Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
File: 3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa (raw, json)
Hash identifier: rtRhgO3EvNHSUJ2T1QAPbM3j8GbdI2PGd3JEC1bcWhQ=
Subject key identifier: BC:A5:C7:37:EA:35:84:7E:A7:D0:EB:09:A5:20:E5:96:8C:31:A1:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08B764D6EFCF6FB6B7FDC7EA5CD45EEDFDC6199A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
Signing time: Mon 16 Jun 2025 21:01:19 +0000
ROA not before: Mon 16 Jun 2025 21:01:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:b7:64:d6:ef:cf:6f:b6:b7:fd:c7:ea:5c:d4:5e:ed:fd:c6:19:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:01:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f368769948219d8a6d20bf080b4ba88b5add8820b2948b1f9925fdb24f79a8bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bf:b4:5e:7a:7c:4c:d1:ac:a1:7c:da:e9:ac:
6d:30:16:f8:fa:b5:a6:e9:51:90:bc:47:79:06:03:
36:40:d0:52:ca:bd:9f:98:36:11:60:57:ae:bd:04:
8e:1d:b0:5c:80:d7:23:c8:20:c9:6c:a4:34:0b:26:
7d:d9:2e:23:ab:54:03:36:75:6e:b8:55:a1:57:cd:
bb:fc:9f:87:79:df:db:92:7f:ea:14:be:f3:79:d6:
fb:1e:cb:63:a4:d1:6f:ef:0a:40:d5:1a:06:6f:ed:
bf:8e:bb:ab:12:9f:07:90:d7:99:40:8c:98:73:62:
b5:4e:eb:5a:80:15:33:a1:51:f8:fa:f7:dd:1c:64:
14:67:27:be:5b:d8:0b:fa:47:35:db:da:52:e7:77:
7e:56:f9:8e:dd:77:ea:c8:48:9b:4f:4c:7f:65:40:
0f:51:ea:df:6b:14:51:07:ab:22:2f:7a:07:34:90:
91:a8:84:15:5d:96:ba:c9:7e:22:a1:c7:0f:fd:24:
85:0f:a9:15:08:aa:74:93:70:17:85:2a:ad:6e:d6:
52:d7:fd:06:24:7a:8c:bb:80:4b:f7:fe:e3:84:98:
2f:73:de:74:63:14:c0:34:b2:ea:28:a7:6c:f8:90:
e6:51:e1:79:69:74:5a:01:11:29:2b:d3:77:7e:f0:
83:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A5:C7:37:EA:35:84:7E:A7:D0:EB:09:A5:20:E5:96:8C:31:A1:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ca8b07f-9b0c-4146-bf64-26b25078ba32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1080::/46
Signature Algorithm: sha256WithRSAEncryption
21:96:b5:42:91:46:73:25:c4:3b:2d:a3:58:9a:90:e6:c2:ad:
d9:06:17:52:e9:1e:0b:51:2a:64:92:4c:6c:79:6c:ce:21:3d:
1c:5b:f8:8e:e6:71:8c:b5:90:9b:c2:33:ca:72:28:59:82:3c:
e1:c0:78:b5:66:01:a6:92:9b:fb:da:b2:ce:1b:30:12:f9:e0:
64:37:88:a3:22:27:30:39:52:24:57:53:8c:9b:34:80:e6:f7:
b8:49:d5:70:1f:ff:11:00:84:f7:88:c4:f4:6f:5e:21:1b:f2:
cb:46:26:96:61:ec:e6:7c:19:61:5c:80:e8:cb:c7:0f:ab:1b:
cf:17:60:3b:d3:a3:34:bf:d8:a3:b1:b6:7d:1c:56:5b:75:f9:
cc:bc:42:fb:bb:1d:98:fc:1a:6c:6f:6a:e8:bf:13:fc:66:60:
4f:6e:41:17:77:29:74:be:fc:5a:9e:0f:e2:a7:b0:67:9c:de:
95:fb:0c:96:a6:2b:ff:10:f0:1e:86:5d:a0:e2:77:fb:2e:e1:
9e:cf:64:9d:66:c3:ec:1a:8a:93:47:2b:eb:a8:56:e0:bf:da:
e5:1b:02:a7:a6:ff:91:31:fe:b8:4d:26:bc:f4:40:33:8a:07:
5f:72:40:b8:de:6b:69:fd:81:33:aa:4d:81:45:8e:b2:12:e4:
09:8b:f0:0c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCLdk1u/Pb7a3/cfqXNRe7f3GGZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAxMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNjg3Njk5NDgyMTlkOGE2ZDIwYmYwODBiNGJhODhiNWFkZDg4MjBiMjk0
OGIxZjk5MjVmZGIyNGY3OWE4YmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALu/tF56fEzRrKF82umsbTAW+Pq1pulRkLxHeQYDNkDQUsq9n5g2EWBXrr0E
jh2wXIDXI8ggyWykNAsmfdkuI6tUAzZ1brhVoVfNu/yfh3nf25J/6hS+83nW+x7L
Y6TRb+8KQNUaBm/tv467qxKfB5DXmUCMmHNitU7rWoAVM6FR+Pr33RxkFGcnvlvY
C/pHNdvaUud3flb5jt136shIm09Mf2VAD1Hq32sUUQerIi96BzSQkaiEFV2Wusl+
IqHHD/0khQ+pFQiqdJNwF4UqrW7WUtf9BiR6jLuAS/f+44SYL3PedGMUwDSy6iin
bPiQ5lHheWl0WgERKSvTd37wgyMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS8pcc3
6jWEfqfQ6wmlIOWWjDGhGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NhOGIwN2YtOWIwYy00MTQ2LWJmNjQtMjZiMjUwNzhiYTMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAIZa1QpFGcyXEOy2jWJqQ5sKt2QYXUukeC1Eq
ZJJMbHlsziE9HFv4juZxjLWQm8IzynIoWYI84cB4tWYBppKb+9qyzhswEvngZDeI
oyInMDlSJFdTjJs0gOb3uEnVcB//EQCE94jE9G9eIRvyy0YmlmHs5nwZYVyA6MvH
D6sbzxdgO9OjNL/Yo7G2fRxWW3X5zLxC+7sdmPwabG9q6L8T/GZgT25BF3cpdL78
Wp4P4qewZ5zelfsMlqYr/xDwHoZdoOJ3+y7hns9knWbD7BqKk0cr66hW4L/a5RsC
p6b/kTH+uE0mvPRAM4oHX3JAuN5raf2BM6pNgUWOshLkCYvwDA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:13 2025 by rpki-client