Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
File: 8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa (raw, json)
Hash identifier: ovYPC0Grn/TPdnLjA6aS6hUqiBtl7/DVjK69T02qSDQ=
Subject key identifier: 43:E8:19:95:E5:D3:95:93:96:AB:9D:D9:45:20:C9:8C:07:E1:8F:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B8C94FECF06FA866F3CBEE3670EE892F9816093
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
Signing time: Mon 16 Jun 2025 21:31:12 +0000
ROA not before: Mon 16 Jun 2025 21:31:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:8c:94:fe:cf:06:fa:86:6f:3c:be:e3:67:0e:e8:92:f9:81:60:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b7d384cbf0b1e6d6577b943008c1ca9507bd10974de698bb45a06db8de29b4aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7e:d4:01:21:41:ef:82:27:63:87:83:2e:7b:
aa:d2:06:e6:3f:ae:fc:3b:6b:e0:22:74:50:57:7e:
c1:f3:e5:fd:49:66:dd:2f:13:7b:cf:40:95:42:57:
02:8f:6f:9d:b9:91:15:a0:29:c6:50:44:4e:52:ea:
56:ce:92:de:28:9c:fb:15:12:d6:bf:43:5c:f2:51:
7a:03:1a:df:7a:06:71:57:44:52:44:1a:06:b0:63:
43:f2:a9:81:02:d4:48:b6:1d:58:dc:f7:8c:99:1f:
1c:c0:17:6d:f8:f3:78:d0:75:33:ab:47:1f:be:de:
89:3d:12:db:ce:ec:71:8a:f4:d3:93:c4:08:92:bb:
bc:88:8c:8e:82:d7:05:fb:04:b6:d9:0a:d3:17:d3:
80:24:d6:ae:60:d3:fd:42:17:8b:0a:5b:3e:18:16:
4c:cc:68:e6:30:21:a6:be:54:d8:61:28:ec:e9:9f:
00:e1:5f:fb:29:54:77:93:db:77:1b:f3:39:64:01:
73:f9:fc:64:21:e9:6c:53:53:f6:fa:c4:c3:0d:c6:
6f:23:39:5b:5c:e8:a2:f9:30:68:d7:7a:94:78:d4:
62:3b:04:b6:88:f6:4e:41:ae:7f:f8:49:b6:e8:95:
e3:52:f3:c8:94:1e:d4:de:90:34:b1:80:c8:8f:b3:
c7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E8:19:95:E5:D3:95:93:96:AB:9D:D9:45:20:C9:8C:07:E1:8F:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:800::/38
Signature Algorithm: sha256WithRSAEncryption
b6:e0:6b:4b:fe:49:06:9b:58:ed:d8:45:c4:9f:3a:8c:25:a1:
40:54:9d:f5:f2:e1:9a:74:c9:7c:e7:e0:df:a1:9f:63:d4:55:
44:3f:b0:3a:44:fb:ec:64:b2:8f:2a:b1:6c:e6:01:56:66:7e:
96:16:8b:f7:f0:a4:40:40:a6:da:7f:5b:31:27:d1:8c:1a:3f:
b3:da:19:64:58:f2:87:ff:5b:1e:2f:6e:57:df:a7:55:9f:84:
85:2c:de:9f:ef:b4:b8:6f:9f:da:18:a2:0d:0b:75:dc:b1:25:
98:13:2d:4f:9b:20:48:87:43:b9:29:0c:8f:d5:f2:ee:78:50:
ef:9b:f9:cc:ae:9f:f2:0f:27:bf:2a:6b:8e:5b:d1:0d:65:80:
a5:33:d0:dd:ac:66:e4:f3:ef:c5:05:5b:9b:fd:f0:63:91:dc:
62:cf:80:f8:1e:6c:01:25:f5:b3:14:7a:bf:c2:76:00:e4:a4:
b9:91:33:ea:4c:dc:20:34:06:a1:15:51:7a:e3:60:34:5a:ec:
b1:11:35:e3:7e:3e:ed:84:c5:18:92:a8:66:69:5d:57:9e:61:
cf:bb:9c:7e:5e:7a:77:d7:9f:75:63:54:75:8c:91:4f:88:da:
c6:2d:e2:fc:d5:af:76:71:84:e2:4a:20:8f:f8:5f:6a:3e:dc:
d3:b2:54:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe4yU/s8G+oZvPL7jZw7okvmBYJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3ZDM4NGNiZjBiMWU2ZDY1NzdiOTQzMDA4YzFjYTk1MDdiZDEwOTc0ZGU2
OThiYjQ1YTA2ZGI4ZGUyOWI0YWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKV+1AEhQe+CJ2OHgy57qtIG5j+u/Dtr4CJ0UFd+wfPl/Ulm3S8Te89AlUJX
Ao9vnbmRFaApxlBETlLqVs6S3iic+xUS1r9DXPJRegMa33oGcVdEUkQaBrBjQ/Kp
gQLUSLYdWNz3jJkfHMAXbfjzeNB1M6tHH77eiT0S287scYr005PECJK7vIiMjoLX
BfsEttkK0xfTgCTWrmDT/UIXiwpbPhgWTMxo5jAhpr5U2GEo7OmfAOFf+ylUd5Pb
dxvzOWQBc/n8ZCHpbFNT9vrEww3GbyM5W1zoovkwaNd6lHjUYjsEtoj2TkGuf/hJ
tuiV41LzyJQe1N6QNLGAyI+zx1MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRD6BmV
5dOVk5arndlFIMmMB+GPAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNhNTA3N2ItMDk4Ny00YTY1LWI4ZmYtYTFlMjdmNzZjZDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoI
MA0GCSqGSIb3DQEBCwUAA4IBAQC24GtL/kkGm1jt2EXEnzqMJaFAVJ318uGadMl8
5+DfoZ9j1FVEP7A6RPvsZLKPKrFs5gFWZn6WFov38KRAQKbaf1sxJ9GMGj+z2hlk
WPKH/1seL25X36dVn4SFLN6f77S4b5/aGKINC3XcsSWYEy1PmyBIh0O5KQyP1fLu
eFDvm/nMrp/yDye/KmuOW9ENZYClM9DdrGbk8+/FBVub/fBjkdxiz4D4HmwBJfWz
FHq/wnYA5KS5kTPqTNwgNAahFVF642A0WuyxETXjfj7thMUYkqhmaV1XnmHPu5x+
Xnp31591Y1R1jJFPiNrGLeL81a92cYTiSiCP+F9qPtzTslTn
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:26:21 2025 by rpki-client