Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa
File: 7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa (raw, json)
Hash identifier: FeSZOB1WxW5CFvnvQBOIz7A+adG3KNmVDh0608rnLz4=
Subject key identifier: 37:46:CF:0E:AA:79:97:68:1C:9D:5D:CC:81:4C:46:70:A6:73:E2:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E8B8964CB25427C41A45ACDC0E5386FB3DD7E98
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa
Signing time: Mon 16 Jun 2025 19:40:17 +0000
ROA not before: Mon 16 Jun 2025 19:40:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:8b:89:64:cb:25:42:7c:41:a4:5a:cd:c0:e5:38:6f:b3:dd:7e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=4c72fd40a076bc7ea60c96f479b5f2800f226702841972c75556c53f6e377229, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ab:55:f1:5b:85:e0:b1:a7:a1:72:9a:49:ec:
ec:e3:cc:75:f3:97:22:30:d1:c6:dc:a6:6e:dd:d6:
fa:0e:f8:ab:40:ad:49:31:ad:1a:1c:d7:3b:f2:3f:
52:60:1b:e8:e2:9e:a6:cd:4e:3d:53:7a:f0:d7:07:
cd:7a:02:6d:55:a9:fb:59:55:57:79:d1:66:34:75:
77:14:a7:08:09:65:b5:9f:16:f4:be:c0:10:f2:69:
86:a0:e8:8c:45:6f:47:2f:ed:76:16:27:8e:1d:03:
04:57:37:31:af:11:e2:15:a1:77:fb:14:de:59:b6:
6d:18:21:bc:4b:86:07:24:cf:12:0f:26:10:03:e8:
bb:80:84:c5:62:4b:30:17:b4:d6:93:c0:53:38:0f:
11:7a:7c:a9:eb:62:6f:3b:cc:cb:09:a8:48:5c:bd:
6c:c8:77:b3:5b:12:75:46:4c:df:fc:45:e2:13:c4:
d3:d8:2f:7b:d8:85:2c:ff:a4:0f:f1:98:80:28:22:
19:af:3e:75:df:f7:64:e4:c4:57:9c:06:20:a6:7f:
bc:f2:e4:d2:7a:ed:4b:49:55:48:52:0b:01:5f:b9:
40:e2:68:c2:0b:85:99:1c:6a:7a:3a:b6:7d:53:4f:
02:64:e0:5e:23:a4:d3:9a:bb:64:3a:d0:f4:28:00:
ff:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:46:CF:0E:AA:79:97:68:1C:9D:5D:CC:81:4C:46:70:A6:73:E2:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e080::/48
Signature Algorithm: sha256WithRSAEncryption
0f:b2:1b:0f:ee:6f:93:b4:ff:08:64:09:f3:83:43:92:cf:b0:
fd:c8:6d:57:0e:fd:73:3a:aa:fe:2b:a7:27:d0:37:49:3a:c8:
8c:ee:f8:49:64:83:a8:56:4a:a9:7f:db:a7:4b:c9:e4:1d:b9:
a2:10:f8:1f:1e:18:6c:b1:e1:8b:11:e9:a8:24:2d:a7:e8:e1:
7b:2f:f3:cf:e4:d7:9e:bc:03:c1:69:24:e7:e3:84:2d:06:29:
54:23:b3:fd:53:e3:02:3e:8f:cc:c5:ba:bc:4f:bc:4f:57:97:
fe:47:49:2e:c6:0e:fa:69:36:4f:6e:90:a0:93:4f:59:73:72:
e6:62:a1:53:a0:8b:ce:fb:0c:97:5c:df:3a:5d:83:56:ad:8d:
42:93:ba:af:a1:48:d0:1e:40:85:ea:63:a1:14:56:64:93:f7:
af:49:f8:1c:49:ca:82:60:f6:2a:38:ea:21:25:e5:76:4c:77:
18:d9:98:07:25:63:28:2c:10:26:ce:3b:ea:ea:cb:81:a8:38:
b4:d4:d0:96:c3:b3:ce:4f:98:6c:77:01:98:e7:d4:9e:84:aa:
d7:e1:23:24:06:a4:0c:2e:ba:48:bc:17:c8:dc:4b:70:4c:b7:
a6:92:0e:f5:fd:e9:93:6a:13:56:13:e8:67:73:a2:3c:83:7d:
87:ca:7b:ab
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfouJZMslQnxBpFrNwOU4b7PdfpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjNzJmZDQwYTA3NmJjN2VhNjBjOTZmNDc5YjVmMjgwMGYyMjY3MDI4NDE5
NzJjNzU1NTZjNTNmNmUzNzcyMjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWrVfFbheCxp6Fymkns7OPMdfOXIjDRxtymbt3W+g74q0CtSTGtGhzXO/I/
UmAb6OKeps1OPVN68NcHzXoCbVWp+1lVV3nRZjR1dxSnCAlltZ8W9L7AEPJphqDo
jEVvRy/tdhYnjh0DBFc3Ma8R4hWhd/sU3lm2bRghvEuGByTPEg8mEAPou4CExWJL
MBe01pPAUzgPEXp8qetibzvMywmoSFy9bMh3s1sSdUZM3/xF4hPE09gve9iFLP+k
D/GYgCgiGa8+dd/3ZOTEV5wGIKZ/vPLk0nrtS0lVSFILAV+5QOJowguFmRxqejq2
fVNPAmTgXiOk05q7ZDrQ9CgA//sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ3Rs8O
qnmXaBydXcyBTEZwpnPiwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2I1ZjQ1YTItYWI3OS00YWQzLWEwOWUtODdiMzU1Zjc2NzMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
gDANBgkqhkiG9w0BAQsFAAOCAQEAD7IbD+5vk7T/CGQJ84NDks+w/chtVw79czqq
/iunJ9A3STrIjO74SWSDqFZKqX/bp0vJ5B25ohD4Hx4YbLHhixHpqCQtp+jhey/z
z+TXnrwDwWkk5+OELQYpVCOz/VPjAj6PzMW6vE+8T1eX/kdJLsYO+mk2T26QoJNP
WXNy5mKhU6CLzvsMl1zfOl2DVq2NQpO6r6FI0B5AhepjoRRWZJP3r0n4HEnKgmD2
KjjqISXldkx3GNmYByVjKCwQJs476urLgag4tNTQlsOzzk+YbHcBmOfUnoSq1+Ej
JAakDC66SLwXyNxLcEy3ppIO9f3pk2oTVhPoZ3OiPIN9h8p7qw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:10 2025 by rpki-client