4d:41:eb:
18:3f:27:30
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMsgpTZbqYNJktO74JXQIPGuN3VEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMzhaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzZjc5ZTdlMmUzMjlmODRmZTlhZjhmNmQ3ZjMwZmE3MDA0ZTI2ODE3OTk1
NGI3MjBjODcyOWI2ZWMxZDliNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRQ4KaVmr5gKDMymZr0V0SpTvoX27/bwOge8OCUnnHyBlHjQTsf5aiR5/mY
cIjW8YBYuSsDsutnFK6zKid2dNGOhlO7bI5QoJEQUIuWzNy7NdpDtdiYYEVSuPjb
Rja1NRp2qqdwt/J+hyif15oxnFNtN9j/qxkTTCeBnQMGiSvdCDw73zcVuLKx5G4D
RX3+xa9N5uG7MFDKIK8wcNE3v8f/GpOyVTSn3r5l83W5IkW9J1pAib8DsIsrXR9l
UsDg4zhCpB6ggBWj41lhuTePPW6eQ2/+C7CruJCHOgOwjAjRe7d3gr34FHBcl5Cz
9CPkiXmCsYRqsiv9ZGNg1xQGYPsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ51IgQ
TD8hSI4dBqIgjP7IWVmIfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiMDBjNjMtNGQ0OC00NmEyLWEyYWMtYzZkM2JmNjk1M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HaA
ADANBgkqhkiG9w0BAQsFAAOCAQEAPgnKm1qAjXqYAOroC7vEpGTBtAMTvkLUnoSb
EREfTsUa2pMRIXycMscqpj1rBdY2hTwOR4wxBgwqjCHyZ/YLMZQXzv9PwTUR2sW4
0ucLxGe7Lj+Nu/KU1yJg2u4cd7FnvFoibRGtVn3ZLf2Dwiex5odkUVDrSr0t88nM
iqOq4Ohhl52FbZPootUVZP0IyKmr5OiGjQlcy3yXFKO+yqhv/AWR26D/3nHVmxXN
QQSvAot2qtJ48dTeOqRJ6foHk6Ij0184WlEn+81QRiwO8SPjgdAVwfnRu5FSe3pk
U7r2ja8souQ/ky/C1UnVVAP6A3NUHI7uxUW18f5YTUHrGD8nMA==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:55 2025 by rpki-client