Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
File: 889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa (raw, json)
Hash identifier: LdtiR7AzgVOrGwV4qcAqExaDUnFykpD+thjVbnvBzqU=
Subject key identifier: 74:54:44:E9:0F:CB:6D:9C:9E:A6:F1:F7:8E:C7:65:46:81:A5:C6:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67119BCB11CE83B542DA36B0810CCB350DB71F1E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
Signing time: Mon 16 Jun 2025 21:31:02 +0000
ROA not before: Mon 16 Jun 2025 21:31:02 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:11:9b:cb:11:ce:83:b5:42:da:36:b0:81:0c:cb:35:0d:b7:1f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:02 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=46dcfbcbd82b15d787f10e0bad38e7b93bc20a83b8c9fca8a972cefed2429ec6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fb:f6:6e:d6:61:3c:a6:b0:71:4d:b2:d8:73:
df:7e:90:7d:73:2c:7c:8b:f1:dc:d3:ea:97:a2:d0:
d8:a8:e6:83:25:ca:36:7d:5d:7c:4e:54:eb:07:07:
29:92:ac:95:98:b1:5b:0f:1c:36:47:10:e9:dc:3d:
7f:60:f7:75:f7:bc:7a:20:43:ec:7d:4e:4c:f8:d2:
ed:db:1b:93:ff:77:50:33:ad:0c:39:7f:1d:f2:6f:
94:d4:20:cb:2d:f5:88:d1:f0:e4:1f:ef:68:89:e4:
34:fa:50:52:47:22:af:8a:53:98:16:7b:68:83:22:
5d:92:51:2e:30:5b:90:c0:b0:84:84:89:d4:62:e2:
43:fb:37:d2:7c:69:56:c3:11:1e:02:27:a4:3b:1e:
91:3f:2b:ce:fe:74:6d:9c:37:db:3f:07:1b:d3:01:
59:3e:59:b4:f4:65:a6:cc:a5:2a:93:a6:69:86:e8:
b4:47:85:33:dc:7d:7e:40:0b:6f:d9:6c:87:7f:99:
b6:05:42:9a:0b:e0:e4:1f:8e:7c:49:f6:17:73:e1:
6d:4f:6c:13:1e:09:22:7a:e5:3e:9f:39:16:8d:0a:
8a:d7:26:80:64:51:00:8a:7f:99:65:2c:56:95:bd:
0e:4b:36:b3:f4:11:f0:99:90:12:61:cb:a2:99:ac:
de:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:54:44:E9:0F:CB:6D:9C:9E:A6:F1:F7:8E:C7:65:46:81:A5:C6:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/889a19c7-ad97-43ad-8e1e-dd9d5cccd696.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:800::/38
Signature Algorithm: sha256WithRSAEncryption
92:d5:61:22:0e:67:f9:a5:7d:dc:a4:46:04:18:30:fa:49:7c:
c0:6c:d3:c2:f0:11:53:94:a9:c6:e2:61:c8:00:24:6b:bc:da:
d8:a4:95:4a:38:6d:31:d7:36:27:56:5b:ac:c9:42:bb:ac:25:
8a:46:ee:22:d9:5e:fd:88:13:75:a9:06:ab:d6:17:28:b2:bc:
4a:f8:bd:ac:d6:84:21:1b:b8:84:13:80:0f:00:fe:b7:58:75:
85:df:48:d5:cc:13:2e:d7:e5:d8:bf:8c:c5:b8:86:c8:af:e0:
a5:bc:1f:7a:a8:c9:e7:c0:07:de:a6:75:33:af:94:b7:52:11:
cb:a9:89:e5:d8:c3:0c:7e:a5:90:68:c0:94:92:40:27:71:ab:
d7:90:88:b2:45:10:8d:44:01:3e:58:95:17:d8:4a:a3:18:86:
70:81:c1:df:25:ed:15:3e:4c:ea:c5:53:bb:49:a8:40:5a:65:
41:c4:d8:d9:a2:aa:fe:9e:fd:db:7e:a0:7f:5f:8d:1f:70:76:
34:68:a9:0d:7a:9d:f1:e2:73:83:f8:c6:67:69:86:dd:49:dd:
b5:e3:03:0e:1f:ab:4b:de:db:55:8d:ec:a8:90:e3:ca:d6:ea:
1f:0d:fb:3d:28:fc:5a:ff:a4:3b:83:28:9f:8e:e9:2b:80:f1:
fc:89:6e:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZxGbyxHOg7VC2jawgQzLNQ23Hx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMDJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ZGNmYmNiZDgyYjE1ZDc4N2YxMGUwYmFkMzhlN2I5M2JjMjBhODNiOGM5
ZmNhOGE5NzJjZWZlZDI0MjllYzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz79m7WYTymsHFNsthz336QfXMsfIvx3NPql6LQ2KjmgyXKNn1dfE5U6wcH
KZKslZixWw8cNkcQ6dw9f2D3dfe8eiBD7H1OTPjS7dsbk/93UDOtDDl/HfJvlNQg
yy31iNHw5B/vaInkNPpQUkcir4pTmBZ7aIMiXZJRLjBbkMCwhISJ1GLiQ/s30nxp
VsMRHgInpDsekT8rzv50bZw32z8HG9MBWT5ZtPRlpsylKpOmaYbotEeFM9x9fkAL
b9lsh3+ZtgVCmgvg5B+OfEn2F3PhbU9sEx4JInrlPp85Fo0KitcmgGRRAIp/mWUs
VpW9Dks2s/QR8JmQEmHLopms3sUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0VETp
D8ttnJ6m8feOx2VGgaXGGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg5YTE5YzctYWQ5Ny00M2FkLThlMWUtZGQ5ZDVjY2NkNjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwI
MA0GCSqGSIb3DQEBCwUAA4IBAQCS1WEiDmf5pX3cpEYEGDD6SXzAbNPC8BFTlKnG
4mHIACRrvNrYpJVKOG0x1zYnVlusyUK7rCWKRu4i2V79iBN1qQar1hcosrxK+L2s
1oQhG7iEE4APAP63WHWF30jVzBMu1+XYv4zFuIbIr+ClvB96qMnnwAfepnUzr5S3
UhHLqYnl2MMMfqWQaMCUkkAncavXkIiyRRCNRAE+WJUX2EqjGIZwgcHfJe0VPkzq
xVO7SahAWmVBxNjZoqr+nv3bfqB/X40fcHY0aKkNep3x4nOD+MZnaYbdSd214wMO
H6tL3ttVjeyokOPK1uofDfs9KPxa/6Q7gyifjukrgPH8iW6R
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:23:59 2025 by rpki-client