Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: 2/RZyQslH3U5exB0fLE7J81ZBi69h2W0LjxytGHH0uE=
Subject key identifier: 0F:5E:EB:C3:C9:B9:B4:EF:C4:AA:5F:A9:5B:27:2F:01:7D:37:E9:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E78BD0C8D4C1FFD9BDEE764040D3E49106C00D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Mon 16 Jun 2025 21:11:18 +0000
ROA not before: Mon 16 Jun 2025 21:11:18 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:78:bd:0c:8d:4c:1f:fd:9b:de:e7:64:04:0d:3e:49:10:6c:00:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:11:18 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=38319f4647919bbe5ccfd7dbbe0322aec862713c6dc5bf2ba9531f150a8bedd4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:67:2b:a5:ac:e0:47:4e:6d:e7:61:ed:88:c9:
a8:ff:18:34:e3:6d:e3:cb:a1:85:70:7b:16:6f:21:
13:17:c0:67:e1:24:54:69:19:e2:0d:e1:a3:f2:04:
b7:2b:e9:72:2e:8a:47:16:d7:10:1d:d1:40:07:a5:
ee:2a:95:4e:b5:73:cc:84:45:92:5a:bc:a7:31:09:
6c:26:8e:ea:4e:01:b8:60:0b:8f:c4:7e:b8:b3:3c:
34:07:83:f6:15:3a:38:ec:46:db:f5:cc:ec:d0:99:
f7:f4:43:29:cf:e9:d7:82:a0:37:5d:20:04:cf:fa:
0b:86:95:32:9e:4c:64:7b:cb:b4:d5:a0:d1:20:ce:
ed:2c:d6:76:82:c5:8d:a9:37:18:d0:41:34:f5:9b:
f7:8e:bc:9f:2a:e5:46:18:57:dc:e8:a7:2a:2d:2b:
cc:a6:e7:61:0f:ac:bb:7b:ba:80:f0:b5:26:8e:81:
af:af:73:e7:45:3f:36:8a:9c:06:e9:1f:f5:05:91:
13:72:9c:11:ba:94:70:59:cb:8e:5e:12:86:62:09:
02:68:08:f9:11:84:c7:3a:2e:a3:77:70:f7:8a:55:
f1:d3:3d:a1:18:9f:ac:ac:67:a0:22:14:ce:98:d1:
5f:cc:e0:bb:f0:71:56:35:25:60:34:18:2e:6a:7d:
d0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5E:EB:C3:C9:B9:B4:EF:C4:AA:5F:A9:5B:27:2F:01:7D:37:E9:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
62:b2:e2:0c:e4:2f:a3:77:53:d9:e6:c8:12:66:78:ec:d6:6e:
b5:02:d2:8d:ab:63:3b:29:90:21:db:12:97:24:fe:ff:88:79:
a4:b1:82:9a:28:77:57:bf:d1:a1:fd:3a:3e:0e:09:5d:42:e9:
ed:fb:9a:d0:45:f0:5a:ea:5d:56:48:fd:15:0a:ff:98:94:39:
1b:62:ce:f7:76:9d:5f:a2:cd:09:45:b2:de:ca:5f:07:6c:97:
93:0e:d3:73:16:d7:73:d3:e2:69:80:15:9f:a4:d3:0d:47:76:
b2:80:91:42:c5:a2:1e:df:28:1d:db:54:50:34:ad:31:02:38:
94:b8:86:92:85:3d:84:35:35:a3:cc:83:98:a7:6c:ee:82:c7:
12:0d:7e:9d:49:d7:e3:c4:82:47:aa:71:2f:ff:08:5c:94:9c:
74:68:9f:b5:db:2c:79:2b:f1:81:bf:dd:e9:2e:2e:67:7e:0d:
17:e2:d0:80:c6:0c:52:9b:68:0b:c7:c8:30:34:08:66:a6:09:
e6:63:9c:0f:e6:5e:50:b7:42:38:c0:82:c2:8f:d0:9a:44:28:
18:af:5c:f6:7c:42:5a:57:02:ff:6e:14:ef:42:f6:64:7c:fa:
68:9e:d5:9f:02:c0:75:dd:ae:99:b8:19:c8:2c:fd:e9:61:4e:
27:1e:5b:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXni9DI1MH/2b3udkBA0+SRBsANYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTExMThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MzE5ZjQ2NDc5MTliYmU1Y2NmZDdkYmJlMDMyMmFlYzg2MjcxM2M2ZGM1
YmYyYmE5NTMxZjE1MGE4YmVkZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5nK6Ws4EdObedh7YjJqP8YNONt48uhhXB7Fm8hExfAZ+EkVGkZ4g3ho/IE
tyvpci6KRxbXEB3RQAel7iqVTrVzzIRFklq8pzEJbCaO6k4BuGALj8R+uLM8NAeD
9hU6OOxG2/XM7NCZ9/RDKc/p14KgN10gBM/6C4aVMp5MZHvLtNWg0SDO7SzWdoLF
jak3GNBBNPWb9468nyrlRhhX3OinKi0rzKbnYQ+su3u6gPC1Jo6Br69z50U/Noqc
Bukf9QWRE3KcEbqUcFnLjl4ShmIJAmgI+RGExzouo3dw94pV8dM9oRifrKxnoCIU
zpjRX8zgu/BxVjUlYDQYLmp90PkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPXuvD
ybm078SqX6lbJy8BfTfp4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQBisuIM5C+jd1PZ5sgSZnjs1m61AtKNq2M7KZAh
2xKXJP7/iHmksYKaKHdXv9Gh/To+DgldQunt+5rQRfBa6l1WSP0VCv+YlDkbYs73
dp1fos0JRbLeyl8HbJeTDtNzFtdz0+JpgBWfpNMNR3aygJFCxaIe3ygd21RQNK0x
AjiUuIaShT2ENTWjzIOYp2zugscSDX6dSdfjxIJHqnEv/whclJx0aJ+12yx5K/GB
v93pLi5nfg0X4tCAxgxSm2gLx8gwNAhmpgnmY5wP5l5Qt0I4wILCj9CaRCgYr1z2
fEJaVwL/bhTvQvZkfPpontWfAsB13a6ZuBnILP3pYU4nHlsq
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:01 2025 by rpki-client