Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa
File: 32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa (raw, json)
Hash identifier: uHJC39+IUXDq6Gj0jLfkwvj2W2ToUtEbHI3dn1bQ2b4=
Subject key identifier: 8D:9C:45:D2:7A:FF:00:72:92:0B:4F:5A:4C:B2:2D:92:46:3B:52:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36CCC117A73ADB4B3CB866EF16EB9CD089334FD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa
Signing time: Mon 16 Jun 2025 21:00:56 +0000
ROA not before: Mon 16 Jun 2025 21:00:56 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:cc:c1:17:a7:3a:db:4b:3c:b8:66:ef:16:eb:9c:d0:89:33:4f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:00:56 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0c65d8b334bc192ffb9c5472935effa4b98fcd21e066f8bb66ad953e7dd82db4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6a:6a:a2:f9:81:46:fa:59:da:3a:fb:9f:4b:
d0:be:f2:2d:22:75:ca:74:76:f5:32:a5:67:f6:69:
82:78:a8:96:8b:7b:f8:cc:f2:ab:92:49:d6:5d:e7:
2c:28:3d:9b:f3:6c:f0:91:df:dd:3a:05:db:eb:d6:
98:08:56:a7:4a:7c:d3:55:6a:c8:b3:d7:8d:96:f3:
31:91:23:98:90:a4:fb:95:f2:d1:db:24:bc:b3:92:
ce:dc:aa:20:61:0f:b5:85:08:9c:47:93:97:63:24:
ff:b2:74:64:4b:20:ef:24:73:fe:04:79:c6:2a:48:
78:b6:0b:3a:10:c1:f4:fa:26:04:a8:ff:2a:f2:c8:
a9:9d:91:18:8e:4c:6c:09:52:76:0f:2a:72:96:a8:
32:b0:08:30:02:df:90:ff:0f:ed:b3:3e:4e:3b:34:
a6:dd:f3:26:45:65:5c:2d:51:8c:7f:a2:a0:0b:75:
5e:3c:9d:05:5e:dc:09:bc:66:7e:dc:f4:c0:ed:8d:
8f:33:c6:86:0d:80:72:44:38:ec:c0:59:9f:35:ef:
34:c8:03:36:dd:12:a4:20:f7:0d:38:38:46:5b:c8:
fb:76:4b:70:ba:20:9e:00:da:6e:31:dc:29:f1:d1:
fe:c6:54:57:b7:44:c9:b9:41:ad:7c:2e:b6:59:3c:
28:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9C:45:D2:7A:FF:00:72:92:0B:4F:5A:4C:B2:2D:92:46:3B:52:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/32b74179-db70-4b5e-a9aa-e6ae85392a2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e080::/46
Signature Algorithm: sha256WithRSAEncryption
50:b1:ff:e6:8e:fb:5f:66:a7:65:6c:f1:44:68:ca:db:23:f8:
69:50:d1:43:c4:0a:90:b7:73:23:60:0e:61:53:c7:62:1d:25:
00:c2:ef:8d:7a:f0:76:b6:bb:76:94:8b:7d:f8:c8:1f:93:76:
6b:23:fe:38:67:dd:1c:36:96:1d:16:67:75:1d:8a:bc:39:d3:
44:ae:47:98:9d:f2:45:1e:9a:d1:7c:5d:ae:57:60:4e:78:8d:
fb:60:a2:45:5c:24:5b:40:4e:22:1b:eb:1f:77:1c:5a:23:fe:
79:80:7c:18:49:52:3b:77:dc:00:94:41:c0:30:44:20:df:d8:
49:56:1e:28:7a:49:dd:79:b6:82:61:a3:7c:30:5f:c5:cd:b9:
5b:df:7a:99:31:44:08:54:90:a6:17:fa:8c:05:1e:ba:db:51:
5a:e2:90:ec:0c:62:4d:39:ab:ac:93:3b:d3:35:39:ea:11:08:
97:77:f5:82:fc:14:d2:06:c8:ed:0f:c7:88:50:ee:f0:62:cd:
a9:95:b9:97:7d:e4:98:4b:77:e8:9c:97:2f:f3:86:c8:bb:e2:
65:ad:21:bd:34:53:06:b1:c9:d4:9a:a6:00:41:4b:b2:36:bb:
8b:2c:ed:6f:58:4d:b6:5a:5b:5a:08:36:3b:47:2a:8a:3a:9e:
24:02:84:ba
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNszBF6c620s8uGbvFuuc0IkzT9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAwNTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjNjVkOGIzMzRiYzE5MmZmYjljNTQ3MjkzNWVmZmE0Yjk4ZmNkMjFlMDY2
ZjhiYjY2YWQ5NTNlN2RkODJkYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNqaqL5gUb6Wdo6+59L0L7yLSJ1ynR29TKlZ/Zpgniolot7+Mzyq5JJ1l3n
LCg9m/Ns8JHf3ToF2+vWmAhWp0p801VqyLPXjZbzMZEjmJCk+5Xy0dskvLOSztyq
IGEPtYUInEeTl2Mk/7J0ZEsg7yRz/gR5xipIeLYLOhDB9PomBKj/KvLIqZ2RGI5M
bAlSdg8qcpaoMrAIMALfkP8P7bM+Tjs0pt3zJkVlXC1RjH+ioAt1XjydBV7cCbxm
ftz0wO2NjzPGhg2AckQ47MBZnzXvNMgDNt0SpCD3DTg4RlvI+3ZLcLogngDabjHc
KfHR/sZUV7dEyblBrXwutlk8KJUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSNnEXS
ev8AcpILT1pMsi2SRjtSjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzJiNzQxNzktZGI3MC00YjVlLWE5YWEtZTZhZTg1MzkyYTJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXg
gDANBgkqhkiG9w0BAQsFAAOCAQEAULH/5o77X2anZWzxRGjK2yP4aVDRQ8QKkLdz
I2AOYVPHYh0lAMLvjXrwdra7dpSLffjIH5N2ayP+OGfdHDaWHRZndR2KvDnTRK5H
mJ3yRR6a0XxdrldgTniN+2CiRVwkW0BOIhvrH3ccWiP+eYB8GElSO3fcAJRBwDBE
IN/YSVYeKHpJ3Xm2gmGjfDBfxc25W996mTFECFSQphf6jAUeuttRWuKQ7AxiTTmr
rJM70zU56hEIl3f1gvwU0gbI7Q/HiFDu8GLNqZW5l33kmEt36JyXL/OGyLviZa0h
vTRTBrHJ1JqmAEFLsja7iyztb1hNtlpbWgg2O0cqijqeJAKEug==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:04 2025 by rpki-client