Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
File: 7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa (raw, json)
Hash identifier: /4c0AickOGrihxW1FrKMl4VcpUXkT44rrqwGoKIaHAA=
Subject key identifier: 5A:15:F0:DD:81:A4:98:49:6C:0B:F3:78:21:EF:B8:AE:1B:12:39:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C31C171558FB02868DE1F1D000271D3324C523E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
Signing time: Mon 16 Jun 2025 21:11:17 +0000
ROA not before: Mon 16 Jun 2025 21:11:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:31:c1:71:55:8f:b0:28:68:de:1f:1d:00:02:71:d3:32:4c:52:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:11:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0ec975517aa2b36b67fec7623bcc7856a85cfee1027027340970b0ca5ab7adcf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4f:23:2f:dd:13:fc:04:45:d0:75:f5:35:4d:
35:c9:9a:99:75:a2:a4:5e:23:42:51:ae:ab:0e:38:
e2:8a:b9:3d:82:dd:a8:a9:4a:d3:93:55:22:36:7f:
55:cd:3e:c9:79:82:a0:fe:3a:b9:7b:13:71:f6:2d:
d3:7a:52:0e:44:2a:6d:ef:d2:ea:04:9d:13:92:99:
83:b7:83:5d:0a:7b:0f:05:b5:78:df:81:13:a1:68:
24:fd:1f:c1:ab:80:e1:9b:58:5f:f7:d7:c3:e3:4c:
c2:c2:a5:01:b5:8a:a0:c5:c4:45:d7:a9:4d:c9:5c:
b0:04:c6:93:8b:d2:ba:76:d1:ce:9f:97:67:84:32:
27:30:38:e7:49:06:e2:3b:70:9e:3a:9d:9b:c4:c0:
54:06:df:c0:c5:ab:5e:77:72:49:9e:cf:40:e4:da:
bb:1c:9e:bb:d7:7b:06:7b:c9:de:6f:79:94:2a:a7:
46:97:29:e1:8e:15:4f:9b:11:53:4c:30:4d:d2:8e:
3f:2a:46:0d:81:13:46:bd:4a:31:bf:f5:cd:9d:dd:
77:65:25:fd:2e:bf:4b:8d:1c:28:8e:67:3c:34:5a:
6b:cd:66:91:77:0f:2a:82:ce:1a:94:0e:af:39:71:
cb:b6:e2:4a:5a:6b:b1:c5:b3:23:8f:a9:9b:f7:67:
f0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:15:F0:DD:81:A4:98:49:6C:0B:F3:78:21:EF:B8:AE:1B:12:39:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:9000::/40
Signature Algorithm: sha256WithRSAEncryption
94:a9:70:e9:8e:f3:72:6c:ef:d4:6d:1e:1b:c0:1d:d7:7d:88:
ae:e3:d2:0e:a7:3e:31:a0:df:bf:b2:f2:a8:9c:1d:43:d2:ab:
d4:52:83:ed:d4:18:c0:d4:4b:80:a2:c6:bd:af:eb:a6:42:c8:
90:9e:a4:c1:cb:d2:d7:05:78:1e:d2:a1:f7:89:80:cf:69:e2:
b3:87:91:9a:48:bd:ca:9d:0d:2b:f2:37:c3:46:1b:cd:fd:f6:
ff:de:38:fc:04:6d:40:85:c3:e0:fb:4e:14:79:ab:1f:81:f8:
e1:c3:b5:f0:0c:cc:e8:5a:d3:40:5c:1c:29:05:9b:90:51:d0:
be:ee:08:4f:74:13:ba:62:8b:43:22:a6:29:3c:63:e9:25:65:
d9:fa:cf:85:a9:83:ea:b1:1d:f6:f9:31:0a:02:63:0e:d9:08:
e2:8b:5f:3b:a0:e4:56:2c:d3:3a:18:09:72:15:ae:ff:fb:ab:
0d:7b:14:3c:74:b9:11:a9:8b:0c:ac:56:4c:74:72:c7:89:76:
34:b0:2c:86:1b:bd:9b:1e:f0:1f:67:3a:a5:95:74:2c:1a:6e:
6f:10:f8:53:bc:cc:49:e2:e4:a4:83:36:a7:f6:99:8a:47:ee:
d6:50:52:86:51:e0:c8:e5:d8:f3:73:4d:82:a4:53:29:d2:1a:
0b:9f:9b:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfDHBcVWPsCho3h8dAAJx0zJMUj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTExMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlYzk3NTUxN2FhMmIzNmI2N2ZlYzc2MjNiY2M3ODU2YTg1Y2ZlZTEwMjcw
MjczNDA5NzBiMGNhNWFiN2FkY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJPIy/dE/wERdB19TVNNcmamXWipF4jQlGuqw444oq5PYLdqKlK05NVIjZ/
Vc0+yXmCoP46uXsTcfYt03pSDkQqbe/S6gSdE5KZg7eDXQp7DwW1eN+BE6FoJP0f
wauA4ZtYX/fXw+NMwsKlAbWKoMXERdepTclcsATGk4vSunbRzp+XZ4QyJzA450kG
4jtwnjqdm8TAVAbfwMWrXndySZ7PQOTauxyeu9d7BnvJ3m95lCqnRpcp4Y4VT5sR
U0wwTdKOPypGDYETRr1KMb/1zZ3dd2Ul/S6/S40cKI5nPDRaa81mkXcPKoLOGpQO
rzlxy7biSlprscWzI4+pm/dn8B8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRaFfDd
gaSYSWwL83gh77iuGxI5SDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q5NmQzYWQtMGVlNy00NjMwLTlhNDktYTBkY2MyYjcxZGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCUqXDpjvNybO/UbR4bwB3XfYiu49IOpz4xoN+/
svKonB1D0qvUUoPt1BjA1EuAosa9r+umQsiQnqTBy9LXBXge0qH3iYDPaeKzh5Ga
SL3KnQ0r8jfDRhvN/fb/3jj8BG1AhcPg+04Ueasfgfjhw7XwDMzoWtNAXBwpBZuQ
UdC+7ghPdBO6YotDIqYpPGPpJWXZ+s+FqYPqsR32+TEKAmMO2Qjii187oORWLNM6
GAlyFa7/+6sNexQ8dLkRqYsMrFZMdHLHiXY0sCyGG72bHvAfZzqllXQsGm5vEPhT
vMxJ4uSkgzan9pmKR+7WUFKGUeDI5djzc02CpFMp0hoLn5tP
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:10 2025 by rpki-client