Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
File: 8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa (raw, json)
Hash identifier: pLYxp147kJ9WfqbiA8QiID7fZI/SiicHuIuAouL9hA4=
Subject key identifier: EF:4E:90:D9:02:A2:5B:3C:DB:04:08:D9:85:C7:E2:05:1D:40:9A:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70CB0BC07AD7C39AAE5BF4930148E96BCA8F8F6B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
Signing time: Tue 17 Jun 2025 00:41:22 +0000
ROA not before: Tue 17 Jun 2025 00:41:22 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:cb:0b:c0:7a:d7:c3:9a:ae:5b:f4:93:01:48:e9:6b:ca:8f:8f:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:22 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=0ab985bd7de46e268013556da9f46c2810de9d6616c64554733433ca597155ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6f:7f:b6:b5:0f:22:63:83:cb:a3:fd:17:67:
27:da:bf:d8:45:74:27:18:ca:11:2a:57:50:09:4d:
ef:0f:c4:a0:30:9c:1c:f7:a3:1b:45:f7:11:fb:f9:
4d:d2:42:7e:9c:40:fd:9f:e1:f6:7e:45:11:43:20:
f3:67:d4:94:26:d8:30:78:01:92:a1:ad:a2:56:21:
91:e0:e2:96:b4:ec:df:89:5b:9c:17:c5:7e:2d:13:
99:3a:46:79:e1:c3:12:d0:17:b2:ad:de:e9:fc:ab:
4f:da:f7:57:77:ab:a0:1a:86:fd:16:51:e6:71:6d:
ad:8b:1f:ed:a8:5b:6a:e2:53:cc:8e:36:7c:56:9d:
fb:fd:bd:d8:0a:d0:26:87:dd:ef:b7:54:e2:0a:f3:
19:e0:ee:e1:21:01:75:02:80:84:67:84:71:4f:a2:
7e:1f:c7:e2:da:4b:c8:54:3d:d5:cc:be:ed:f2:cf:
df:17:c9:51:6d:fe:89:ae:c8:eb:7c:d5:e7:79:5a:
42:bc:a7:a9:7d:b0:75:ef:cd:7b:29:c6:81:eb:91:
90:de:96:01:43:fc:1f:9a:94:b9:b8:af:3c:1d:c1:
0d:be:57:da:a4:f5:44:4b:52:bd:05:16:33:f9:68:
8e:29:e8:b8:0a:2e:23:33:3a:fb:04:d5:ef:5a:e6:
15:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4E:90:D9:02:A2:5B:3C:DB:04:08:D9:85:C7:E2:05:1D:40:9A:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:e5:b1:84:43:32:2c:50:42:37:78:5e:05:8d:9e:6b:50:59:
fb:35:d1:46:be:3a:ca:1f:06:d1:58:8f:51:d6:7f:d0:93:81:
60:9f:62:d3:cc:4b:43:ef:d6:e1:91:28:fd:31:6b:13:32:0a:
3d:a5:3a:d7:f2:17:6d:7e:8f:c0:31:44:47:3c:32:19:20:d9:
c3:df:ac:7b:d1:e6:5f:b1:df:cc:ce:f7:3d:0a:c0:6b:12:00:
08:49:29:91:35:98:ee:88:49:9d:b7:42:9a:15:2e:5d:aa:95:
cd:0e:f2:d9:50:f5:14:21:7b:03:31:87:33:70:4f:e2:b7:54:
de:a4:09:b6:77:7f:6a:59:4d:de:a9:70:cf:ac:a5:76:dc:9e:
ef:b0:5c:b0:fe:d3:9d:02:86:1a:98:1c:b8:e3:86:52:b7:69:
eb:c2:24:9a:be:89:3a:9d:e3:d3:c7:58:f7:18:f1:a2:10:68:
5e:a9:fc:9f:a1:4a:6a:da:e7:ce:d2:bc:9d:42:f5:48:8b:28:
20:53:74:7c:53:7b:3e:6d:5f:8c:13:5c:b9:b8:86:cd:67:57:
ad:3e:69:bc:e7:72:a2:ed:1e:05:5c:5c:04:22:52:10:be:a9:
ca:9d:9f:1e:75:53:f0:bf:0d:9b:6c:3b:13:f4:03:a5:b4:5f:
6b:b1:69:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcMsLwHrXw5quW/STAUjpa8qPj2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMjJaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYjk4NWJkN2RlNDZlMjY4MDEzNTU2ZGE5ZjQ2YzI4MTBkZTlkNjYxNmM2
NDU1NDczMzQzM2NhNTk3MTU1ZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdvf7a1DyJjg8uj/RdnJ9q/2EV0JxjKESpXUAlN7w/EoDCcHPejG0X3Efv5
TdJCfpxA/Z/h9n5FEUMg82fUlCbYMHgBkqGtolYhkeDilrTs34lbnBfFfi0TmTpG
eeHDEtAXsq3e6fyrT9r3V3eroBqG/RZR5nFtrYsf7ahbauJTzI42fFad+/292ArQ
Jofd77dU4grzGeDu4SEBdQKAhGeEcU+ifh/H4tpLyFQ91cy+7fLP3xfJUW3+ia7I
63zV53laQrynqX2wde/NeynGgeuRkN6WAUP8H5qUubivPB3BDb5X2qT1REtSvQUW
M/lojinouAouIzM6+wTV71rmFYkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvTpDZ
AqJbPNsECNmFx+IFHUCa5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGE1N2U5ODItYzZiOC00YWE3LWIzMGEtMzhiZWQ2NGRmYzMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+A
MA0GCSqGSIb3DQEBCwUAA4IBAQCs5bGEQzIsUEI3eF4FjZ5rUFn7NdFGvjrKHwbR
WI9R1n/Qk4Fgn2LTzEtD79bhkSj9MWsTMgo9pTrX8hdtfo/AMURHPDIZINnD36x7
0eZfsd/Mzvc9CsBrEgAISSmRNZjuiEmdt0KaFS5dqpXNDvLZUPUUIXsDMYczcE/i
t1TepAm2d39qWU3eqXDPrKV23J7vsFyw/tOdAoYamBy444ZSt2nrwiSavok6nePT
x1j3GPGiEGheqfyfoUpq2ufO0rydQvVIiyggU3R8U3s+bV+ME1y5uIbNZ1etPmm8
53Ki7R4FXFwEIlIQvqnKnZ8edVPwvw2bbDsT9AOltF9rsWlY
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:07 2025 by rpki-client