Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json)
Hash identifier: Gvo9OjGlKaXfV6COKe/kD8j1CkaRUOTqWElmQWH8HzE=
Subject key identifier: 08:F4:BA:8A:2C:21:F9:7F:DB:9D:E3:C9:06:2B:5C:3C:32:55:FE:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 227BF5B835949C3684F14BE542908E831D4DFDE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
Signing time: Mon 16 Jun 2025 21:40:57 +0000
ROA not before: Mon 16 Jun 2025 21:40:57 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:7b:f5:b8:35:94:9c:36:84:f1:4b:e5:42:90:8e:83:1d:4d:fd:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:57 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=65dc9039d9f4ef3c968d0807555158c15da841b0a47016a49fd647b89c0a91ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a9:8d:a4:35:83:0d:33:58:57:c1:b7:87:cb:
7b:fb:34:35:74:08:0a:1f:3c:5d:fe:54:03:f1:f1:
d0:79:cc:55:d3:68:1e:b4:54:7d:e8:f7:3d:ad:4c:
92:4f:ae:19:25:e4:b7:db:03:2d:36:e4:c6:86:0b:
14:a7:d9:4e:c9:a0:ba:30:f6:3a:67:26:e0:56:a8:
99:ae:17:ba:bc:db:a4:63:d4:00:1b:1a:70:42:85:
6f:fe:7d:04:50:bd:37:0b:9f:57:b5:25:4e:65:16:
6f:6d:d2:d8:5b:d0:ae:4d:7e:08:b4:ec:29:91:fc:
84:d1:cf:8a:d2:d0:fd:1b:4b:0d:64:60:19:4e:00:
fb:f9:28:ea:49:da:8f:5d:36:82:28:fc:68:0e:4a:
95:2f:7b:4b:2a:69:9f:87:d2:71:ce:f5:cd:8f:d4:
f4:9f:04:c7:a5:3a:a6:25:63:a2:e9:2b:f2:ed:93:
bb:f4:81:e6:7e:c9:b7:a5:77:a9:5b:c3:58:26:6a:
f6:7e:da:ad:57:6d:81:22:a2:82:47:af:69:4a:df:
39:ab:02:c1:63:bb:45:38:6f:2a:b1:ac:34:71:1d:
e0:94:73:44:94:69:5d:0a:c9:bc:23:70:c3:cb:f0:
d5:93:db:9f:a9:fd:ac:60:e7:96:ed:38:b3:77:3f:
dd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F4:BA:8A:2C:21:F9:7F:DB:9D:E3:C9:06:2B:5C:3C:32:55:FE:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/37
Signature Algorithm: sha256WithRSAEncryption
7f:8f:7a:85:c2:aa:b8:c6:2b:91:dc:06:14:4c:08:bb:8d:5d:
57:7a:0c:66:a4:ed:50:55:91:a7:8f:f0:fb:a1:1d:98:69:4b:
f2:52:bf:67:01:59:e7:65:ad:00:a9:f3:1b:51:f5:1b:40:b8:
55:94:be:29:c0:d6:b5:a1:e6:73:bd:03:7c:07:3e:90:bd:66:
88:10:b4:bf:a6:7c:3f:94:6d:13:97:41:c0:a8:5e:07:ff:a4:
be:6f:fa:e3:95:ed:58:56:c1:3f:ae:c0:d1:bb:69:0f:f2:da:
41:e5:26:8a:59:0d:95:89:7f:c3:3c:a4:68:08:68:be:f9:65:
31:c3:8b:d1:2c:50:59:7d:ee:1f:0d:ee:99:11:9a:17:9e:90:
4a:63:ac:e7:0a:8a:5e:03:ce:15:18:69:a8:b8:db:e1:37:9f:
ed:2d:82:fc:49:72:f3:65:b0:4d:18:57:3d:be:7b:df:8f:9e:
25:c9:b8:42:13:87:8b:70:01:ed:ff:00:78:bc:a0:08:57:f6:
3d:2f:4e:9a:e2:0c:a0:38:a3:0c:0c:a1:3a:c7:7c:f8:97:51:
11:37:da:7e:9f:5f:2d:57:22:8c:6c:af:eb:57:b7:6d:b3:1c:
51:59:94:88:be:e0:08:94:f5:b7:9b:b2:5a:f7:88:30:7e:d3:
15:d7:04:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUInv1uDWUnDaE8UvlQpCOgx1N/ekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwNTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1ZGM5MDM5ZDlmNGVmM2M5NjhkMDgwNzU1NTE1OGMxNWRhODQxYjBhNDcw
MTZhNDlmZDY0N2I4OWMwYTkxYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWpjaQ1gw0zWFfBt4fLe/s0NXQICh88Xf5UA/Hx0HnMVdNoHrRUfej3Pa1M
kk+uGSXkt9sDLTbkxoYLFKfZTsmgujD2Omcm4Faoma4XurzbpGPUABsacEKFb/59
BFC9NwufV7UlTmUWb23S2FvQrk1+CLTsKZH8hNHPitLQ/RtLDWRgGU4A+/ko6kna
j102gij8aA5KlS97Syppn4fScc71zY/U9J8Ex6U6piVjoukr8u2Tu/SB5n7Jt6V3
qVvDWCZq9n7arVdtgSKigkevaUrfOasCwWO7RThvKrGsNHEd4JRzRJRpXQrJvCNw
w8vw1ZPbn6n9rGDnlu04s3c/3fECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQI9LqK
LCH5f9ud48kGK1w8MlX+gDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQB/j3qFwqq4xiuR3AYUTAi7jV1XegxmpO1QVZGn
j/D7oR2YaUvyUr9nAVnnZa0AqfMbUfUbQLhVlL4pwNa1oeZzvQN8Bz6QvWaIELS/
pnw/lG0Tl0HAqF4H/6S+b/rjle1YVsE/rsDRu2kP8tpB5SaKWQ2ViX/DPKRoCGi+
+WUxw4vRLFBZfe4fDe6ZEZoXnpBKY6znCopeA84VGGmouNvhN5/tLYL8SXLzZbBN
GFc9vnvfj54lybhCE4eLcAHt/wB4vKAIV/Y9L06a4gygOKMMDKE6x3z4l1ERN9p+
n18tVyKMbK/rV7dtsxxRWZSIvuAIlPW3m7Ja94gwftMV1wRO
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:41 2025 by rpki-client