Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
File: 757087af-5baf-4a2f-a9ec-dbadb47313e2.roa (raw, json)
Hash identifier: 9LSdy6sgQE/uYBwzgwhsYhrNGX8CAKuQExr4tqn0v5I=
Subject key identifier: 67:7F:3F:9E:36:96:78:62:8C:9C:98:D4:9D:3D:7E:D3:95:5E:B9:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02A62F9A3D99C4203695728EA7DB0BDE5EAFA401
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
Signing time: Mon 16 Jun 2025 19:41:01 +0000
ROA not before: Mon 16 Jun 2025 19:41:01 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:a6:2f:9a:3d:99:c4:20:36:95:72:8e:a7:db:0b:de:5e:af:a4:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:41:01 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=777ab3014bd2db4ffc6f4b33283e918b0d8199c38d8605b05db0a01c63471663, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0f:ef:2f:bc:c1:1e:22:4e:e8:4a:0d:e9:96:
96:43:3d:8a:0c:98:d4:0f:4e:fe:b5:74:c4:81:39:
d1:dc:82:53:fe:0c:1a:e5:0f:53:32:a4:f6:df:49:
53:cb:b1:19:c3:fb:00:de:93:48:6a:2a:81:f9:5b:
f8:27:82:9a:d5:63:45:91:87:9e:2d:ab:cd:4e:9c:
be:c0:e4:a0:48:c7:83:a9:f3:fb:00:e6:5c:fb:6b:
c1:af:93:3c:83:0e:25:e6:3b:69:6d:b8:61:45:c4:
36:bf:1a:f5:35:9f:eb:ad:e4:65:49:10:dd:be:ec:
a2:19:c5:59:55:3b:2b:66:74:66:5f:0b:f5:1d:6d:
47:15:d2:42:39:37:87:66:69:26:33:3e:8c:d3:3a:
2d:7b:1f:07:3a:d0:85:b1:cc:a3:27:a3:13:9d:47:
ce:f0:39:e8:15:33:83:85:13:a5:05:d3:3a:d0:33:
1f:31:3b:20:00:a9:b5:74:54:92:7a:b6:15:31:70:
c3:6f:34:93:19:06:7d:ae:a1:45:79:ac:76:f6:12:
33:e6:c3:44:99:60:d2:50:fe:b8:04:a3:7a:2c:99:
0c:f5:24:e5:29:be:32:e2:08:bb:c8:16:ea:4d:a3:
22:b4:c1:7a:c7:21:23:84:7c:09:45:e8:d3:c6:f7:
8c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7F:3F:9E:36:96:78:62:8C:9C:98:D4:9D:3D:7E:D3:95:5E:B9:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
7d:66:1c:5d:28:37:09:52:37:b2:26:60:3f:cc:dd:2d:a8:e3:
e9:13:86:b5:b1:8b:02:fe:3f:74:8e:9c:4b:5e:50:7b:0f:c9:
80:59:ac:ba:e1:f1:82:8d:cf:cb:ba:19:21:a4:b6:a1:e0:46:
3a:de:68:98:0a:e4:e8:85:70:20:49:d1:01:c2:1d:97:46:b3:
89:c1:31:be:2f:9f:0e:94:91:2f:03:9d:1f:e8:10:b0:95:65:
01:57:74:55:db:52:65:75:c4:07:20:14:26:48:eb:5e:7c:60:
a3:5b:7a:3a:92:4c:ca:ad:21:df:41:a8:43:cf:6d:5f:b5:91:
c3:45:ac:bb:f8:41:45:d5:a5:3b:b2:d0:6e:01:23:c6:a0:94:
f6:16:7f:8e:be:7a:87:06:e7:d2:24:33:16:48:82:1a:f6:24:
ca:b2:18:62:a9:a5:7e:be:7a:1c:18:a8:4d:d3:70:70:25:c3:
99:32:82:86:31:8f:4a:e1:5a:fc:ea:bf:59:1c:0d:07:78:68:
d0:31:18:f2:66:a0:b9:57:6b:5b:af:74:2e:af:67:8e:c3:bb:
b7:34:f7:b4:db:8a:ea:2d:9e:da:2d:f9:34:d8:73:84:e5:87:
72:66:62:5d:b1:a8:5b:97:7d:a3:c8:cd:a6:08:19:ac:2d:72:
f6:c7:c6:8e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAqYvmj2ZxCA2lXKOp9sL3l6vpAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQxMDFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3N2FiMzAxNGJkMmRiNGZmYzZmNGIzMzI4M2U5MThiMGQ4MTk5YzM4ZDg2
MDViMDVkYjBhMDFjNjM0NzE2NjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkP7y+8wR4iTuhKDemWlkM9igyY1A9O/rV0xIE50dyCU/4MGuUPUzKk9t9J
U8uxGcP7AN6TSGoqgflb+CeCmtVjRZGHni2rzU6cvsDkoEjHg6nz+wDmXPtrwa+T
PIMOJeY7aW24YUXENr8a9TWf663kZUkQ3b7sohnFWVU7K2Z0Zl8L9R1tRxXSQjk3
h2ZpJjM+jNM6LXsfBzrQhbHMoyejE51HzvA56BUzg4UTpQXTOtAzHzE7IACptXRU
knq2FTFww280kxkGfa6hRXmsdvYSM+bDRJlg0lD+uASjeiyZDPUk5Sm+MuIIu8gW
6k2jIrTBeschI4R8CUXo08b3jEsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRnfz+e
NpZ4YoycmNSdPX7TlV65zjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU3MDg3YWYtNWJhZi00YTJmLWE5ZWMtZGJhZGI0NzMxM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAfWYcXSg3CVI3siZgP8zdLajj6ROGtbGLAv4/
dI6cS15Qew/JgFmsuuHxgo3Py7oZIaS2oeBGOt5omArk6IVwIEnRAcIdl0azicEx
vi+fDpSRLwOdH+gQsJVlAVd0VdtSZXXEByAUJkjrXnxgo1t6OpJMyq0h30GoQ89t
X7WRw0Wsu/hBRdWlO7LQbgEjxqCU9hZ/jr56hwbn0iQzFkiCGvYkyrIYYqmlfr56
HBioTdNwcCXDmTKChjGPSuFa/Oq/WRwNB3ho0DEY8maguVdrW690Lq9njsO7tzT3
tNuK6i2e2i35NNhzhOWHcmZiXbGoW5d9o8jNpggZrC1y9sfGjg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:07 2025 by rpki-client