Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
File: 8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa (raw, json)
Hash identifier: FEnbRzqvs1xM4Utyf4/eHTknjHxbVgkCNa/7wTqqiiY=
Subject key identifier: AA:7D:5D:37:AE:3F:57:B5:CC:0B:A5:D9:FC:16:F8:23:50:8A:41:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3179F20AEDE9F148AB1FA18EEB81CE0757421633
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
Signing time: Thu 26 Jun 2025 19:52:07 +0000
ROA not before: Thu 26 Jun 2025 19:52:07 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:79:f2:0a:ed:e9:f1:48:ab:1f:a1:8e:eb:81:ce:07:57:42:16:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:52:07 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=6de4bc2dea2039bd150b5b4614f2f9a2bbc70bd62dedf3e2cca10401c7910794, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:fc:22:d6:14:e8:fa:6c:ad:9d:d0:58:82:ab:
ce:54:20:80:03:fa:78:fe:bc:89:24:01:18:69:57:
76:d4:c9:57:20:ec:06:02:8f:c1:b3:1f:55:ae:d9:
57:b1:1f:b7:3f:b7:83:dd:4b:b4:c7:6d:a5:93:4a:
9f:21:44:31:48:7b:c5:96:1f:80:b8:94:fd:6b:72:
f5:56:77:ae:f4:dc:06:6d:d6:19:16:c1:14:1e:75:
b3:74:14:2a:b0:18:6f:7b:04:f9:18:6a:a8:00:0d:
d1:b8:6f:4e:6e:7c:d7:78:e8:16:fe:21:84:62:d0:
c9:c1:45:d8:31:93:98:68:88:d8:7f:0a:e2:05:45:
f1:a0:19:fc:c9:fc:7a:ec:93:15:a7:43:d1:13:e7:
6a:f1:d6:a3:4c:05:48:f3:90:a1:5e:10:94:1f:4e:
10:39:61:fe:a2:a1:b6:68:89:28:d1:6a:2d:b3:ac:
07:11:4b:18:0d:f9:9c:20:82:74:09:e8:2e:9f:9d:
c7:58:89:df:23:3b:30:6b:96:8d:60:32:85:f2:ac:
32:da:eb:eb:97:46:6e:78:7e:7e:11:d8:6c:19:42:
72:d6:81:55:6c:4a:73:2a:79:91:37:6f:d2:9d:5c:
b6:87:4b:27:c1:eb:64:69:e5:8c:ee:cb:e6:06:bc:
e9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7D:5D:37:AE:3F:57:B5:CC:0B:A5:D9:FC:16:F8:23:50:8A:41:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8000::/40
Signature Algorithm: sha256WithRSAEncryption
63:d3:cf:c6:f3:a5:1c:e9:ec:26:ed:91:bf:fa:2c:9d:c0:7c:
6f:ad:96:a3:f5:a0:81:4e:a8:65:77:d7:db:69:2d:74:12:42:
c8:6b:a1:d8:06:db:e0:3e:30:25:c7:a8:31:e5:85:0d:c0:3f:
b0:3c:63:e9:da:eb:5d:97:38:7c:f6:6e:74:51:74:b4:65:8a:
f0:23:a1:c1:09:06:33:70:ab:f0:e1:9a:b1:79:9b:37:02:81:
08:c8:8a:7b:67:6c:6c:61:06:94:48:5d:20:ee:a2:53:f0:c7:
de:98:c4:cc:3c:8b:67:97:2c:3a:44:6f:87:17:b1:ec:f3:d4:
af:2f:30:4c:07:fa:3d:cc:6a:d9:ad:11:52:be:9b:b5:45:d0:
93:2b:e6:db:b2:d9:76:cb:0b:d7:d3:1f:67:c8:f5:a8:cf:da:
1e:aa:20:d9:17:47:ed:55:af:c7:66:ae:5a:b5:39:9a:26:85:
1d:4f:85:7d:9e:12:25:ba:8c:cd:87:0d:ec:a4:cf:ba:71:a8:
3e:f3:85:fa:a3:06:67:82:0b:ec:2a:c1:b7:87:38:ee:12:d4:
05:21:8f:fa:0e:a5:c9:b9:c5:b4:2e:d0:46:60:ac:1f:6a:2a:
6f:eb:cd:c9:68:93:84:a6:84:38:37:7b:b6:5b:1a:1f:36:1d:
78:8a:34:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMXnyCu3p8UirH6GO64HOB1dCFjMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTUyMDdaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkZTRiYzJkZWEyMDM5YmQxNTBiNWI0NjE0ZjJmOWEyYmJjNzBiZDYyZGVk
ZjNlMmNjYTEwNDAxYzc5MTA3OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAID8ItYU6PpsrZ3QWIKrzlQggAP6eP68iSQBGGlXdtTJVyDsBgKPwbMfVa7Z
V7Eftz+3g91LtMdtpZNKnyFEMUh7xZYfgLiU/Wty9VZ3rvTcBm3WGRbBFB51s3QU
KrAYb3sE+RhqqAAN0bhvTm5813joFv4hhGLQycFF2DGTmGiI2H8K4gVF8aAZ/Mn8
euyTFadD0RPnavHWo0wFSPOQoV4QlB9OEDlh/qKhtmiJKNFqLbOsBxFLGA35nCCC
dAnoLp+dx1iJ3yM7MGuWjWAyhfKsMtrr65dGbnh+fhHYbBlCctaBVWxKcyp5kTdv
0p1ctodLJ8HrZGnljO7L5ga86SUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqfV03
rj9XtcwLpdn8FvgjUIpBzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGY2Y2FiNmYtNDRiZS00ZjgwLTkwNDAtYzJmOWFiMGUwNTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOA
MA0GCSqGSIb3DQEBCwUAA4IBAQBj08/G86Uc6ewm7ZG/+iydwHxvrZaj9aCBTqhl
d9fbaS10EkLIa6HYBtvgPjAlx6gx5YUNwD+wPGPp2utdlzh89m50UXS0ZYrwI6HB
CQYzcKvw4ZqxeZs3AoEIyIp7Z2xsYQaUSF0g7qJT8MfemMTMPItnlyw6RG+HF7Hs
89SvLzBMB/o9zGrZrRFSvpu1RdCTK+bbstl2ywvX0x9nyPWoz9oeqiDZF0ftVa/H
Zq5atTmaJoUdT4V9nhIluozNhw3spM+6cag+84X6owZnggvsKsG3hzjuEtQFIY/6
DqXJucW0LtBGYKwfaipv683JaJOEpoQ4N3u2WxofNh14ijTS
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:00:12 2025 by rpki-client