Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
File: 74c7eb62-ad02-4aa2-9be5-024692c6239f.roa (raw, json)
Hash identifier: yWUgwVoS8IaVAaq3xotA9gni+GywzrVanb7mno519C8=
Subject key identifier: A7:C4:68:8B:65:8C:E2:08:09:8C:0D:91:25:63:3A:4F:AB:F6:7F:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D9EECA6B698ABCCCC859C5BC5D78FA1BFB71961
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
Signing time: Mon 16 Jun 2025 20:00:45 +0000
ROA not before: Mon 16 Jun 2025 20:00:45 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:9e:ec:a6:b6:98:ab:cc:cc:85:9c:5b:c5:d7:8f:a1:bf:b7:19:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:45 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2acd37d4641d8523a0a97b1f9d49361d87d77f0ef678149a143571c95d2c16b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:47:57:cb:b7:a3:2b:56:96:b6:a5:1c:38:3d:
55:1a:62:74:c0:97:d4:7c:89:a1:ec:a8:8c:09:1c:
09:9d:99:86:74:a1:a6:6d:cd:de:cc:53:ce:c0:38:
be:7f:0e:bd:41:e6:f8:e4:cb:a0:8d:86:e0:ed:cd:
74:4f:7d:40:65:3d:89:e0:0d:88:2b:ce:6a:62:00:
9b:3c:8f:d6:43:00:43:c7:22:2c:2c:f2:d8:1a:93:
e5:2f:42:b3:18:49:b2:ce:9f:82:46:ff:08:d3:5c:
b4:e1:0b:b9:d2:05:dc:15:d9:a7:ef:56:eb:30:93:
ff:18:d4:cd:ab:3b:e7:06:b3:bd:0c:14:6a:f3:07:
bf:fb:cc:6e:b7:5c:81:fb:eb:f4:65:f0:36:60:f3:
a8:09:3a:74:08:a4:a2:ce:95:ef:a9:4c:c0:58:47:
85:7e:64:b8:53:3f:b2:58:fa:a8:a3:95:24:96:78:
03:ae:a2:66:b5:1d:4f:de:5a:1f:46:3b:27:42:b7:
c5:d2:75:b0:29:82:0d:af:f3:6f:9e:f5:61:ce:2d:
76:d7:e0:a2:61:65:78:46:89:77:0d:11:bb:42:ec:
98:d6:93:89:f2:fd:9d:32:7a:a3:af:19:1a:59:f9:
1b:62:20:b4:30:93:4e:73:68:94:eb:65:63:59:cf:
20:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C4:68:8B:65:8C:E2:08:09:8C:0D:91:25:63:3A:4F:AB:F6:7F:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
84:d1:5b:50:96:53:4c:ec:c7:79:e3:4d:f0:a1:35:52:a1:02:
33:1b:9f:de:2e:9e:7a:4d:18:1f:0d:27:db:cb:8b:bf:9b:0f:
3b:01:61:b8:7c:57:a0:4f:4a:83:f3:26:60:34:5a:09:c6:60:
6b:48:53:56:6b:93:0a:e2:84:ef:6f:92:d6:4b:7e:fa:d9:70:
9e:04:7c:85:9a:50:86:b0:93:31:3b:7c:31:77:ab:67:6b:45:
6c:17:7e:2d:8e:c1:a8:84:67:37:17:bd:e6:16:55:2c:ac:1f:
9c:e0:3e:20:4a:f0:db:bb:19:15:42:0e:e8:7a:3c:8a:df:74:
bd:34:aa:da:32:02:17:70:c4:ee:1b:76:d3:13:bb:c9:fa:41:
8b:29:5b:9c:68:98:f8:53:d1:b9:11:3c:e3:81:73:03:94:bf:
3e:ac:17:4a:b3:9c:fe:3b:42:32:69:4b:aa:76:b4:cb:49:0c:
17:dc:01:e9:27:00:71:1a:1a:bd:f5:13:1d:38:7f:34:74:d0:
47:cb:ba:47:4a:a2:5d:40:6e:d3:54:84:87:d2:84:b8:28:0d:
4e:cd:41:c2:46:c3:d9:46:00:65:2f:50:f6:2e:06:0f:c4:78:
a2:e5:7c:16:7a:1e:23:4e:43:55:c6:8b:7e:0c:f3:c5:1d:35:
00:5c:f4:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPZ7spraYq8zMhZxbxdePob+3GWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhY2QzN2Q0NjQxZDg1MjNhMGE5N2IxZjlkNDkzNjFkODdkNzdmMGVmNjc4
MTQ5YTE0MzU3MWM5NWQyYzE2YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdHV8u3oytWlralHDg9VRpidMCX1HyJoeyojAkcCZ2ZhnShpm3N3sxTzsA4
vn8OvUHm+OTLoI2G4O3NdE99QGU9ieANiCvOamIAmzyP1kMAQ8ciLCzy2BqT5S9C
sxhJss6fgkb/CNNctOELudIF3BXZp+9W6zCT/xjUzas75wazvQwUavMHv/vMbrdc
gfvr9GXwNmDzqAk6dAikos6V76lMwFhHhX5kuFM/slj6qKOVJJZ4A66iZrUdT95a
H0Y7J0K3xdJ1sCmCDa/zb571Yc4tdtfgomFleEaJdw0Ru0LsmNaTifL9nTJ6o68Z
Gln5G2IgtDCTTnNolOtlY1nPIN0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnxGiL
ZYziCAmMDZElYzpPq/Z/kzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRjN2ViNjItYWQwMi00YWEyLTliZTUtMDI0NjkyYzYyMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQCE0VtQllNM7Md5403woTVSoQIzG5/eLp56TRgf
DSfby4u/mw87AWG4fFegT0qD8yZgNFoJxmBrSFNWa5MK4oTvb5LWS3762XCeBHyF
mlCGsJMxO3wxd6tna0VsF34tjsGohGc3F73mFlUsrB+c4D4gSvDbuxkVQg7oejyK
33S9NKraMgIXcMTuG3bTE7vJ+kGLKVucaJj4U9G5ETzjgXMDlL8+rBdKs5z+O0Iy
aUuqdrTLSQwX3AHpJwBxGhq99RMdOH80dNBHy7pHSqJdQG7TVISH0oS4KA1OzUHC
RsPZRgBlL1D2LgYPxHii5XwWeh4jTkNVxot+DPPFHTUAXPQ6
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:24:44 2025 by rpki-client