Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
File: 9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa (raw, json)
Hash identifier: OUnu/lyLeHXcA4s+jAvzOBmWYsT9fEsit8tX37/xyhM=
Subject key identifier: 63:68:0D:8B:2F:36:BD:59:7F:16:99:40:42:BD:B6:E5:EE:4F:C3:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4524F626CDFA7198ED9B46D171C38E1AD35FBE5D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
Signing time: Mon 16 Jun 2025 20:20:39 +0000
ROA not before: Mon 16 Jun 2025 20:20:39 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:24:f6:26:cd:fa:71:98:ed:9b:46:d1:71:c3:8e:1a:d3:5f:be:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:39 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f901c0d9062da4c67da183447fba4a981879093c7e6d56b626952121c95d3974, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f3:6e:84:d1:f8:a7:52:03:49:fa:f8:88:02:
eb:db:5d:ef:10:25:24:08:34:33:6b:11:16:fe:24:
7f:f3:18:62:77:6e:36:9c:32:69:ad:e6:f3:af:f3:
ad:bb:92:7d:86:8c:fd:a1:f0:ae:01:74:23:00:63:
54:9e:0e:79:c8:10:85:79:3d:3f:04:de:60:7c:86:
41:6c:85:35:60:09:1e:35:91:85:6a:ad:ef:b1:7c:
62:cd:db:6d:7a:d7:4c:41:ba:e6:ec:7a:c5:4c:c7:
ed:5d:fc:5a:23:c5:e6:83:c0:ea:1a:fb:92:06:da:
c1:20:6a:0d:c6:17:ba:98:7b:51:60:8b:6b:2d:5e:
09:a6:04:6b:2d:10:dc:ca:a9:9a:12:5b:14:87:e4:
6d:08:51:67:f7:aa:bc:d2:08:fb:b8:52:70:0b:23:
09:80:e3:07:56:af:b5:ed:3b:2c:12:30:6e:6f:ca:
98:c8:01:4a:15:60:59:f2:93:d6:39:03:3a:bd:ee:
48:99:81:65:84:b3:6d:4b:9d:7f:40:3c:57:7b:10:
59:8a:c4:bc:53:ab:c4:27:c2:0f:e6:f3:23:7b:f9:
f3:7d:6e:81:94:07:a8:e6:3f:2a:c1:da:a0:65:80:
25:68:41:ac:69:4f:8a:a8:59:58:f7:2b:8a:65:35:
e4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:68:0D:8B:2F:36:BD:59:7F:16:99:40:42:BD:B6:E5:EE:4F:C3:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a9:4c:07:73:d1:d2:88:de:4a:7d:07:d3:dc:91:d0:43:c4:ea:
93:8a:2f:53:60:6a:dd:21:d6:d7:75:48:06:3f:12:73:23:cf:
ca:7a:07:22:c5:50:ea:e4:a9:60:29:1b:9b:53:c7:25:33:95:
2c:7c:f6:ee:67:17:27:07:eb:12:ea:fb:0c:42:a0:5e:f6:38:
0c:12:3d:44:ab:8b:51:0c:d8:6d:68:37:ca:45:b2:18:c6:5f:
5f:48:fa:9b:81:6f:d9:3f:a2:66:8b:73:c1:84:3e:b6:6d:ee:
ef:af:02:e4:cf:23:16:bd:dd:25:18:96:86:21:a7:17:3f:86:
8f:57:c1:f7:35:24:7c:64:25:be:44:23:fa:d4:c3:2d:14:9c:
65:7d:e1:de:bb:36:16:ad:2c:91:23:9a:78:b6:a0:44:1a:3d:
bc:ff:7b:16:d8:4a:99:cb:3d:4f:5a:9a:64:65:4e:12:d5:cb:
34:26:98:46:d2:36:82:96:ac:5c:81:aa:c3:54:f9:53:d0:bd:
60:36:0b:48:d3:12:4b:d1:fd:12:e6:72:87:11:a0:fb:dc:e2:
fe:0d:56:55:e5:14:a5:a0:16:a3:d9:ca:15:b3:83:15:dd:36:
7c:e6:7f:4e:e2:87:12:49:e5:68:72:29:89:76:55:7d:d2:a2:
cd:84:9e:dc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURST2Js36cZjtm0bRccOOGtNfvl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwMzlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MDFjMGQ5MDYyZGE0YzY3ZGExODM0NDdmYmE0YTk4MTg3OTA5M2M3ZTZk
NTZiNjI2OTUyMTIxYzk1ZDM5NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIrzboTR+KdSA0n6+IgC69td7xAlJAg0M2sRFv4kf/MYYnduNpwyaa3m86/z
rbuSfYaM/aHwrgF0IwBjVJ4OecgQhXk9PwTeYHyGQWyFNWAJHjWRhWqt77F8Ys3b
bXrXTEG65ux6xUzH7V38WiPF5oPA6hr7kgbawSBqDcYXuph7UWCLay1eCaYEay0Q
3MqpmhJbFIfkbQhRZ/eqvNII+7hScAsjCYDjB1avte07LBIwbm/KmMgBShVgWfKT
1jkDOr3uSJmBZYSzbUudf0A8V3sQWYrEvFOrxCfCD+bzI3v5831ugZQHqOY/KsHa
oGWAJWhBrGlPiqhZWPcrimU15AcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjaA2L
Lza9WX8WmUBCvbbl7k/D5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZkOTg3ZmEtMzBlOC00MGJjLTg5YzItZDg5NzA1ZDVmYjgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACg
MA0GCSqGSIb3DQEBCwUAA4IBAQCpTAdz0dKI3kp9B9PckdBDxOqTii9TYGrdIdbX
dUgGPxJzI8/KegcixVDq5KlgKRubU8clM5UsfPbuZxcnB+sS6vsMQqBe9jgMEj1E
q4tRDNhtaDfKRbIYxl9fSPqbgW/ZP6Jmi3PBhD62be7vrwLkzyMWvd0lGJaGIacX
P4aPV8H3NSR8ZCW+RCP61MMtFJxlfeHeuzYWrSyRI5p4tqBEGj28/3sW2EqZyz1P
WppkZU4S1cs0JphG0jaClqxcgarDVPlT0L1gNgtI0xJL0f0S5nKHEaD73OL+DVZV
5RSloBaj2coVs4MV3TZ85n9O4ocSSeVocimJdlV90qLNhJ7c
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:30 2025 by rpki-client