Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
File: 7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa (raw, json)
Hash identifier: ShbNT/EX/gp836YpcS3wdts0x7pW9PzTHF2U0MjKE0I=
Subject key identifier: 13:6F:67:9B:54:A9:6F:E6:18:79:35:94:35:C0:7C:F0:C7:C0:95:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 207EBD3C944922D8F7426B557D4047BE17B8E08B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
Signing time: Mon 16 Jun 2025 20:40:49 +0000
ROA not before: Mon 16 Jun 2025 20:40:49 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:7e:bd:3c:94:49:22:d8:f7:42:6b:55:7d:40:47:be:17:b8:e0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:40:49 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c8be952cbda92b853ad0b6eb99fdf9dca6531b38462c3a38b79b5916fe705cf0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7e:11:42:d4:10:9e:08:e2:20:09:7f:df:f0:
79:ae:34:48:02:87:69:d3:06:3c:0c:f3:20:24:8e:
4b:63:c3:7e:05:15:a3:a3:f9:ad:d4:4a:a4:ef:02:
61:bf:83:e3:d7:f5:34:ec:50:e2:00:aa:e6:96:00:
83:e7:13:53:8a:e4:ae:ab:ed:e4:de:b7:88:94:a5:
48:d9:88:64:8c:bb:2a:b7:a6:40:6a:48:72:91:53:
4b:3f:91:42:1f:f1:27:b6:15:7d:48:29:e5:3e:2d:
20:24:82:4d:9b:c8:d9:dc:5e:6e:d9:67:e5:0a:56:
dc:a3:d6:3f:d2:cc:d8:a3:25:04:99:b6:62:e3:54:
dc:0a:4f:ef:92:c7:74:63:42:0a:1f:09:b8:af:55:
bc:cc:cb:6d:f4:d7:12:b2:c5:99:52:da:7f:0f:d5:
2a:13:b7:2e:09:8b:d4:d4:e9:d1:6d:c6:58:b8:94:
14:8f:2d:6b:84:14:ce:92:e0:e5:15:71:cc:87:5a:
06:9f:e7:4b:e7:88:04:76:81:99:ae:31:d9:1b:6b:
fc:b2:7d:9c:cd:fb:cb:b0:d5:b0:89:b0:7f:5b:58:
bb:86:b4:d4:e6:63:bc:60:98:d5:aa:b0:71:72:0f:
a0:d5:86:1a:a9:3e:47:01:94:1c:bf:78:4f:3c:2d:
16:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:6F:67:9B:54:A9:6F:E6:18:79:35:94:35:C0:7C:F0:C7:C0:95:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5080::/46
Signature Algorithm: sha256WithRSAEncryption
c3:41:fa:b4:b7:dc:3c:c7:00:3c:91:65:48:78:df:02:30:bd:
2c:85:98:33:d9:c4:96:2d:b1:49:7d:13:1a:08:de:a0:b4:48:
9d:10:20:7f:ef:9b:2a:a0:34:86:c9:5c:7a:6d:3e:d4:ef:a3:
4d:f3:5c:60:bc:44:24:f2:a2:78:62:1d:39:17:56:23:47:90:
8b:eb:35:14:a4:a6:49:ba:1f:b2:52:93:c0:20:b5:f2:34:12:
60:3d:68:f8:57:2d:80:b3:e8:65:62:92:01:9b:0d:d5:cf:ed:
c4:73:60:8f:31:19:73:1a:55:b4:6e:f6:d0:6f:7d:7e:47:fc:
9b:0c:12:b1:09:a3:30:b3:b7:72:b7:ab:05:17:c0:a5:fa:ac:
b2:13:20:80:a1:0d:5a:76:1c:3a:73:63:ce:43:ad:8e:ed:21:
fe:52:99:41:ae:05:c2:47:32:7b:45:be:bc:f0:bf:8c:d6:56:
ec:d7:6f:e3:2a:74:f1:f0:ac:ce:26:0e:f8:c8:ed:d4:55:f1:
1d:9b:0a:7f:34:df:d4:f3:ca:57:33:71:e6:9b:5d:61:71:a0:
9c:fd:5f:44:c6:4b:e6:d2:8c:1f:d9:f0:1f:be:1f:a0:d4:dc:
5a:ee:c6:df:06:c0:be:33:68:55:a4:2d:a5:91:22:69:aa:0c:
01:59:cc:d4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIH69PJRJItj3QmtVfUBHvhe44IswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQwNDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4YmU5NTJjYmRhOTJiODUzYWQwYjZlYjk5ZmRmOWRjYTY1MzFiMzg0NjJj
M2EzOGI3OWI1OTE2ZmU3MDVjZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIh+EULUEJ4I4iAJf9/wea40SAKHadMGPAzzICSOS2PDfgUVo6P5rdRKpO8C
Yb+D49f1NOxQ4gCq5pYAg+cTU4rkrqvt5N63iJSlSNmIZIy7KremQGpIcpFTSz+R
Qh/xJ7YVfUgp5T4tICSCTZvI2dxebtln5QpW3KPWP9LM2KMlBJm2YuNU3ApP75LH
dGNCCh8JuK9VvMzLbfTXErLFmVLafw/VKhO3LgmL1NTp0W3GWLiUFI8ta4QUzpLg
5RVxzIdaBp/nS+eIBHaBma4x2Rtr/LJ9nM37y7DVsImwf1tYu4a01OZjvGCY1aqw
cXIPoNWGGqk+RwGUHL94TzwtFu0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQTb2eb
VKlv5hh5NZQ1wHzwx8CVhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E4Mzg2ZWUtMTRmYi00MDg5LTkyYmQtNmI0YjFjOWMwMWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAw0H6tLfcPMcAPJFlSHjfAjC9LIWYM9nEli2x
SX0TGgjeoLRInRAgf++bKqA0hslcem0+1O+jTfNcYLxEJPKieGIdORdWI0eQi+s1
FKSmSbofslKTwCC18jQSYD1o+FctgLPoZWKSAZsN1c/txHNgjzEZcxpVtG720G99
fkf8mwwSsQmjMLO3crerBRfApfqsshMggKENWnYcOnNjzkOtju0h/lKZQa4Fwkcy
e0W+vPC/jNZW7Ndv4yp08fCsziYO+Mjt1FXxHZsKfzTf1PPKVzNx5ptdYXGgnP1f
RMZL5tKMH9nwH74foNTcWu7G3wbAvjNoVaQtpZEiaaoMAVnM1A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:23:33 2025 by rpki-client