Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json)
Hash identifier: baBs/qlKG+Pa4mtJ8dMkqWvldpM1YnTyt9FE6ypCnIQ=
Subject key identifier: D2:F4:43:0D:C0:E3:42:17:91:49:38:EE:B9:95:76:30:CC:5F:B4:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 735875744301C5BCA8088B02D0CC3731239B3BB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
Signing time: Mon 16 Jun 2025 21:31:32 +0000
ROA not before: Mon 16 Jun 2025 21:31:32 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:58:75:74:43:01:c5:bc:a8:08:8b:02:d0:cc:37:31:23:9b:3b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:32 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=89cb1a9f687246c52e9be6114505e204890b275cf480996843ea8e3a80dd8904, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:de:d2:9e:e6:e3:bb:75:5e:42:da:bb:9a:99:
f7:a9:c1:72:34:a2:92:d4:c0:81:9c:e1:c9:11:35:
a7:5b:e1:b8:e9:13:5f:77:67:bc:77:97:b9:55:5d:
5b:b4:e1:c0:76:f6:c5:3f:ab:65:24:04:51:f5:fc:
59:71:46:c6:29:08:e3:78:95:76:2f:29:5e:51:cd:
3c:ab:63:6e:47:91:77:61:05:e4:1b:d7:f1:f8:43:
1a:18:37:48:cb:94:81:1c:ff:83:33:bc:07:95:4c:
af:6f:05:0d:ee:36:eb:16:b8:ec:06:fa:ce:f9:c6:
14:ed:7e:80:a0:0b:3a:89:44:d8:4f:ca:8a:12:14:
d4:a1:19:1e:98:cd:be:c1:4e:d1:b5:c0:b1:29:4e:
d2:8d:bd:57:3e:ac:ee:92:2c:b0:88:c7:02:b8:39:
c2:56:2d:b4:db:7f:ae:22:34:fd:c3:4c:68:8b:23:
53:e7:44:62:c6:7f:08:f3:ca:22:dd:5f:e2:8d:eb:
7d:9d:b2:4d:85:7a:19:d3:3a:35:51:a3:20:f7:d6:
f3:73:e2:36:6d:73:0c:0f:60:86:6c:bc:31:7f:c9:
14:c8:d3:23:ae:38:9b:49:d5:62:fb:b8:59:3d:b2:
3a:23:d0:76:3e:d5:03:95:1e:f1:50:b6:52:48:ec:
84:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F4:43:0D:C0:E3:42:17:91:49:38:EE:B9:95:76:30:CC:5F:B4:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:9000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:b7:17:4e:85:1d:d7:e3:81:07:c1:c7:dd:f0:dc:11:d1:e0:
76:1d:7a:72:5d:54:fd:93:de:b6:b5:85:22:3f:c4:ec:23:82:
07:f9:f6:95:05:52:21:15:fb:42:c0:42:44:ca:35:c4:f5:56:
94:e8:f7:f0:c8:9a:42:f3:41:a3:b5:2c:48:c6:7b:f7:50:66:
5e:0a:6c:fa:4b:f0:87:66:d1:a8:aa:bd:8d:aa:58:72:b6:be:
5d:26:c8:c3:05:70:59:72:ff:0e:b2:57:05:ac:f4:50:dc:08:
18:03:cc:2d:5f:e1:0e:c0:27:d4:d4:e7:00:ea:47:33:37:4c:
bc:2f:35:80:12:bf:d1:8f:f8:39:14:f5:e3:90:09:2c:d5:c8:
0f:4a:41:4d:7a:28:fa:36:e8:09:2c:2a:20:75:64:b3:4b:72:
7c:49:5f:26:d1:d7:d8:7a:1e:60:f8:16:f4:61:c9:73:3c:2d:
45:70:5b:33:d6:f0:28:1d:18:af:f2:09:fd:b8:e8:65:60:0c:
a8:64:de:b5:6d:fc:05:5d:f2:09:c5:b2:9e:23:a6:e8:5d:93:
d4:a8:ea:5b:1d:7b:55:5b:59:f7:40:12:16:23:b8:41:be:5d:
ba:15:85:d0:51:fb:6a:2d:cd:34:8a:e1:68:9f:95:e2:3d:f0:
4f:ee:76:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc1h1dEMBxbyoCIsC0Mw3MSObO7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMzJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5Y2IxYTlmNjg3MjQ2YzUyZTliZTYxMTQ1MDVlMjA0ODkwYjI3NWNmNDgw
OTk2ODQzZWE4ZTNhODBkZDg5MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPfe0p7m47t1XkLau5qZ96nBcjSiktTAgZzhyRE1p1vhuOkTX3dnvHeXuVVd
W7ThwHb2xT+rZSQEUfX8WXFGxikI43iVdi8pXlHNPKtjbkeRd2EF5BvX8fhDGhg3
SMuUgRz/gzO8B5VMr28FDe426xa47Ab6zvnGFO1+gKALOolE2E/KihIU1KEZHpjN
vsFO0bXAsSlO0o29Vz6s7pIssIjHArg5wlYttNt/riI0/cNMaIsjU+dEYsZ/CPPK
It1f4o3rfZ2yTYV6GdM6NVGjIPfW83PiNm1zDA9ghmy8MX/JFMjTI644m0nVYvu4
WT2yOiPQdj7VA5Ue8VC2UkjshH8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTS9EMN
wONCF5FJOO65lXYwzF+0eTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC7txdOhR3X44EHwcfd8NwR0eB2HXpyXVT9k962
tYUiP8TsI4IH+faVBVIhFftCwEJEyjXE9VaU6PfwyJpC80GjtSxIxnv3UGZeCmz6
S/CHZtGoqr2Nqlhytr5dJsjDBXBZcv8OslcFrPRQ3AgYA8wtX+EOwCfU1OcA6kcz
N0y8LzWAEr/Rj/g5FPXjkAks1cgPSkFNeij6NugJLCogdWSzS3J8SV8m0dfYeh5g
+Bb0YclzPC1FcFsz1vAoHRiv8gn9uOhlYAyoZN61bfwFXfIJxbKeI6boXZPUqOpb
HXtVW1n3QBIWI7hBvl26FYXQUftqLc00iuFon5XiPfBP7nYm
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:22 2025 by rpki-client