Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
File: 575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa (raw, json)
Hash identifier: nbEJA2u4J/SO9UKaQexqR3crlS1Qah/aEgX/FshEab0=
Subject key identifier: 8B:A5:D6:F0:66:CC:A2:19:AA:F1:D5:CD:6B:8A:EE:4F:64:DB:33:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EB160583574CFBAC63F976BDB0082AEC7FD093E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
Signing time: Mon 16 Jun 2025 21:10:14 +0000
ROA not before: Mon 16 Jun 2025 21:10:14 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:b1:60:58:35:74:cf:ba:c6:3f:97:6b:db:00:82:ae:c7:fd:09:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:14 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a63525b4e5a84ffebde08f7fe74057b539393764a0a1647fc25136b71134b778, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:44:32:8c:d3:66:9d:d1:49:29:c0:e6:b4:8c:
a8:13:d6:25:0b:b1:b3:fd:fb:09:d5:31:e8:a6:4a:
8e:3a:f3:37:4e:ba:aa:9d:36:a5:b1:3b:fb:5c:eb:
c7:65:18:10:0b:3c:98:89:0f:ee:43:87:25:97:48:
d4:16:81:b6:ca:13:41:7c:1a:c6:9e:fe:7f:80:98:
b8:22:35:9e:a7:1b:5b:a1:7b:d7:a5:af:14:38:f8:
ff:fa:dc:ee:55:4f:77:bb:b7:f8:59:ca:df:ef:1b:
d7:d3:1f:26:ce:7c:3a:e3:d0:f8:7d:20:44:f1:cf:
a8:b9:d8:9a:4b:92:cb:eb:43:2b:73:b9:5e:62:08:
75:f6:28:53:a9:0d:da:64:d6:f5:c8:50:44:b6:de:
d1:ba:8a:ae:c0:3f:2e:3e:6e:d2:d8:19:53:c7:d4:
83:62:1b:44:fd:f2:d0:7e:fc:fc:aa:61:e6:a7:56:
c2:33:c1:92:df:e9:bb:24:15:0b:26:a5:f0:0a:b8:
43:fd:b3:34:62:3c:34:90:f0:29:48:ce:ce:a0:af:
bd:8c:3e:01:5f:97:8e:2d:a1:2b:24:28:76:23:df:
31:9f:16:85:b6:77:02:d6:91:4f:70:6d:f4:67:cc:
22:70:8a:c3:b9:7e:c5:ab:cf:4f:0d:ce:61:15:6a:
67:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A5:D6:F0:66:CC:A2:19:AA:F1:D5:CD:6B:8A:EE:4F:64:DB:33:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:2d:2b:3a:1e:12:a0:aa:dc:33:26:6d:9e:24:96:4e:01:83:
0a:3d:0e:dd:1e:17:8c:97:99:ca:34:b3:9b:e8:35:4b:71:fe:
4e:79:21:93:ea:ed:5c:ea:89:7a:7a:9a:5f:31:fe:2e:cf:be:
8e:03:6b:c6:51:b0:7c:0d:ac:36:06:1c:f6:62:26:80:53:73:
d2:9a:5e:57:30:05:2b:f4:4d:66:cd:35:89:48:bb:d3:d3:27:
13:bf:51:26:77:64:d1:0d:65:45:57:bc:41:df:14:e4:78:77:
b8:7d:90:88:71:b9:65:b4:be:7a:cb:f7:0b:54:ca:6c:d4:97:
15:6e:c4:f7:1c:f1:66:30:0a:f8:d3:19:f0:80:46:6b:b3:d7:
69:66:73:81:33:a7:2b:11:60:31:ad:75:b4:c2:4d:00:0c:97:
67:91:e9:c9:35:09:88:7b:01:d0:d4:10:91:fc:aa:3b:be:5e:
52:7c:69:3e:9a:ac:35:1d:a8:c8:ec:e9:51:01:e8:c5:f0:aa:
72:e1:8e:dc:6a:93:88:ef:78:0a:dd:79:ef:75:4b:ad:0f:6e:
76:57:4d:84:bc:cf:f9:62:b1:4e:3c:e9:5f:4b:f6:c4:4c:72:
c3:81:67:7f:7f:cb:b5:36:e0:a3:43:cd:2a:2e:76:d6:f8:a9:
4d:b8:72:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfrFgWDV0z7rGP5dr2wCCrsf9CT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwMTRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2MzUyNWI0ZTVhODRmZmViZGUwOGY3ZmU3NDA1N2I1MzkzOTM3NjRhMGEx
NjQ3ZmMyNTEzNmI3MTEzNGI3NzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBEMozTZp3RSSnA5rSMqBPWJQuxs/37CdUx6KZKjjrzN066qp02pbE7+1zr
x2UYEAs8mIkP7kOHJZdI1BaBtsoTQXwaxp7+f4CYuCI1nqcbW6F716WvFDj4//rc
7lVPd7u3+FnK3+8b19MfJs58OuPQ+H0gRPHPqLnYmkuSy+tDK3O5XmIIdfYoU6kN
2mTW9chQRLbe0bqKrsA/Lj5u0tgZU8fUg2IbRP3y0H78/Kph5qdWwjPBkt/puyQV
Cyal8Aq4Q/2zNGI8NJDwKUjOzqCvvYw+AV+Xji2hKyQodiPfMZ8WhbZ3AtaRT3Bt
9GfMInCKw7l+xavPTw3OYRVqZ6ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLpdbw
ZsyiGarx1c1riu5PZNszyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc1ZTMwYzgtMmVhNS00ZTk3LTg3MmItNmFmMGIzZTgzMThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZA
MA0GCSqGSIb3DQEBCwUAA4IBAQCnLSs6HhKgqtwzJm2eJJZOAYMKPQ7dHheMl5nK
NLOb6DVLcf5OeSGT6u1c6ol6eppfMf4uz76OA2vGUbB8Daw2Bhz2YiaAU3PSml5X
MAUr9E1mzTWJSLvT0ycTv1Emd2TRDWVFV7xB3xTkeHe4fZCIcblltL56y/cLVMps
1JcVbsT3HPFmMAr40xnwgEZrs9dpZnOBM6crEWAxrXW0wk0ADJdnkenJNQmIewHQ
1BCR/Ko7vl5SfGk+mqw1HajI7OlRAejF8Kpy4Y7capOI73gK3XnvdUutD252V02E
vM/5YrFOPOlfS/bETHLDgWd/f8u1NuCjQ80qLnbW+KlNuHIU
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:32:12 2025 by rpki-client