Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json)
Hash identifier: JPJ46YtP6WVAtu9wylV+SFAI94A80dsiirxMNGyeuaQ=
Subject key identifier: 0A:FA:59:B6:B4:80:A1:2F:8B:B7:2B:17:21:2D:1F:A2:BD:99:09:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73FC0899D42B67EF15104653AC47E44DEA41713D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
Signing time: Mon 16 Jun 2025 20:00:19 +0000
ROA not before: Mon 16 Jun 2025 20:00:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:fc:08:99:d4:2b:67:ef:15:10:46:53:ac:47:e4:4d:ea:41:71:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e88ffcaadd119874f5f664bccb307e689662cd6be78f52c4deeb69735d2c8868, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:65:b6:8e:72:b9:d7:fa:f5:1f:29:e7:34:7d:
06:ca:a8:b3:40:8d:ca:d5:3d:41:fe:06:3d:b5:77:
ef:e4:7c:d9:51:55:43:60:a0:55:ac:9c:c0:b3:a7:
f4:c7:bb:72:6e:cf:8a:e0:62:09:a0:69:cc:9c:0c:
aa:c2:48:78:7f:df:d8:ef:75:42:94:21:12:b6:d5:
ef:7a:b7:c7:e8:88:5e:9d:a8:c8:03:4f:e3:72:e8:
52:ea:e2:3a:34:a0:13:8f:95:05:0b:84:55:32:43:
3c:d9:3e:53:21:ef:3c:a4:d3:90:a0:4a:91:b7:c7:
d8:71:16:85:1b:ef:6d:1f:54:4e:c9:17:90:af:22:
5e:db:b8:44:75:e9:9d:2c:f4:a0:5d:d1:3d:2a:a6:
bd:74:65:f9:a7:62:17:38:03:90:d4:a8:05:a6:36:
5b:34:44:78:ab:7b:d8:c1:1c:8d:75:90:e1:74:1d:
52:bd:69:0a:a9:bb:ff:48:3f:c3:bc:27:41:03:a2:
af:09:9e:3a:7a:79:a6:52:65:84:bb:25:bd:9f:39:
63:ec:dd:6f:cb:c7:6d:2f:0c:82:06:60:d5:c9:0e:
e9:42:e5:88:11:36:16:84:74:d6:77:20:c5:9b:cc:
d7:82:22:45:3b:5c:7d:28:11:60:5d:fc:af:13:8d:
da:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FA:59:B6:B4:80:A1:2F:8B:B7:2B:17:21:2D:1F:A2:BD:99:09:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
8c:f8:35:ca:19:40:31:8b:fb:75:d8:47:6d:61:e4:07:19:17:
57:49:27:d8:19:48:d3:b7:8b:a0:4d:49:ad:15:e9:c6:56:8a:
3e:da:f8:b1:04:de:60:a0:46:12:bf:e2:b8:71:5f:e5:d1:fd:
57:ce:46:b3:6a:22:e4:ce:f5:35:fd:e6:25:4a:f1:fd:59:eb:
e5:ee:79:fa:02:45:62:be:34:b6:60:c8:de:c6:9c:20:31:68:
5e:cf:10:60:71:68:2a:65:dd:0b:6b:ba:b6:f4:28:14:e1:3f:
b1:0c:a9:56:e8:2a:fa:81:6f:d6:ef:12:e3:6b:90:1b:19:59:
3e:89:2e:86:91:e0:48:42:b7:4c:a5:30:6c:80:48:36:2b:a8:
26:07:21:13:e5:81:31:ee:01:82:ed:7d:15:97:53:ea:a8:5c:
77:aa:03:83:bd:83:1d:c2:63:2f:e1:07:83:8a:27:0f:e9:00:
23:a1:63:9c:09:79:ea:c3:e0:94:c9:1f:c9:09:6d:73:85:8a:
c1:dc:ef:e7:a2:0f:e4:f2:05:68:18:8f:87:78:f7:6d:c7:3c:
a6:86:4c:ac:0b:27:e5:35:6a:0d:7c:36:f2:f9:3d:44:30:20:
6e:0e:47:25:da:61:6f:74:9d:cb:29:b0:d3:a2:ac:1d:58:54:
9c:41:8d:a7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUc/wImdQrZ+8VEEZTrEfkTepBcT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4OGZmY2FhZGQxMTk4NzRmNWY2NjRiY2NiMzA3ZTY4OTY2MmNkNmJlNzhm
NTJjNGRlZWI2OTczNWQyYzg4NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJlto5yudf69R8p5zR9Bsqos0CNytU9Qf4GPbV37+R82VFVQ2CgVaycwLOn
9Me7cm7PiuBiCaBpzJwMqsJIeH/f2O91QpQhErbV73q3x+iIXp2oyANP43LoUuri
OjSgE4+VBQuEVTJDPNk+UyHvPKTTkKBKkbfH2HEWhRvvbR9UTskXkK8iXtu4RHXp
nSz0oF3RPSqmvXRl+adiFzgDkNSoBaY2WzREeKt72MEcjXWQ4XQdUr1pCqm7/0g/
w7wnQQOirwmeOnp5plJlhLslvZ85Y+zdb8vHbS8MggZg1ckO6ULliBE2FoR01ncg
xZvM14IiRTtcfSgRYF38rxON2kcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQK+lm2
tIChL4u3KxchLR+ivZkJVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
wDANBgkqhkiG9w0BAQsFAAOCAQEAjPg1yhlAMYv7ddhHbWHkBxkXV0kn2BlI07eL
oE1JrRXpxlaKPtr4sQTeYKBGEr/iuHFf5dH9V85Gs2oi5M71Nf3mJUrx/Vnr5e55
+gJFYr40tmDI3sacIDFoXs8QYHFoKmXdC2u6tvQoFOE/sQypVugq+oFv1u8S42uQ
GxlZPokuhpHgSEK3TKUwbIBINiuoJgchE+WBMe4Bgu19FZdT6qhcd6oDg72DHcJj
L+EHg4onD+kAI6FjnAl56sPglMkfyQltc4WKwdzv56IP5PIFaBiPh3j3bcc8poZM
rAsn5TVqDXw28vk9RDAgbg5HJdphb3Sdyymw06KsHVhUnEGNpw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:10:23 2025 by rpki-client