Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79337548-762c-432b-bf7a-72bf34db9509.roa
File: 79337548-762c-432b-bf7a-72bf34db9509.roa (raw, json)
Hash identifier: HcB26W1g00gy1wjiITc0YlW+xmUx0Y1xeq/vDvBiBJY=
Subject key identifier: 6C:94:8C:71:BF:EA:58:D5:74:14:B7:41:95:00:13:51:B3:62:73:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FFC2B3F155FDD6DDC1A418E5BAF5B041D05B6DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79337548-762c-432b-bf7a-72bf34db9509.roa
Signing time: Thu 26 Jun 2025 19:38:56 +0000
ROA not before: Thu 26 Jun 2025 19:38:56 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:fc:2b:3f:15:5f:dd:6d:dc:1a:41:8e:5b:af:5b:04:1d:05:b6:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:56 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=dd8277e493773f019e525eb5e7ecc12caf37e748d02daf863adf9c10cdfb5815, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b9:af:44:f9:a7:80:75:8c:b9:50:4e:57:a6:
36:5c:65:5b:2c:f6:f7:01:d4:be:8a:fd:aa:3d:5e:
44:d7:30:db:fc:76:e8:07:e0:78:04:8b:53:24:59:
30:b9:e7:7f:9c:8f:41:76:7b:32:be:17:d0:97:58:
53:7d:f3:5d:f5:36:0f:ae:9c:48:79:e6:16:cb:6b:
83:b7:ab:e3:16:33:73:27:53:59:ff:f2:9d:30:e3:
1a:ea:00:c1:13:1c:77:ce:71:83:61:7f:da:b1:ea:
95:87:d9:08:e4:00:8a:d3:87:3b:24:83:27:66:fc:
21:96:1d:0f:9d:83:4b:5e:96:e8:f9:58:f6:78:78:
6f:28:53:ef:aa:3b:58:ed:55:53:15:bb:dd:ec:b3:
dd:f4:7c:bb:e0:84:dd:00:17:3d:71:d0:e0:9e:f0:
c2:4a:f7:5b:9b:58:03:92:2a:d8:af:fa:76:7e:d4:
c1:ac:55:e6:38:56:b0:b8:9a:b7:ad:7f:73:80:15:
b9:b7:12:94:4c:33:c7:fe:15:68:b7:0a:7b:05:0a:
b6:c5:7f:6d:ba:04:0e:0b:22:7f:73:85:18:6e:7f:
c9:88:09:94:8e:3d:53:3e:e2:38:8c:1e:60:99:d5:
95:d9:32:a3:b8:24:ac:22:04:6d:d6:b4:60:d8:76:
6b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:94:8C:71:BF:EA:58:D5:74:14:B7:41:95:00:13:51:B3:62:73:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79337548-762c-432b-bf7a-72bf34db9509.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c080::/46
Signature Algorithm: sha256WithRSAEncryption
77:30:bb:a5:ed:3f:59:e0:4f:32:5b:d1:05:fa:a0:51:4e:ba:
42:84:13:11:e6:5f:18:7a:b7:90:e0:b1:a2:29:fd:90:f5:cb:
da:54:d6:d4:fd:76:b2:d9:44:72:85:5e:d7:27:5e:a3:0e:9f:
09:e7:bc:5a:76:ce:1b:9c:8f:6b:94:9e:1e:35:50:60:9a:27:
3d:d0:c4:59:3c:dc:54:b9:f7:ce:21:a9:5b:b8:11:42:a3:42:
2f:65:fd:4b:8c:d5:a1:fa:f7:8a:06:5e:21:45:67:e4:d8:e7:
65:f6:39:80:08:47:f5:98:a1:e0:0d:f1:49:2b:f9:b4:2b:a0:
c4:fd:59:ef:af:11:ce:9c:b0:7a:fc:76:9e:3d:39:6b:b5:3a:
77:57:a8:4c:5d:42:ba:87:a6:27:0a:6b:cd:6a:b0:7e:73:61:
cb:34:02:38:69:09:30:ed:a9:dd:73:51:2b:75:bc:b1:22:a5:
70:3f:92:2a:a3:e5:e6:13:e8:b3:92:69:d1:53:5e:9a:c9:48:
44:d2:73:cb:5d:84:be:87:f3:a0:36:86:e1:e0:f5:d6:90:c0:
3d:1f:12:68:07:59:df:90:0a:f8:97:1a:79:1c:dd:56:a2:b5:
04:31:68:cc:a1:28:55:0c:4f:78:0b:a3:ab:4f:d9:c7:0a:df:
88:32:ca:1a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP/wrPxVf3W3cGkGOW69bBB0FttowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NTZaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkODI3N2U0OTM3NzNmMDE5ZTUyNWViNWU3ZWNjMTJjYWYzN2U3NDhkMDJk
YWY4NjNhZGY5YzEwY2RmYjU4MTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANS5r0T5p4B1jLlQTlemNlxlWyz29wHUvor9qj1eRNcw2/x26AfgeASLUyRZ
MLnnf5yPQXZ7Mr4X0JdYU33zXfU2D66cSHnmFstrg7er4xYzcydTWf/ynTDjGuoA
wRMcd85xg2F/2rHqlYfZCOQAitOHOySDJ2b8IZYdD52DS16W6PlY9nh4byhT76o7
WO1VUxW73eyz3fR8u+CE3QAXPXHQ4J7wwkr3W5tYA5Iq2K/6dn7UwaxV5jhWsLia
t61/c4AVubcSlEwzx/4VaLcKewUKtsV/bboEDgsif3OFGG5/yYgJlI49Uz7iOIwe
YJnVldkyo7gkrCIEbda0YNh2a+ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRslIxx
v+pY1XQUt0GVABNRs2Jz6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzkzMzc1NDgtNzYyYy00MzJiLWJmN2EtNzJiZjM0ZGI5NTA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
gDANBgkqhkiG9w0BAQsFAAOCAQEAdzC7pe0/WeBPMlvRBfqgUU66QoQTEeZfGHq3
kOCxoin9kPXL2lTW1P12stlEcoVe1ydeow6fCee8WnbOG5yPa5SeHjVQYJonPdDE
WTzcVLn3ziGpW7gRQqNCL2X9S4zVofr3igZeIUVn5NjnZfY5gAhH9Zih4A3xSSv5
tCugxP1Z768Rzpywevx2nj05a7U6d1eoTF1CuoemJwprzWqwfnNhyzQCOGkJMO2p
3XNRK3W8sSKlcD+SKqPl5hPos5Jp0VNemslIRNJzy12EvofzoDaG4eD11pDAPR8S
aAdZ35AK+JcaeRzdVqK1BDFozKEoVQxPeAujq0/ZxwrfiDLKGg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:00:03 2025 by rpki-client