Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
File: a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa (raw, json)
Hash identifier: 1OH7y3Kl6cI1fPMa7pp9gG12RTDLGt3QtgFEuDgnOHo=
Subject key identifier: 7F:83:77:8F:1A:A9:9F:C7:63:B7:B8:C4:22:5A:51:CD:20:C5:ED:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6247EE78A1047CC26153812DBFC7AE02D487121B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
Signing time: Mon 16 Jun 2025 20:10:56 +0000
ROA not before: Mon 16 Jun 2025 20:10:56 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:47:ee:78:a1:04:7c:c2:61:53:81:2d:bf:c7:ae:02:d4:87:12:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:10:56 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f068b0689bdce99cc03e6ff69ae02bba9ebdcd75a03fe0e4ac109a7a09c0f479, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:14:05:53:42:8a:90:9b:b2:74:c5:5a:bb:39:
d3:4a:5e:02:31:08:bf:17:86:b6:7a:da:68:96:a7:
09:3d:14:31:9c:af:61:8e:58:34:c3:d4:f8:9d:3a:
fb:ba:55:41:9b:3d:e1:88:16:9c:9a:bd:ec:24:ad:
d7:5b:75:af:ec:1b:bb:62:fe:90:4f:03:1e:e3:72:
ea:b4:d8:29:2e:aa:95:f5:08:0f:dc:db:4c:6a:85:
74:28:38:a4:da:9b:6a:d8:fc:58:d2:a8:1f:e2:dd:
68:c6:24:52:81:3a:ea:96:d2:5e:4b:39:62:9b:8a:
5a:03:dd:4d:08:5b:cc:d2:62:17:9a:e4:c6:f7:1a:
3e:55:9f:3d:ae:5f:3f:1c:a3:d8:3b:0d:12:40:e5:
cd:15:98:80:26:f7:1b:b1:e3:a2:e8:90:0f:22:52:
fd:0e:54:03:f3:a1:97:ce:ba:c3:6c:6d:88:ab:b3:
74:d9:0d:6a:70:42:49:7d:ce:c1:7d:8d:5b:c0:23:
dd:d4:06:62:87:ff:92:12:e8:9d:42:41:57:b1:1b:
d2:99:e4:c8:2b:70:9f:82:db:44:a9:32:21:f1:5e:
cd:e9:99:b0:36:ff:4f:74:e6:6b:0d:78:76:37:08:
9e:e1:ec:02:84:52:15:b4:99:28:43:ce:37:41:d6:
9d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:83:77:8F:1A:A9:9F:C7:63:B7:B8:C4:22:5A:51:CD:20:C5:ED:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6080::/48
Signature Algorithm: sha256WithRSAEncryption
34:58:b0:03:2e:50:f6:2b:51:3a:e4:8f:36:19:0c:4f:a8:c3:
9c:dd:27:01:7a:85:44:f0:88:23:ef:d2:21:9c:1f:57:cb:29:
6e:a4:3c:6b:89:41:c6:f4:a0:b6:f6:e1:de:6c:b8:37:74:ef:
0b:e0:4e:11:9c:05:9f:2c:01:a7:12:c3:ef:2e:da:94:e0:cc:
f1:f9:67:70:53:5c:ee:f2:4f:a8:05:e6:a9:4b:fb:70:c4:59:
2e:48:7d:52:f0:cd:24:f7:f5:8b:7f:67:69:69:73:73:8c:19:
ca:b8:98:68:b4:ac:4b:1d:a5:f7:96:36:06:8a:bd:88:56:27:
e8:62:78:a6:c5:1e:c9:b7:0d:52:7a:cc:75:7f:63:59:dc:a0:
69:20:86:3e:9a:f1:9d:9a:f9:50:42:2e:36:18:35:53:5e:e8:
35:e1:a0:a4:cb:b7:70:f1:1d:ce:69:56:7b:0f:ef:57:93:82:
03:d0:6e:fb:09:4c:6f:45:9a:99:de:d3:4a:0b:39:65:c5:96:
d0:1b:4a:ab:57:88:e6:08:05:26:be:31:53:15:52:dd:c0:fc:
29:d5:19:5f:9c:46:cd:24:69:bb:36:87:6c:33:13:ad:0e:fe:
7c:7d:22:36:ec:c2:4d:36:5b:be:9e:2a:0f:af:4f:c8:f7:77:
33:08:26:3f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYkfueKEEfMJhU4Etv8euAtSHEhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDEwNTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwNjhiMDY4OWJkY2U5OWNjMDNlNmZmNjlhZTAyYmJhOWViZGNkNzVhMDNm
ZTBlNGFjMTA5YTdhMDljMGY0NzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsUBVNCipCbsnTFWrs500peAjEIvxeGtnraaJanCT0UMZyvYY5YNMPU+J06
+7pVQZs94YgWnJq97CSt11t1r+wbu2L+kE8DHuNy6rTYKS6qlfUID9zbTGqFdCg4
pNqbatj8WNKoH+LdaMYkUoE66pbSXks5YpuKWgPdTQhbzNJiF5rkxvcaPlWfPa5f
Pxyj2DsNEkDlzRWYgCb3G7HjouiQDyJS/Q5UA/Ohl866w2xtiKuzdNkNanBCSX3O
wX2NW8Aj3dQGYof/khLonUJBV7Eb0pnkyCtwn4LbRKkyIfFezemZsDb/T3Tmaw14
djcInuHsAoRSFbSZKEPON0HWnVcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR/g3eP
Gqmfx2O3uMQiWlHNIMXtZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQwZTJjZjItZDZlNC00ODEzLWE1YWEtNjIzZWRhODkyNmU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
gDANBgkqhkiG9w0BAQsFAAOCAQEANFiwAy5Q9itROuSPNhkMT6jDnN0nAXqFRPCI
I+/SIZwfV8spbqQ8a4lBxvSgtvbh3my4N3TvC+BOEZwFnywBpxLD7y7alODM8fln
cFNc7vJPqAXmqUv7cMRZLkh9UvDNJPf1i39naWlzc4wZyriYaLSsSx2l95Y2Boq9
iFYn6GJ4psUeybcNUnrMdX9jWdygaSCGPprxnZr5UEIuNhg1U17oNeGgpMu3cPEd
zmlWew/vV5OCA9Bu+wlMb0Wamd7TSgs5ZcWW0BtKq1eI5ggFJr4xUxVS3cD8KdUZ
X5xGzSRpuzaHbDMTrQ7+fH0iNuzCTTZbvp4qD69PyPd3MwgmPw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:12 2025 by rpki-client