Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
File: 37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa (raw, json)
Hash identifier: 59xBwG1eTOtALoeW8JweHEdzphk4/YhbAx3XIppCH+o=
Subject key identifier: B3:36:C5:5F:08:F4:8B:0D:A4:B5:61:0C:A6:E9:EB:D4:A7:56:54:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DE6AEFCD6E90B162D2FC6CEBD2ECFC394CAD363
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
Signing time: Mon 16 Jun 2025 21:20:47 +0000
ROA not before: Mon 16 Jun 2025 21:20:47 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:e6:ae:fc:d6:e9:0b:16:2d:2f:c6:ce:bd:2e:cf:c3:94:ca:d3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:47 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=35e0a923d52bdac5d9eae2d415ab441353eefc5d540278ecc98e3af90df8bf2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cd:97:ca:9f:d7:1d:53:47:0f:cd:ad:9a:ad:
93:26:21:4c:a6:ad:36:c3:59:03:97:5d:23:48:dd:
96:75:f9:93:f9:aa:07:57:7a:74:0a:66:9c:0d:10:
83:84:30:56:14:51:4b:09:fe:be:ec:f4:02:87:00:
60:80:0f:20:14:80:8d:3d:00:2f:86:be:b5:87:15:
1a:92:0e:b4:00:92:c5:ae:93:e2:04:91:f9:15:78:
67:d2:02:b5:e5:79:f6:30:bb:8e:32:d2:f1:69:22:
ea:0b:a4:df:cf:80:0a:06:28:06:04:18:30:66:9a:
e2:c5:bd:aa:08:20:44:a0:f9:53:38:7d:d3:45:ba:
0f:f1:fd:f2:ee:50:fe:4d:db:4e:67:25:b4:0f:71:
df:10:e0:c9:7a:4f:0f:04:50:06:b6:dc:15:9a:34:
46:0b:7e:11:cb:c1:51:1b:8d:2e:f1:a5:36:3b:af:
f8:aa:0e:0b:30:be:10:01:b4:3e:91:76:76:b1:1f:
d0:5f:05:ae:75:97:8c:24:dc:a0:09:cc:18:f7:a2:
10:e7:3f:69:14:a3:18:52:8b:77:62:43:03:2b:a1:
25:77:f6:bc:d4:ba:0b:47:74:f1:a4:2d:a5:c7:95:
c8:dc:58:72:ad:fe:37:dc:e5:8b:22:a5:b2:5e:b5:
51:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:36:C5:5F:08:F4:8B:0D:A4:B5:61:0C:A6:E9:EB:D4:A7:56:54:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:8000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:be:63:3f:72:88:c4:a0:c6:30:c0:40:19:1e:3d:aa:aa:27:
71:29:e7:4f:1f:54:18:ba:bc:59:5b:b6:1d:a1:d3:bc:29:55:
ce:c2:7a:96:39:c2:7c:01:99:9f:27:d2:29:13:c9:89:e9:fc:
74:b9:9a:75:fd:e7:18:5f:d1:49:51:85:41:33:8e:d9:87:a3:
b3:0b:4c:bc:8c:34:35:e2:0f:4d:48:0c:7f:9c:77:e8:b9:a4:
ee:16:7b:ce:da:e1:25:2f:1f:c5:82:14:99:60:2a:59:db:21:
3f:90:d6:84:9c:e0:2d:d0:fc:26:96:e3:79:b2:32:cd:2d:6d:
23:9e:96:9a:27:e3:67:28:74:cd:64:8f:87:9b:39:0d:b4:7b:
6b:f0:ed:23:01:25:d0:5f:1a:dd:90:be:f8:98:21:7f:05:0f:
09:00:b8:2f:40:18:9d:5a:3d:29:5d:d2:af:4b:ff:b7:db:6a:
a8:d1:8f:e7:a7:ff:90:06:50:37:37:9a:d2:d6:ea:78:56:c3:
fb:14:27:67:bd:e8:cd:27:98:f0:c8:1c:f1:4a:ab:7d:f7:63:
2f:f2:d7:1c:e6:42:03:73:36:30:ec:80:c1:b3:42:ac:98:af:
e1:ab:55:54:6a:2c:b0:86:2c:6b:e1:8a:74:a6:f5:ab:ef:32:
87:dc:29:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPeau/NbpCxYtL8bOvS7Pw5TK02MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwNDdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1ZTBhOTIzZDUyYmRhYzVkOWVhZTJkNDE1YWI0NDEzNTNlZWZjNWQ1NDAy
NzhlY2M5OGUzYWY5MGRmOGJmMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3Nl8qf1x1TRw/NrZqtkyYhTKatNsNZA5ddI0jdlnX5k/mqB1d6dApmnA0Q
g4QwVhRRSwn+vuz0AocAYIAPIBSAjT0AL4a+tYcVGpIOtACSxa6T4gSR+RV4Z9IC
teV59jC7jjLS8Wki6guk38+ACgYoBgQYMGaa4sW9qgggRKD5Uzh900W6D/H98u5Q
/k3bTmcltA9x3xDgyXpPDwRQBrbcFZo0Rgt+EcvBURuNLvGlNjuv+KoOCzC+EAG0
PpF2drEf0F8FrnWXjCTcoAnMGPeiEOc/aRSjGFKLd2JDAyuhJXf2vNS6C0d08aQt
pceVyNxYcq3+N9zliyKlsl61UUMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzNsVf
CPSLDaS1YQym6evUp1ZUHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdmODQ3OGYtNWVmOC00ZmU1LWI5YTItMWJiZDYwNWE2YWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA
MA0GCSqGSIb3DQEBCwUAA4IBAQAtvmM/cojEoMYwwEAZHj2qqidxKedPH1QYurxZ
W7YdodO8KVXOwnqWOcJ8AZmfJ9IpE8mJ6fx0uZp1/ecYX9FJUYVBM47Zh6OzC0y8
jDQ14g9NSAx/nHfouaTuFnvO2uElLx/FghSZYCpZ2yE/kNaEnOAt0PwmluN5sjLN
LW0jnpaaJ+NnKHTNZI+HmzkNtHtr8O0jASXQXxrdkL74mCF/BQ8JALgvQBidWj0p
XdKvS/+322qo0Y/np/+QBlA3N5rS1up4VsP7FCdnvejNJ5jwyBzxSqt992Mv8tcc
5kIDczYw7IDBs0KsmK/hq1VUaiywhixr4Yp0pvWr7zKH3ClP
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:22:18 2025 by rpki-client