Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
File: 68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa (raw, json)
Hash identifier: jBhzHZ5/o8aNOHI51ufUpMrjln85e5mKRpc4HoMcf7I=
Subject key identifier: 95:B6:AC:44:17:C2:75:F9:D2:D7:76:BE:2A:D4:92:E3:87:9A:45:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79EBB09D4324C44DEBC2EB09D896469E554F1AEC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
Signing time: Mon 16 Jun 2025 20:00:21 +0000
ROA not before: Mon 16 Jun 2025 20:00:21 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:eb:b0:9d:43:24:c4:4d:eb:c2:eb:09:d8:96:46:9e:55:4f:1a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:21 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b68d9ee2209f64e6d30d749e9a9f9cb5f4e33f6e600d5a87393f0c14bbaa90e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0b:6e:9f:37:d1:f1:83:ed:05:37:44:48:f4:
f4:6d:cb:eb:19:52:76:c8:27:39:f8:ad:51:d8:05:
0c:b2:55:2f:5e:fb:97:29:ed:75:69:dd:e7:af:83:
c8:58:09:58:8c:9c:a7:d2:5e:31:ac:54:0e:74:8f:
10:17:fd:78:9b:3a:93:5c:2b:d4:f6:be:52:d8:28:
61:d8:31:23:17:75:f2:e1:57:9d:38:97:31:f5:63:
3e:01:df:10:19:36:42:96:9a:c5:74:e3:50:09:5b:
8b:11:c6:c4:40:e8:fa:f4:37:9e:5c:b5:e5:3a:01:
f9:a5:2d:4f:03:e3:6d:e3:88:73:12:8d:63:64:58:
56:3c:d0:b9:1e:9a:2b:bd:66:e5:3c:10:bf:e0:8a:
08:67:de:04:44:6c:ed:7d:69:d1:ac:73:6e:94:31:
a1:62:fe:fe:31:83:88:52:c0:cb:e1:f5:85:cd:48:
fd:1b:fd:94:02:54:1f:3a:36:9a:dc:2e:2a:fc:90:
69:9b:d9:3d:82:9f:9b:f3:d0:64:b8:e5:96:95:35:
2a:40:7b:bc:6a:93:aa:ea:80:0f:f6:fe:82:59:ec:
79:e1:87:3e:b5:6d:cb:47:40:fc:65:4b:dc:36:4d:
6a:18:1e:83:3e:2d:f6:24:cd:34:fc:81:79:93:58:
00:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B6:AC:44:17:C2:75:F9:D2:D7:76:BE:2A:D4:92:E3:87:9A:45:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:7a:8f:27:f4:ec:45:97:25:f3:ef:0b:98:70:1b:a0:0f:97:
cf:df:85:4b:74:b4:cc:e3:cb:d5:cc:48:e9:2c:3d:47:9b:f6:
68:50:3d:59:8a:23:4b:a7:34:a6:0c:2f:42:49:a4:72:ba:e2:
1c:a3:c4:f7:13:aa:3c:f6:40:d7:dd:83:7a:d7:6f:16:f8:31:
fa:65:20:61:24:53:33:17:23:6f:3f:02:7a:fc:40:98:2a:e9:
ac:02:db:32:e6:92:cf:54:6b:87:89:8b:fc:a4:1f:b9:12:56:
ca:b0:81:a6:f9:66:1f:e8:7f:e3:a6:31:f2:69:80:7a:0a:58:
d3:1f:1c:d1:ab:2d:3d:0c:2c:87:72:4d:b1:51:78:f1:1d:d7:
b4:5e:fd:7f:94:e8:41:52:89:c7:ef:cf:22:45:17:61:70:d5:
04:43:f4:e2:8c:f5:7c:43:d1:e4:ed:0e:26:52:6a:97:bb:cd:
70:d3:64:a5:83:a5:72:92:e9:34:ee:7e:1c:b4:e8:f6:65:97:
a4:a9:69:01:e8:22:0a:82:90:67:13:1f:90:06:45:23:e8:a8:
ab:85:59:65:dd:91:a1:86:cf:fd:da:c3:87:47:fd:d8:ce:4d:
a5:b6:59:13:39:b2:52:42:3b:b7:6e:74:15:5d:79:2b:25:ca:
6e:87:ef:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeeuwnUMkxE3rwusJ2JZGnlVPGuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMjFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2OGQ5ZWUyMjA5ZjY0ZTZkMzBkNzQ5ZTlhOWY5Y2I1ZjRlMzNmNmU2MDBk
NWE4NzM5M2YwYzE0YmJhYTkwZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgLbp830fGD7QU3REj09G3L6xlSdsgnOfitUdgFDLJVL177lyntdWnd56+D
yFgJWIycp9JeMaxUDnSPEBf9eJs6k1wr1Pa+UtgoYdgxIxd18uFXnTiXMfVjPgHf
EBk2QpaaxXTjUAlbixHGxEDo+vQ3nly15ToB+aUtTwPjbeOIcxKNY2RYVjzQuR6a
K71m5TwQv+CKCGfeBERs7X1p0axzbpQxoWL+/jGDiFLAy+H1hc1I/Rv9lAJUHzo2
mtwuKvyQaZvZPYKfm/PQZLjllpU1KkB7vGqTquqAD/b+glnseeGHPrVty0dA/GVL
3DZNahgegz4t9iTNNPyBeZNYAHcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVtqxE
F8J1+dLXdr4q1JLjh5pFXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhiNmZkM2UtZTA2Yy00NDU2LWJkODgtNmU4ZDljZTkyYjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLA
MA0GCSqGSIb3DQEBCwUAA4IBAQDBeo8n9OxFlyXz7wuYcBugD5fP34VLdLTM48vV
zEjpLD1Hm/ZoUD1ZiiNLpzSmDC9CSaRyuuIco8T3E6o89kDX3YN6128W+DH6ZSBh
JFMzFyNvPwJ6/ECYKumsAtsy5pLPVGuHiYv8pB+5ElbKsIGm+WYf6H/jpjHyaYB6
CljTHxzRqy09DCyHck2xUXjxHde0Xv1/lOhBUonH788iRRdhcNUEQ/TijPV8Q9Hk
7Q4mUmqXu81w02Slg6Vykuk07n4ctOj2ZZekqWkB6CIKgpBnEx+QBkUj6KirhVll
3ZGhhs/92sOHR/3Yzk2ltlkTObJSQju3bnQVXXkrJcpuh+8i
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:50 2025 by rpki-client