Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
File: 3ef5e7b8-24ad-41af-8334-2eff292a769d.roa (raw, json)
Hash identifier: fe2fozBlOH2vF1h/6qpKDT+U+YuG6vqE8UZRRRPdPpE=
Subject key identifier: 73:FE:BD:15:76:B8:CE:F2:FB:6E:3B:5A:31:DD:34:BF:44:48:4F:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07821E7FD7209ECEAF61A361DCBCA693CB838E03
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
Signing time: Mon 16 Jun 2025 20:10:17 +0000
ROA not before: Mon 16 Jun 2025 20:10:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:82:1e:7f:d7:20:9e:ce:af:61:a3:61:dc:bc:a6:93:cb:83:8e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:10:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8404576d4fa63ac073823fd3967f80d8506a9b7aad364e22edac46ec54b1e5c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d6:ae:b9:99:ff:07:1e:2c:6b:d4:1c:3f:98:
67:c4:46:30:ce:5c:08:49:25:48:82:90:f0:81:bf:
81:0e:fa:a0:a6:e1:23:26:df:ae:17:9a:27:07:6a:
7d:af:48:fd:ee:6d:a1:28:9a:b0:87:8c:3f:f9:c7:
cd:5f:d3:78:d0:de:9f:2a:22:dc:18:11:ac:df:e2:
fb:99:09:4b:0f:21:eb:fc:71:78:15:95:57:62:f3:
8a:3a:79:20:89:39:08:34:bd:16:23:2d:40:36:ea:
9f:87:c5:0d:0b:bc:a7:0f:e9:9c:55:5b:b2:2b:5a:
dd:d1:ec:07:c4:99:c0:ad:2e:53:c4:cd:31:56:51:
28:ac:27:d6:5f:7b:19:b8:5b:57:6d:6b:60:76:60:
6a:52:75:5c:4c:b5:47:21:14:c3:23:d8:95:d0:d1:
d8:26:3f:33:d7:2e:ae:f9:c3:71:a5:a8:d1:52:ca:
4d:e9:f3:31:1c:c5:37:0c:76:c2:28:db:d1:06:67:
24:77:63:5f:d1:a3:08:83:0f:14:16:37:e7:57:f4:
f8:e9:b3:65:a8:f8:fb:ce:df:b2:f4:76:31:1d:43:
32:4d:b4:3e:db:48:61:8c:21:93:82:65:64:63:3b:
bb:20:3b:e0:33:ac:c7:0e:d1:4b:78:c1:6b:ae:02:
a2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FE:BD:15:76:B8:CE:F2:FB:6E:3B:5A:31:DD:34:BF:44:48:4F:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
0b:cd:2c:86:99:1a:5b:3c:d6:6d:e2:53:f5:2c:51:75:6c:80:
74:ee:4f:4a:83:23:d0:bc:8b:bb:73:c0:c0:31:c8:24:4c:45:
2f:c7:76:1e:e8:36:49:35:5b:c4:03:b5:c5:2b:bc:26:be:f5:
60:55:b1:26:fa:f2:fd:bd:67:a9:83:35:b9:92:8e:1b:7a:22:
8b:f1:0d:ac:cf:a6:30:e9:0c:3d:72:2e:e2:3e:93:89:e3:c6:
dd:fc:d7:12:71:59:da:75:5f:44:8c:9a:99:4d:35:ee:a4:9c:
34:cf:2c:d7:31:98:c9:f1:e6:1a:87:3d:da:33:0b:b9:42:ee:
b6:e4:e4:95:82:1b:62:3b:6f:ea:b8:e7:59:94:f0:ac:fd:41:
73:59:a5:47:24:5c:8e:85:35:46:c4:8d:2d:7d:85:26:d3:98:
08:c9:59:84:ea:aa:8c:b2:eb:fe:99:fd:b9:6f:b0:a4:54:a6:
dc:d1:59:b3:e1:8d:11:6e:e4:3b:0d:60:c7:ce:f8:d2:27:11:
5e:1f:98:f4:16:73:00:71:dd:5a:ea:48:6f:42:fc:d7:d9:83:
91:ca:97:39:93:dd:59:0c:a9:09:42:69:02:16:71:91:ce:93:
06:b1:ef:d2:c1:33:02:b9:b7:7b:f9:40:a4:14:ed:2e:27:03:
88:45:bf:3f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB4Ief9cgns6vYaNh3Lymk8uDjgMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDEwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0MDQ1NzZkNGZhNjNhYzA3MzgyM2ZkMzk2N2Y4MGQ4NTA2YTliN2FhZDM2
NGUyMmVkYWM0NmVjNTRiMWU1YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3WrrmZ/wceLGvUHD+YZ8RGMM5cCEklSIKQ8IG/gQ76oKbhIybfrheaJwdq
fa9I/e5toSiasIeMP/nHzV/TeNDenyoi3BgRrN/i+5kJSw8h6/xxeBWVV2Lzijp5
IIk5CDS9FiMtQDbqn4fFDQu8pw/pnFVbsita3dHsB8SZwK0uU8TNMVZRKKwn1l97
GbhbV21rYHZgalJ1XEy1RyEUwyPYldDR2CY/M9curvnDcaWo0VLKTenzMRzFNwx2
wijb0QZnJHdjX9GjCIMPFBY351f0+OmzZaj4+87fsvR2MR1DMk20PttIYYwhk4Jl
ZGM7uyA74DOsxw7RS3jBa64ConcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRz/r0V
drjO8vtuO1ox3TS/REhP1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2VmNWU3YjgtMjRhZC00MWFmLTgzMzQtMmVmZjI5MmE3NjlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
wDANBgkqhkiG9w0BAQsFAAOCAQEAC80shpkaWzzWbeJT9SxRdWyAdO5PSoMj0LyL
u3PAwDHIJExFL8d2Hug2STVbxAO1xSu8Jr71YFWxJvry/b1nqYM1uZKOG3oii/EN
rM+mMOkMPXIu4j6TiePG3fzXEnFZ2nVfRIyamU017qScNM8s1zGYyfHmGoc92jML
uULutuTklYIbYjtv6rjnWZTwrP1Bc1mlRyRcjoU1RsSNLX2FJtOYCMlZhOqqjLLr
/pn9uW+wpFSm3NFZs+GNEW7kOw1gx8740icRXh+Y9BZzAHHdWupIb0L819mDkcqX
OZPdWQypCUJpAhZxkc6TBrHv0sEzArm3e/lApBTtLicDiEW/Pw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:10:53 2025 by rpki-client