Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
File: 357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa (raw, json)
Hash identifier: S7BEko9+iAWir99A5fOjBtK4100aHIYj0tkM1A1aeVg=
Subject key identifier: 1C:24:18:6B:44:5C:E7:2C:EC:3C:FB:6D:20:B4:73:D4:9B:C4:37:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17D8D7052E2DC5F059C2DA0E4BA4895D538AD5D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
Signing time: Mon 16 Jun 2025 20:20:40 +0000
ROA not before: Mon 16 Jun 2025 20:20:40 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:d8:d7:05:2e:2d:c5:f0:59:c2:da:0e:4b:a4:89:5d:53:8a:d5:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:40 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c1cd549a5c0614309a9cdbd22ae105f0697552affa34ae9fe4699100b9a953df, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:5b:34:cc:04:0e:c6:bf:58:7c:7f:b4:bb:89:
b2:67:02:aa:80:d8:19:dd:78:46:ba:8a:37:61:24:
a3:ee:eb:7f:fc:0d:3d:e6:74:9f:ab:dc:ff:e5:41:
1d:07:17:b7:3a:8d:0e:6d:68:b1:ab:a8:3c:cb:c8:
fc:c0:13:15:de:31:97:7b:3f:2b:e0:ef:c3:19:13:
18:78:d4:7c:1b:49:c5:2d:04:e1:95:ad:9b:eb:ad:
09:f1:fd:e5:b6:37:05:1b:98:a1:53:53:34:98:62:
97:5d:84:17:dc:97:fe:66:22:9f:66:65:a5:fa:a1:
57:10:48:b1:e5:b3:32:01:33:e4:02:28:e7:8b:99:
14:e0:ca:55:8c:12:3e:96:7c:70:c7:6b:d6:21:fe:
fa:30:d7:ee:06:74:3c:de:2a:7d:f9:2b:83:9c:b3:
33:1c:42:b3:e4:18:25:6f:67:e2:eb:e2:84:88:7a:
86:93:fc:89:c6:ca:61:ad:f3:24:52:42:24:d4:80:
97:69:e9:36:e3:b6:31:67:e9:fd:17:68:ba:e2:22:
07:52:07:92:f1:b3:47:12:cb:9c:4d:59:b6:79:f9:
cb:57:f5:c2:c5:62:48:16:79:2f:cc:f7:13:72:f7:
25:f4:76:9e:09:4d:ed:b3:91:77:ad:0b:f9:fd:3a:
4b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:24:18:6B:44:5C:E7:2C:EC:3C:FB:6D:20:B4:73:D4:9B:C4:37:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1000::/40
Signature Algorithm: sha256WithRSAEncryption
73:28:de:61:28:08:b5:ae:f6:dd:87:04:6f:1b:1d:44:a8:68:
5a:c2:b5:9a:b5:f2:8c:ad:bc:1d:7c:4f:a3:90:c2:4e:8b:50:
fe:6e:48:a8:23:1d:0a:9b:d9:de:08:e2:6c:00:54:30:93:4f:
dd:25:d9:09:83:fe:12:76:e0:1b:4a:bb:39:fc:4e:31:f5:92:
c6:cc:85:de:41:cd:08:0d:9c:36:1b:3d:ff:2a:63:c2:cf:39:
b8:64:9e:f4:e2:c2:f5:db:83:a1:64:21:c1:9f:87:0d:9d:e2:
c5:5f:c9:16:15:f1:01:dd:63:83:e7:35:be:44:b0:57:47:51:
1d:24:17:31:0c:77:49:2b:72:81:f1:20:8a:d5:8c:24:80:e5:
fd:e8:72:e5:d1:6d:a8:4b:1c:21:ac:92:70:41:25:4e:de:f5:
ab:af:4f:6b:bb:87:74:fd:da:92:84:b7:ab:ba:99:46:0f:53:
6a:06:9c:13:08:4f:66:1b:41:02:31:9e:6c:87:78:5b:a4:26:
db:15:0a:3c:d0:cf:6a:4b:0d:61:18:62:8c:39:b4:08:93:25:
f1:1e:c9:e1:49:ae:35:9c:04:1c:2a:e2:56:46:5c:b0:55:6d:
95:57:e4:14:73:e8:28:a5:5f:6e:4b:a3:13:35:c3:60:63:a6:
c5:fc:10:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF9jXBS4txfBZwtoOS6SJXVOK1dQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwNDBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxY2Q1NDlhNWMwNjE0MzA5YTljZGJkMjJhZTEwNWYwNjk3NTUyYWZmYTM0
YWU5ZmU0Njk5MTAwYjlhOTUzZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO1bNMwEDsa/WHx/tLuJsmcCqoDYGd14RrqKN2Eko+7rf/wNPeZ0n6vc/+VB
HQcXtzqNDm1osauoPMvI/MATFd4xl3s/K+DvwxkTGHjUfBtJxS0E4ZWtm+utCfH9
5bY3BRuYoVNTNJhil12EF9yX/mYin2ZlpfqhVxBIseWzMgEz5AIo54uZFODKVYwS
PpZ8cMdr1iH++jDX7gZ0PN4qffkrg5yzMxxCs+QYJW9n4uvihIh6hpP8icbKYa3z
JFJCJNSAl2npNuO2MWfp/RdouuIiB1IHkvGzRxLLnE1Ztnn5y1f1wsViSBZ5L8z3
E3L3JfR2nglN7bORd60L+f06SzUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcJBhr
RFznLOw8+20gtHPUm8Q3QDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU3YzY2MjItOTE2MS00NGQ3LWFiMTMtNmVhNmUwYmVkMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBzKN5hKAi1rvbdhwRvGx1EqGhawrWatfKMrbwd
fE+jkMJOi1D+bkioIx0Km9neCOJsAFQwk0/dJdkJg/4SduAbSrs5/E4x9ZLGzIXe
Qc0IDZw2Gz3/KmPCzzm4ZJ704sL124OhZCHBn4cNneLFX8kWFfEB3WOD5zW+RLBX
R1EdJBcxDHdJK3KB8SCK1YwkgOX96HLl0W2oSxwhrJJwQSVO3vWrr09ru4d0/dqS
hLeruplGD1NqBpwTCE9mG0ECMZ5sh3hbpCbbFQo80M9qSw1hGGKMObQIkyXxHsnh
Sa41nAQcKuJWRlywVW2VV+QUc+gopV9uS6MTNcNgY6bF/BCm
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:35:12 2025 by rpki-client