Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
File: 979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa (raw, json)
Hash identifier: WBqyRYCBev8LiAs10GMcpOWiPLtwv10ntiLCqyvGyRc=
Subject key identifier: 04:EF:63:A4:92:51:4B:2C:22:DA:5E:42:70:00:DD:23:42:7D:86:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71214617B8377BB21A88C65D5398D8A007255A82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
Signing time: Mon 16 Jun 2025 19:51:48 +0000
ROA not before: Mon 16 Jun 2025 19:51:48 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:21:46:17:b8:37:7b:b2:1a:88:c6:5d:53:98:d8:a0:07:25:5a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:48 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e2dbd6085f4383294c726171d1e47fbee554354753f0ad4e3e89ed781c432388, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1f:c8:a9:f8:62:bc:37:b2:4c:c4:a3:36:94:
96:2a:88:1d:52:7f:21:96:37:cf:0a:15:71:bd:2e:
66:cb:02:9f:d6:4e:49:c1:63:6c:e3:f3:23:3d:d6:
e7:93:16:20:16:a2:8a:a4:25:a4:83:f4:3c:cf:0b:
6a:c8:c6:45:88:c2:45:9f:ef:7e:ae:5b:12:50:a3:
75:c5:6c:a0:b9:45:93:71:ab:cb:e4:be:9d:2d:4f:
38:77:dd:7e:16:0e:a5:57:a2:ea:46:96:dd:15:86:
36:7d:26:15:b0:ec:ea:b0:7c:77:35:d2:c8:f6:5b:
3c:6e:f9:0f:d1:31:5f:40:40:7a:60:55:d6:ee:5a:
99:93:49:ce:87:4d:a1:38:33:ae:c1:1b:d8:da:f5:
31:2f:74:08:39:f9:95:4b:e1:9f:10:44:3c:d0:fc:
78:e6:cb:09:d6:99:26:ea:a7:a4:9b:5b:97:5f:c9:
84:6c:00:db:60:8b:92:c3:28:46:2a:0d:6e:be:74:
94:91:3b:b2:5b:f3:c2:b3:f7:a8:f1:e0:27:7a:fd:
58:44:85:08:2f:d3:0c:9a:21:f7:1f:53:d6:e5:30:
e4:8c:a8:b4:bb:ef:ca:45:c5:d9:36:62:6a:10:1a:
20:5c:7a:d0:da:ac:06:a1:3b:5d:bb:7e:62:6b:f8:
f8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EF:63:A4:92:51:4B:2C:22:DA:5E:42:70:00:DD:23:42:7D:86:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8040::/48
Signature Algorithm: sha256WithRSAEncryption
33:26:e0:83:92:47:b2:e3:fe:39:60:9e:a6:2d:04:c8:b9:d3:
01:a0:70:ec:3e:a7:e0:61:0b:c2:76:a4:0b:e8:e0:ce:88:72:
9a:c2:41:07:ec:e5:29:b8:2d:8c:f2:92:fc:26:a6:58:a8:d3:
a5:62:5a:bc:17:3c:bc:95:ac:75:05:bc:42:27:8b:96:1d:d5:
d9:c2:d8:8a:a5:71:e4:e4:31:57:4b:8a:39:40:ef:da:b6:75:
80:33:29:8f:e2:cf:5c:6e:06:70:77:1c:01:7e:36:5a:f7:2a:
f6:5c:0e:6d:0f:29:d8:dc:f9:1c:2c:b8:d2:fd:11:c1:0c:d1:
1f:77:7e:b2:27:49:14:66:4a:15:76:5e:08:be:3d:e8:86:9b:
3a:84:af:91:d1:88:20:ba:62:01:51:fb:b0:93:41:4c:7b:16:
ec:32:1d:fb:fd:f6:b2:2b:0d:82:6f:a7:c7:c7:3a:cf:ca:b1:
96:a0:1c:49:73:a7:4c:dd:6d:4b:db:29:e6:dd:e7:eb:6a:68:
f7:12:88:19:dd:81:15:fc:3c:0e:d5:8b:ee:bd:a2:c3:6b:e1:
26:a2:bb:0a:92:59:fc:24:43:6e:3d:2f:4c:66:0d:13:b3:d0:
b2:f4:43:18:6e:41:81:3e:12:d5:db:b0:ce:03:a6:2d:f5:6b:
d6:16:a8:6e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcSFGF7g3e7IaiMZdU5jYoAclWoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxNDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyZGJkNjA4NWY0MzgzMjk0YzcyNjE3MWQxZTQ3ZmJlZTU1NDM1NDc1M2Yw
YWQ0ZTNlODllZDc4MWM0MzIzODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4fyKn4Yrw3skzEozaUliqIHVJ/IZY3zwoVcb0uZssCn9ZOScFjbOPzIz3W
55MWIBaiiqQlpIP0PM8LasjGRYjCRZ/vfq5bElCjdcVsoLlFk3Gry+S+nS1POHfd
fhYOpVei6kaW3RWGNn0mFbDs6rB8dzXSyPZbPG75D9ExX0BAemBV1u5amZNJzodN
oTgzrsEb2Nr1MS90CDn5lUvhnxBEPND8eObLCdaZJuqnpJtbl1/JhGwA22CLksMo
RioNbr50lJE7slvzwrP3qPHgJ3r9WESFCC/TDJoh9x9T1uUw5IyotLvvykXF2TZi
ahAaIFx60NqsBqE7Xbt+Ymv4+CcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQE72Ok
klFLLCLaXkJwAN0jQn2GkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc5YmM3M2YtN2Q4Ny00Y2ZhLTkzYmQtMDM3OGNmMWQ2YWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
QDANBgkqhkiG9w0BAQsFAAOCAQEAMybgg5JHsuP+OWCepi0EyLnTAaBw7D6n4GEL
wnakC+jgzohymsJBB+zlKbgtjPKS/CamWKjTpWJavBc8vJWsdQW8QieLlh3V2cLY
iqVx5OQxV0uKOUDv2rZ1gDMpj+LPXG4GcHccAX42Wvcq9lwObQ8p2Nz5HCy40v0R
wQzRH3d+sidJFGZKFXZeCL496IabOoSvkdGIILpiAVH7sJNBTHsW7DId+/32sisN
gm+nx8c6z8qxlqAcSXOnTN1tS9sp5t3n62po9xKIGd2BFfw8DtWL7r2iw2vhJqK7
CpJZ/CRDbj0vTGYNE7PQsvRDGG5BgT4S1duwzgOmLfVr1haobg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:38:13 2025 by rpki-client