Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
File: 1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa (raw, json)
Hash identifier: J7jitq+CAidLfA1pTTDqyO2Zf+NmKGTDfEhT36LjfvU=
Subject key identifier: CA:64:AB:85:B5:13:FE:21:1C:62:26:DF:6B:B1:CC:07:40:19:31:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52C27599C29D05F1B92474756FA3446F775B18DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
Signing time: Mon 16 Jun 2025 20:20:46 +0000
ROA not before: Mon 16 Jun 2025 20:20:46 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:c2:75:99:c2:9d:05:f1:b9:24:74:75:6f:a3:44:6f:77:5b:18:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:46 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=cbaa091d65f79df2ce54cace402008fb9aa5c119897a6e6725e3758e21763e6d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:99:7b:ef:31:e5:bf:6c:a4:b5:80:09:4a:e9:
c1:b0:76:06:a3:43:d4:05:e5:83:0a:ad:73:5a:bc:
c5:82:96:11:d5:c2:6f:9f:7d:21:fa:b0:ce:ee:84:
f7:04:74:f0:8d:50:80:63:7e:55:1a:86:72:d9:14:
67:2a:f9:06:d8:52:0d:85:42:32:12:ab:d4:22:a5:
45:27:4d:46:1a:89:00:2f:c5:73:a2:74:88:c7:8d:
75:ca:ea:e4:45:3c:5d:f7:70:bb:28:24:db:f3:2c:
d3:15:42:dd:c0:02:87:f0:23:f3:ac:dc:c5:93:ab:
69:53:87:38:f6:57:d9:7c:ee:6f:08:bd:b2:63:23:
3b:f0:59:75:95:cf:08:01:31:24:77:05:66:f9:0f:
b8:82:96:e4:7b:c7:0f:95:3b:2f:34:2c:ba:bc:ed:
6d:98:ab:90:e2:4e:d7:f5:c1:ee:bf:b7:71:99:b9:
53:1a:2c:02:bb:03:c8:45:f8:14:d5:17:50:c1:06:
1a:86:ef:c2:17:27:db:b8:16:34:a3:d5:f4:10:0b:
42:82:f4:3f:c3:2d:f8:61:88:62:1f:01:b5:60:d4:
82:42:e7:26:18:db:b0:dc:db:b8:e7:a4:27:6b:a1:
3c:f5:6f:f2:06:dd:46:fd:0c:2b:ea:c5:e6:4a:4a:
2e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:64:AB:85:B5:13:FE:21:1C:62:26:DF:6B:B1:CC:07:40:19:31:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e000::/40
Signature Algorithm: sha256WithRSAEncryption
50:8a:26:e5:26:6b:fe:49:bd:35:31:4e:52:a8:b0:b6:eb:0e:
9a:2c:db:78:20:82:ef:93:e1:ae:0f:ed:b3:7e:25:31:f4:a1:
37:ca:c1:ed:cf:14:fb:a8:cd:c4:b9:cd:e1:6f:b1:cd:1f:3f:
2b:b5:f7:51:cc:24:43:c2:27:a4:01:1b:b5:16:55:c4:64:4e:
b5:ea:ab:f4:37:bb:de:43:e5:0b:0b:7f:56:34:06:d2:85:00:
42:a1:21:7b:e7:93:96:44:9d:35:a7:1d:70:9e:9c:e4:c8:9d:
a3:40:b3:2a:c5:7d:ea:91:8a:d3:c3:a3:f4:c8:8d:2f:97:42:
fd:8c:aa:63:75:81:37:a9:bd:8e:42:e4:1b:ea:27:19:d9:2e:
a3:07:6a:88:d2:24:52:ae:7e:a5:d9:da:32:14:89:35:93:82:
23:2c:c8:c2:f2:f9:c1:f6:d0:42:cb:45:f3:2b:d4:29:13:56:
a7:2d:5e:6a:6d:f3:3e:45:fe:1a:69:ce:ee:ee:ca:ae:06:ce:
2e:8a:48:fd:b4:af:c8:6b:99:57:28:60:47:9b:4c:8f:6e:a0:
1e:ff:00:94:a6:3c:40:da:a9:40:36:b7:03:68:a7:2a:39:02:
7a:02:c6:16:2d:33:62:73:58:cb:94:7b:84:bc:eb:26:f5:a4:
9e:d2:81:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUsJ1mcKdBfG5JHR1b6NEb3dbGNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwNDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYWEwOTFkNjVmNzlkZjJjZTU0Y2FjZTQwMjAwOGZiOWFhNWMxMTk4OTdh
NmU2NzI1ZTM3NThlMjE3NjNlNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOZe+8x5b9spLWACUrpwbB2BqND1AXlgwqtc1q8xYKWEdXCb599Ifqwzu6E
9wR08I1QgGN+VRqGctkUZyr5BthSDYVCMhKr1CKlRSdNRhqJAC/Fc6J0iMeNdcrq
5EU8Xfdwuygk2/Ms0xVC3cACh/Aj86zcxZOraVOHOPZX2Xzubwi9smMjO/BZdZXP
CAExJHcFZvkPuIKW5HvHD5U7LzQsurztbZirkOJO1/XB7r+3cZm5UxosArsDyEX4
FNUXUMEGGobvwhcn27gWNKPV9BALQoL0P8Mt+GGIYh8BtWDUgkLnJhjbsNzbuOek
J2uhPPVv8gbdRv0MK+rF5kpKLuECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKZKuF
tRP+IRxiJt9rscwHQBkxejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4NzU3YTMtNWIwZS00NDczLTlhM2ItODc2Y2MxMzRlMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADg
MA0GCSqGSIb3DQEBCwUAA4IBAQBQiiblJmv+Sb01MU5SqLC26w6aLNt4IILvk+Gu
D+2zfiUx9KE3ysHtzxT7qM3Euc3hb7HNHz8rtfdRzCRDwiekARu1FlXEZE616qv0
N7veQ+ULC39WNAbShQBCoSF755OWRJ01px1wnpzkyJ2jQLMqxX3qkYrTw6P0yI0v
l0L9jKpjdYE3qb2OQuQb6icZ2S6jB2qI0iRSrn6l2doyFIk1k4IjLMjC8vnB9tBC
y0XzK9QpE1anLV5qbfM+Rf4aac7u7squBs4uikj9tK/Ia5lXKGBHm0yPbqAe/wCU
pjxA2qlANrcDaKcqOQJ6AsYWLTNic1jLlHuEvOsm9aSe0oHi
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:50 2025 by rpki-client