Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
File: 915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa (raw, json)
Hash identifier: n15V0urB4DoO7CoJx1Ect3z1jBkRrP7Q+ePh/8qK7FM=
Subject key identifier: 3A:C0:2D:C7:8A:28:19:0B:FD:71:9B:1D:B8:74:63:94:4F:60:5E:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E7D9A52541DA64C1DF2EE05171A1E002ABF1AFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
Signing time: Mon 28 Apr 2025 15:40:09 +0000
ROA not before: Mon 28 Apr 2025 15:40:09 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:7d:9a:52:54:1d:a6:4c:1d:f2:ee:05:17:1a:1e:00:2a:bf:1a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:09 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=d20caba97f341b6a2854e570677611fc7ea5df701ac0fa7b3d2efaa742d6badc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:02:49:12:a5:1c:7c:d5:75:ea:5a:a7:0e:14:
d5:d6:75:b1:80:4f:e1:4b:14:41:20:7b:df:e5:0a:
1e:44:b0:cc:6d:68:96:36:ca:7e:57:12:0c:fd:0c:
0b:41:ac:9b:76:90:8e:47:e6:9b:ec:4a:71:a6:c7:
d5:93:9c:e4:53:a2:44:9e:2d:92:eb:28:8f:4f:7b:
c8:37:3e:74:1b:0a:b0:5f:70:30:68:f0:56:b4:cc:
d7:d3:7c:e4:97:b1:ac:ee:43:9e:be:8b:f6:53:0b:
1c:4a:72:a9:35:57:9e:ab:44:33:d3:eb:e2:05:8e:
9b:50:00:cd:1c:0a:30:8a:ef:6a:80:06:54:66:1c:
d0:3f:fe:fd:0d:b6:35:e7:06:f3:e2:fd:3f:b5:cf:
dd:66:20:1d:0c:1c:e4:3f:10:f5:f6:d7:d1:71:27:
25:9e:67:68:f6:8a:f6:c8:00:ef:9c:e1:26:5d:d8:
ec:e0:b4:95:f9:ec:35:8e:5b:f3:65:60:e0:4e:5d:
8b:2f:ff:09:d7:d8:9d:6c:2c:59:92:79:5e:f2:7f:
2b:c5:74:03:0c:ed:fc:b1:90:7f:ec:aa:4e:a4:2c:
f8:38:60:aa:52:de:a8:58:dd:87:94:6a:34:90:13:
29:83:fa:b3:c9:98:3d:51:2b:c5:d4:e9:9a:b9:61:
e5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C0:2D:C7:8A:28:19:0B:FD:71:9B:1D:B8:74:63:94:4F:60:5E:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/36
Signature Algorithm: sha256WithRSAEncryption
2a:14:5c:3c:3a:47:38:13:6e:d8:60:0a:68:d7:03:00:56:17:
5c:30:ed:2b:59:bd:1a:67:f2:ce:65:4a:4a:f4:6a:0d:08:b3:
b4:c2:d3:24:38:96:75:e9:5b:ee:c0:d8:42:93:bf:f0:8d:17:
96:6c:7c:5b:e5:d7:b0:10:54:b2:1a:dd:68:18:d0:f6:f9:de:
a0:62:ea:71:5f:de:99:81:5a:1f:e4:96:ca:f0:cf:77:ca:ad:
2f:b3:ca:6e:d3:fe:bd:2d:56:ea:14:05:ed:11:44:be:e5:8a:
d2:71:f4:ab:62:65:2d:6e:6d:7b:16:0f:12:0d:49:71:89:c5:
d2:0f:8f:d0:8c:29:40:4a:74:79:07:4f:6f:96:11:24:11:03:
4d:fc:92:83:cb:8a:e1:fa:c5:6e:bf:ef:3e:4f:d8:4d:b8:f4:
c0:c0:0a:13:83:61:e4:79:de:16:fc:c1:82:9f:8d:37:c0:ba:
3b:15:ab:67:f8:94:12:3e:aa:9c:e7:14:f5:58:2f:71:4b:26:
ad:3b:34:d3:7b:f5:fb:a7:24:45:c6:17:47:3e:2b:7e:8c:ce:
9a:e4:e7:59:6e:cf:eb:26:11:8c:92:60:a8:e7:63:e5:08:ff:
c7:8f:dd:97:3f:bd:b4:77:43:d0:64:b2:12:25:ec:03:c6:35:
a0:35:93:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULn2aUlQdpkwd8u4FFxoeACq/Gv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMDlaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyMGNhYmE5N2YzNDFiNmEyODU0ZTU3MDY3NzYxMWZjN2VhNWRmNzAxYWMw
ZmE3YjNkMmVmYWE3NDJkNmJhZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8CSRKlHHzVdepapw4U1dZ1sYBP4UsUQSB73+UKHkSwzG1oljbKflcSDP0M
C0Gsm3aQjkfmm+xKcabH1ZOc5FOiRJ4tkusoj097yDc+dBsKsF9wMGjwVrTM19N8
5JexrO5Dnr6L9lMLHEpyqTVXnqtEM9Pr4gWOm1AAzRwKMIrvaoAGVGYc0D/+/Q22
NecG8+L9P7XP3WYgHQwc5D8Q9fbX0XEnJZ5naPaK9sgA75zhJl3Y7OC0lfnsNY5b
82Vg4E5diy//CdfYnWwsWZJ5XvJ/K8V0Awzt/LGQf+yqTqQs+DhgqlLeqFjdh5Rq
NJATKYP6s8mYPVErxdTpmrlh5V0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6wC3H
iigZC/1xmx24dGOUT2BemDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE1Y2NlZjYtYjA2Zi00ZTExLWJlOWEtOGI5YTIyOWZmNTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BCA
MA0GCSqGSIb3DQEBCwUAA4IBAQAqFFw8Okc4E27YYApo1wMAVhdcMO0rWb0aZ/LO
ZUpK9GoNCLO0wtMkOJZ16VvuwNhCk7/wjReWbHxb5dewEFSyGt1oGND2+d6gYupx
X96ZgVof5JbK8M93yq0vs8pu0/69LVbqFAXtEUS+5YrScfSrYmUtbm17Fg8SDUlx
icXSD4/QjClASnR5B09vlhEkEQNN/JKDy4rh+sVuv+8+T9hNuPTAwAoTg2Hked4W
/MGCn403wLo7Fatn+JQSPqqc5xT1WC9xSyatOzTTe/X7pyRFxhdHPit+jM6a5OdZ
bs/rJhGMkmCo52PlCP/Hj92XP720d0PQZLISJewDxjWgNZMy
-----END CERTIFICATE-----
Generated at Tue May 6 04:10:55 2025 by rpki-client