Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
File: cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa (raw, json)
Hash identifier: Nbn2/RoH0ZHgXs8+bk2wC8w2HdhxmOIvrbZI4N6JVzg=
Subject key identifier: F2:7B:DA:E2:70:5B:09:9D:05:25:4C:A6:73:F2:17:97:50:2E:DF:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03C965A45A27224CAC7159B2842CEFCF135AF268
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
Signing time: Mon 16 Jun 2025 21:40:14 +0000
ROA not before: Mon 16 Jun 2025 21:40:14 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c9:65:a4:5a:27:22:4c:ac:71:59:b2:84:2c:ef:cf:13:5a:f2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:14 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e1a4c3d7ca3682d01e599a9d6178f64b19a9397b43305d164198a0f72af4b7d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a0:8a:1a:7c:78:bb:e7:73:1f:3a:e8:46:bb:
99:3a:bd:09:fa:1a:ae:02:5a:94:51:77:cc:c0:db:
97:ab:96:64:62:b1:24:9d:8b:ec:87:b1:12:a0:b7:
73:22:f2:e7:38:7c:e0:33:5e:c4:07:12:a8:80:f5:
49:93:95:8c:24:1e:87:5b:6e:a8:37:95:78:c0:a6:
a8:a1:56:ff:9a:2a:99:1d:46:94:f2:88:fe:f2:00:
a9:ac:ff:6c:4f:c2:fa:88:6a:5d:f7:6a:58:84:ff:
47:5e:4e:1a:33:66:bf:07:e3:d1:20:f7:74:ab:0f:
21:e0:57:06:3e:ae:66:0d:cc:db:7a:f7:d2:d6:14:
e3:ca:1b:29:46:01:e3:69:ab:4f:d2:67:fe:0b:8c:
53:dd:ec:21:77:ee:3f:41:5e:fc:2b:de:06:c4:08:
35:7e:6a:ed:3e:81:1f:0b:14:bb:fc:43:2a:23:a4:
09:bf:e6:ad:e0:c4:11:60:70:f7:8a:d3:c2:70:6f:
c7:5c:db:ce:c0:43:d9:29:80:45:0d:a9:73:d2:29:
79:1c:af:d3:7b:76:b1:4a:3a:f5:d7:91:1a:65:ce:
95:9c:3b:c5:24:82:87:40:eb:f0:e4:46:bb:6b:a9:
0f:e2:16:a2:c9:60:49:00:54:d4:61:0c:cd:66:30:
60:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7B:DA:E2:70:5B:09:9D:05:25:4C:A6:73:F2:17:97:50:2E:DF:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:c00::/38
Signature Algorithm: sha256WithRSAEncryption
2f:55:0c:0d:7a:f1:d3:87:ad:71:ac:b2:2e:97:a9:2f:ec:4f:
8b:17:d7:2f:40:e9:4b:73:4b:8a:65:2a:92:cf:10:eb:9b:78:
65:f9:bf:44:a0:e2:1d:d7:ed:b6:9a:25:0d:40:ef:46:c9:3d:
db:e0:9f:3d:bc:b5:3f:7e:a0:bb:dc:36:ba:3b:d2:61:56:25:
0f:98:8e:7d:98:5e:63:49:05:65:81:fe:9c:73:97:4d:f6:2f:
f5:34:92:3d:f2:f1:96:c6:90:fa:5f:a3:1f:01:fc:6c:4e:f2:
da:0f:03:ca:27:d4:f8:05:11:50:bc:a6:e0:ec:e3:a9:39:cb:
25:9f:c4:a5:a2:f5:15:2e:1e:fa:ff:49:a3:da:25:a5:d7:3e:
99:10:ea:36:03:87:2e:01:8a:47:9f:a3:87:2e:c9:5a:7e:bb:
7f:35:cf:e3:84:53:e8:42:70:00:12:f4:e0:03:49:f1:e0:ce:
8f:b8:ac:fe:d1:e6:dc:89:47:86:f3:4b:d4:14:c1:51:b4:47:
bb:34:e6:75:cf:d1:d2:cb:0d:5e:1c:bd:2e:8b:8e:bf:c4:a3:
14:08:c6:a7:25:89:37:50:cf:28:d9:f1:e9:e8:b5:dc:86:e7:
b6:e6:64:b1:70:a7:03:92:e9:46:ae:aa:fd:cb:75:4b:ec:b2:
55:43:30:cf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA8llpFonIkyscVmyhCzvzxNa8mgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwMTRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxYTRjM2Q3Y2EzNjgyZDAxZTU5OWE5ZDYxNzhmNjRiMTlhOTM5N2I0MzMw
NWQxNjQxOThhMGY3MmFmNGI3ZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALagihp8eLvncx866Ea7mTq9CfoargJalFF3zMDbl6uWZGKxJJ2L7IexEqC3
cyLy5zh84DNexAcSqID1SZOVjCQeh1tuqDeVeMCmqKFW/5oqmR1GlPKI/vIAqaz/
bE/C+ohqXfdqWIT/R15OGjNmvwfj0SD3dKsPIeBXBj6uZg3M23r30tYU48obKUYB
42mrT9Jn/guMU93sIXfuP0Fe/CveBsQINX5q7T6BHwsUu/xDKiOkCb/mreDEEWBw
94rTwnBvx1zbzsBD2SmARQ2pc9IpeRyv03t2sUo69deRGmXOlZw7xSSCh0Dr8ORG
u2upD+IWoslgSQBU1GEMzWYwYNsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTye9ri
cFsJnQUlTKZz8heXUC7fvjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I1ZWU0YzEtZGQzNi00OWE5LThiMDktODlkNThhYTgwMzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEM
MA0GCSqGSIb3DQEBCwUAA4IBAQAvVQwNevHTh61xrLIul6kv7E+LF9cvQOlLc0uK
ZSqSzxDrm3hl+b9EoOId1+22miUNQO9GyT3b4J89vLU/fqC73Da6O9JhViUPmI59
mF5jSQVlgf6cc5dN9i/1NJI98vGWxpD6X6MfAfxsTvLaDwPKJ9T4BRFQvKbg7OOp
Ocsln8SlovUVLh76/0mj2iWl1z6ZEOo2A4cuAYpHn6OHLslafrt/Nc/jhFPoQnAA
EvTgA0nx4M6PuKz+0ebciUeG80vUFMFRtEe7NOZ1z9HSyw1eHL0ui46/xKMUCMan
JYk3UM8o2fHp6LXchue25mSxcKcDkulGrqr9y3VL7LJVQzDP
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:59 2025 by rpki-client