Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
File: 3d4529a1-3c28-42b4-b071-aa7474560d24.roa (raw, json)
Hash identifier: Hxq2RgyzL2DCjQAvRSigHA53MQgKayGiyZP1CIlFMGE=
Subject key identifier: D4:D6:CD:75:04:4D:44:5D:58:2E:22:AC:E7:33:FA:BF:4D:C9:98:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05745223D6ACFCF5C04DD4E3933F34C47E20B5CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
Signing time: Fri 16 May 2025 17:40:06 +0000
ROA not before: Fri 16 May 2025 17:40:06 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:74:52:23:d6:ac:fc:f5:c0:4d:d4:e3:93:3f:34:c4:7e:20:b5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:06 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=39da384ea04a13717d088512bb5040ad0c464179dcbc54d79049fdb2303b1de7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9f:4a:89:69:f7:30:cd:dd:2b:8c:57:3b:b8:
4c:60:f9:60:75:18:0c:2a:3d:6c:e1:5c:f4:7d:e6:
46:c6:0b:f5:37:b0:19:75:95:d3:92:e2:12:eb:e1:
c9:28:76:60:b8:4c:a7:e1:45:86:52:fe:41:15:ff:
bc:c0:e4:18:e6:33:f1:7f:ed:4a:b1:f9:e9:d2:ea:
da:80:ba:2d:96:3b:06:73:75:a9:22:d9:cc:38:6c:
0e:21:37:a7:fc:4f:b8:22:f6:f4:02:13:4a:d9:7d:
a5:5a:af:da:c9:0f:27:a2:db:04:c2:29:b5:34:23:
0c:33:7f:e2:1e:e2:a1:52:18:cc:80:a7:9e:49:d4:
6f:d7:37:14:1b:de:16:23:de:7c:fb:a8:55:f1:55:
a8:ed:11:2f:4b:d0:f3:18:20:03:ba:39:af:73:32:
b0:da:9b:3d:de:52:d2:71:96:ce:a2:41:47:84:11:
fa:d5:2d:02:39:fc:6b:a9:85:d6:d1:01:1b:85:67:
24:ff:9a:0f:d1:34:f3:ab:b7:75:fe:e4:ba:7c:3e:
fd:68:68:2a:a1:5d:56:f1:58:2e:98:ef:1c:21:b8:
53:a3:e4:6a:dc:85:ff:84:e4:e8:96:87:09:ae:48:
d4:e8:15:5e:09:d8:ce:8a:c9:25:2f:16:ac:b1:94:
a6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D6:CD:75:04:4D:44:5D:58:2E:22:AC:E7:33:FA:BF:4D:C9:98:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:840::/46
Signature Algorithm: sha256WithRSAEncryption
67:41:c0:a5:97:c1:cb:7c:2a:75:18:b3:ae:72:bc:28:ac:8f:
e6:22:a2:d0:72:99:6e:5d:f2:42:25:b1:03:9c:09:d5:64:0f:
0b:9b:8b:fb:4d:d9:2c:23:2f:fa:10:0f:f1:7b:43:33:f4:04:
86:52:8d:08:e8:b9:d3:c0:7f:72:f1:a2:b1:16:d8:85:02:3e:
28:bb:e2:49:db:b5:d6:53:19:da:04:64:10:97:09:0c:2a:50:
a1:eb:90:4d:58:12:70:b3:05:85:e7:a5:d1:19:ed:74:66:95:
51:44:09:56:0c:bd:7d:3a:b9:a0:90:10:7f:4d:5f:ce:f6:fc:
51:be:6b:af:1d:40:8b:7d:26:09:c0:81:21:87:49:9c:99:64:
1f:bf:08:b1:b7:26:e1:6d:ba:e4:1f:fd:5e:17:9e:6f:73:c5:
49:49:cc:55:6b:5b:c6:ae:a5:d3:65:3d:7e:ce:8d:db:eb:ea:
79:81:bf:58:65:4d:ce:b5:92:ab:a3:e4:5e:d7:6a:3b:dc:a5:
eb:31:66:41:69:df:79:c5:00:dd:74:5c:0b:7e:fd:f7:f9:89:
cf:c1:ec:6f:8e:6b:b3:b6:57:6e:73:5c:a6:6f:3c:25:36:3c:
c5:84:06:41:e8:12:b8:6c:23:e5:b4:6a:cc:60:fb:a5:ca:81:
be:fe:af:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBXRSI9as/PXATdTjkz80xH4gtcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwMDZaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5ZGEzODRlYTA0YTEzNzE3ZDA4ODUxMmJiNTA0MGFkMGM0NjQxNzlkY2Jj
NTRkNzkwNDlmZGIyMzAzYjFkZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANefSolp9zDN3SuMVzu4TGD5YHUYDCo9bOFc9H3mRsYL9TewGXWV05LiEuvh
ySh2YLhMp+FFhlL+QRX/vMDkGOYz8X/tSrH56dLq2oC6LZY7BnN1qSLZzDhsDiE3
p/xPuCL29AITStl9pVqv2skPJ6LbBMIptTQjDDN/4h7ioVIYzICnnknUb9c3FBve
FiPefPuoVfFVqO0RL0vQ8xggA7o5r3MysNqbPd5S0nGWzqJBR4QR+tUtAjn8a6mF
1tEBG4VnJP+aD9E086u3df7kunw+/WhoKqFdVvFYLpjvHCG4U6PkatyF/4Tk6JaH
Ca5I1OgVXgnYzorJJS8WrLGUprUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTU1s11
BE1EXVguIqznM/q/TcmYuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Q0NTI5YTEtM2MyOC00MmI0LWIwNzEtYWE3NDc0NTYwZDI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HcI
QDANBgkqhkiG9w0BAQsFAAOCAQEAZ0HApZfBy3wqdRizrnK8KKyP5iKi0HKZbl3y
QiWxA5wJ1WQPC5uL+03ZLCMv+hAP8XtDM/QEhlKNCOi508B/cvGisRbYhQI+KLvi
Sdu11lMZ2gRkEJcJDCpQoeuQTVgScLMFheel0RntdGaVUUQJVgy9fTq5oJAQf01f
zvb8Ub5rrx1Ai30mCcCBIYdJnJlkH78Isbcm4W265B/9Xheeb3PFSUnMVWtbxq6l
02U9fs6N2+vqeYG/WGVNzrWSq6PkXtdqO9yl6zFmQWnfecUA3XRcC3799/mJz8Hs
b45rs7ZXbnNcpm88JTY8xYQGQegSuGwj5bRqzGD7pcqBvv6v+Q==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:22 2025 by rpki-client