Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json)
Hash identifier: 8+l6F8NBOrHgjLalaL8vOa2aaZY3CtZtvxSUNRJkFbQ=
Subject key identifier: AE:AF:38:17:64:A2:09:0A:14:8D:85:5B:F9:EE:21:CD:7E:D7:B6:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 577C1FAAF1C02F0697B0E2947A3EC56CF9CF40B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
Signing time: Mon 16 Jun 2025 20:21:17 +0000
ROA not before: Mon 16 Jun 2025 20:21:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:7c:1f:aa:f1:c0:2f:06:97:b0:e2:94:7a:3e:c5:6c:f9:cf:40:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:21:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=62188732381b3595925676989da6552ab44194506bcf90ae072b366da9247beb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4b:93:81:50:19:0f:79:5c:ea:b6:7c:01:6e:
48:4f:69:7f:5a:c5:9c:fe:59:7a:c9:69:79:4b:4b:
d0:39:ab:67:87:30:7a:d7:9b:a6:a8:ed:48:fb:12:
09:42:08:8a:88:32:e6:82:10:20:ba:ad:c0:dc:1f:
35:5a:43:1b:23:fc:b6:54:96:6e:36:3a:01:a6:d4:
1c:d3:b2:dd:44:56:0f:ee:74:4d:e4:56:13:0c:9e:
dc:aa:af:28:30:c3:fb:14:a4:b9:fa:6d:59:6d:61:
ea:09:9d:2c:1a:df:97:25:50:d6:0f:4a:0c:4a:f9:
95:6a:b5:df:be:47:e3:69:cd:73:41:c6:c7:6a:57:
45:1e:b0:f1:53:71:ee:c0:79:1a:3e:18:33:0e:0a:
59:25:25:b4:58:fe:b7:0d:a3:ab:4e:de:8d:73:c8:
b7:a4:1b:41:83:18:30:0a:3e:f9:f3:e0:09:70:15:
ec:eb:db:ea:ab:04:fa:09:c3:99:7e:61:7b:c3:c3:
fd:ce:2a:fc:f8:35:96:f0:14:a1:29:b6:86:e4:f8:
82:6a:f6:9e:2c:b2:93:a2:16:96:d6:70:a0:4e:71:
5c:98:2a:b4:de:b9:f7:50:34:ec:61:af:2e:02:ce:
33:05:5a:fb:01:ba:6b:03:f9:4f:07:e2:7e:9c:c8:
44:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:AF:38:17:64:A2:09:0A:14:8D:85:5B:F9:EE:21:CD:7E:D7:B6:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2080::/48
Signature Algorithm: sha256WithRSAEncryption
85:37:e7:b0:3b:57:ed:d6:2f:bd:79:35:6e:3b:83:37:df:04:
f6:01:47:cd:da:e8:db:0b:7a:64:5e:fe:be:bf:0c:c4:23:e8:
12:fa:e3:4f:4b:df:de:e2:21:e6:e8:1d:39:9f:f2:3e:31:ea:
a0:7c:c8:45:c3:c0:47:b3:38:95:86:d0:bf:70:af:62:08:0a:
0d:32:a4:59:37:f4:76:0f:57:72:d6:1a:30:5d:59:38:01:37:
46:24:d6:7a:fe:25:16:ba:b3:45:6e:8d:30:cc:bb:61:15:9d:
00:f0:d4:a5:3c:9a:cd:69:40:54:c2:16:83:af:22:99:92:35:
d1:45:72:bf:60:ae:92:5e:cd:f3:02:82:85:90:1a:dc:e3:70:
10:f8:d9:a0:a2:44:4e:59:33:37:93:f8:3c:38:62:99:14:49:
f7:3a:7f:26:4c:ee:92:4a:db:19:3d:c8:38:34:d0:f8:77:cb:
b1:d6:8d:b8:7a:3c:9f:dd:56:1d:8e:fc:9c:cf:38:88:e5:e6:
ee:24:27:a1:fb:70:11:68:83:bf:30:80:77:aa:bb:6f:7c:4f:
6b:73:c1:ab:26:d3:4d:bc:8a:ba:b6:8d:f8:4d:24:22:57:6d:
78:a3:74:78:69:ed:3c:b0:b9:ca:9b:d9:01:93:02:a3:56:65:
84:1a:69:7c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUV3wfqvHALwaXsOKUej7FbPnPQLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIxMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMTg4NzMyMzgxYjM1OTU5MjU2NzY5ODlkYTY1NTJhYjQ0MTk0NTA2YmNm
OTBhZTA3MmIzNjZkYTkyNDdiZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBLk4FQGQ95XOq2fAFuSE9pf1rFnP5ZeslpeUtL0DmrZ4cwetebpqjtSPsS
CUIIiogy5oIQILqtwNwfNVpDGyP8tlSWbjY6AabUHNOy3URWD+50TeRWEwye3Kqv
KDDD+xSkufptWW1h6gmdLBrflyVQ1g9KDEr5lWq1375H42nNc0HGx2pXRR6w8VNx
7sB5Gj4YMw4KWSUltFj+tw2jq07ejXPIt6QbQYMYMAo++fPgCXAV7Ovb6qsE+gnD
mX5he8PD/c4q/Pg1lvAUoSm2huT4gmr2niyyk6IWltZwoE5xXJgqtN6591A07GGv
LgLOMwVa+wG6awP5TwfifpzIRK0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSurzgX
ZKIJChSNhVv57iHNfte2vDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
gDANBgkqhkiG9w0BAQsFAAOCAQEAhTfnsDtX7dYvvXk1bjuDN98E9gFHzdro2wt6
ZF7+vr8MxCPoEvrjT0vf3uIh5ugdOZ/yPjHqoHzIRcPAR7M4lYbQv3CvYggKDTKk
WTf0dg9XctYaMF1ZOAE3RiTWev4lFrqzRW6NMMy7YRWdAPDUpTyazWlAVMIWg68i
mZI10UVyv2Cukl7N8wKChZAa3ONwEPjZoKJETlkzN5P4PDhimRRJ9zp/Jkzukkrb
GT3IODTQ+HfLsdaNuHo8n91WHY78nM84iOXm7iQnoftwEWiDvzCAd6q7b3xPa3PB
qybTTbyKuraN+E0kIldteKN0eGntPLC5ypvZAZMCo1ZlhBppfA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:17 2025 by rpki-client