Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
File: ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa (raw, json)
Hash identifier: 1K5TKS1DCRHAE9KCQM7ypgX0S1E5geWwWYH3Lk6wuqY=
Subject key identifier: F1:DA:7F:0D:9A:F0:99:28:00:D7:EB:B8:E5:E6:26:46:82:F5:65:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 620826534DE271AD572E33E145BB7EE8C19131CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
Signing time: Mon 16 Jun 2025 21:31:33 +0000
ROA not before: Mon 16 Jun 2025 21:31:33 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:08:26:53:4d:e2:71:ad:57:2e:33:e1:45:bb:7e:e8:c1:91:31:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:33 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=58775d163a06095d42d6fd65425ce9c906efe365cbb93992586cc45581c097ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:14:13:c3:bb:f7:26:39:bc:5a:d8:8a:b9:bd:
71:5a:25:e6:d1:10:d2:a8:e0:8a:d4:d1:bd:e1:38:
66:9d:b7:2d:81:f2:18:f1:45:6f:3b:e6:c1:da:c1:
ee:92:81:52:7e:92:d1:6b:9d:e9:b4:15:ad:d6:c3:
14:17:48:37:6e:16:40:c8:8f:80:39:f1:92:6e:d3:
79:46:f8:c3:20:35:f4:89:78:6c:10:79:f8:eb:f9:
94:73:1b:2f:25:aa:69:42:ab:1f:ce:46:40:6f:82:
8e:dc:6a:90:34:0b:68:58:49:f2:29:9c:f0:81:3c:
44:e4:bd:12:19:2f:49:11:fe:59:1b:a3:7b:a3:34:
75:a8:0b:da:3a:f7:2d:ba:93:75:1d:62:6f:e7:32:
82:f9:95:9c:06:a1:4b:35:5a:6d:5b:6a:26:62:9c:
5e:42:d7:91:84:60:db:59:52:a0:50:b9:6b:51:c9:
ca:4d:cc:0a:75:9d:ee:8f:99:9c:bb:dd:63:ef:b0:
0c:37:e7:ce:60:19:46:7c:99:56:7a:b3:89:9f:0a:
aa:5f:85:ae:c1:23:b7:8a:32:f9:f1:bd:62:a6:70:
eb:1a:51:01:2c:24:e1:a7:32:5c:cd:a9:3c:c7:c7:
ac:04:ac:d9:4b:b9:53:da:f4:1e:12:5f:63:15:77:
64:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DA:7F:0D:9A:F0:99:28:00:D7:EB:B8:E5:E6:26:46:82:F5:65:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:8b:9c:7a:f4:7f:8c:42:6d:2b:cb:1c:8f:f1:21:af:be:a2:
55:69:1f:58:01:56:a5:69:d9:8b:51:0b:8f:6f:5f:74:af:4e:
e3:a9:70:9a:48:d1:81:f7:44:fb:b5:5b:71:0b:66:23:f0:95:
cf:3c:7e:39:b3:95:2b:f4:e8:58:56:cf:31:e4:43:54:2b:59:
21:1c:f4:c5:9f:08:8a:1f:5c:29:5d:17:2e:67:dd:4f:b1:f8:
8a:2d:df:36:fb:77:e5:ec:43:e3:db:a6:31:e5:e3:2c:ef:67:
64:bc:31:da:70:e3:2c:9d:da:03:7d:90:43:d7:63:57:98:23:
cc:06:c2:2c:37:ac:aa:4a:90:f7:d8:dd:b2:f4:0b:b9:d8:60:
06:9e:ba:17:f5:40:c4:57:d9:cb:39:2b:b3:4c:68:ab:6d:7f:
f7:d0:bc:47:b5:ea:df:26:28:00:e1:be:cb:bc:53:40:9a:a9:
d8:a8:6f:41:81:c7:bc:e5:3e:22:f0:e6:9e:99:53:f5:6f:d5:
c2:54:54:80:a9:b3:2c:be:c5:0d:68:28:90:2e:1e:80:63:aa:
d6:d9:0c:7e:61:b9:51:ad:7c:ff:5f:7b:83:d4:f0:6d:bd:f8:
bd:19:56:72:31:46:63:aa:a8:29:cd:0b:0c:90:7f:27:93:56:
af:2c:7b:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYggmU03ica1XLjPhRbt+6MGRMcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMzNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4Nzc1ZDE2M2EwNjA5NWQ0MmQ2ZmQ2NTQyNWNlOWM5MDZlZmUzNjVjYmI5
Mzk5MjU4NmNjNDU1ODFjMDk3YWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPEUE8O79yY5vFrYirm9cVol5tEQ0qjgitTRveE4Zp23LYHyGPFFbzvmwdrB
7pKBUn6S0Wud6bQVrdbDFBdIN24WQMiPgDnxkm7TeUb4wyA19Il4bBB5+Ov5lHMb
LyWqaUKrH85GQG+CjtxqkDQLaFhJ8imc8IE8ROS9EhkvSRH+WRuje6M0dagL2jr3
LbqTdR1ib+cygvmVnAahSzVabVtqJmKcXkLXkYRg21lSoFC5a1HJyk3MCnWd7o+Z
nLvdY++wDDfnzmAZRnyZVnqziZ8Kql+FrsEjt4oy+fG9YqZw6xpRASwk4acyXM2p
PMfHrASs2Uu5U9r0HhJfYxV3ZK8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTx2n8N
mvCZKADX67jl5iZGgvVlfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2U1NzdiYTItZDJhYy00ZTJhLWE0ZjktZWEzN2U5ZDU2OTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0g
MA0GCSqGSIb3DQEBCwUAA4IBAQB7i5x69H+MQm0ryxyP8SGvvqJVaR9YAValadmL
UQuPb190r07jqXCaSNGB90T7tVtxC2Yj8JXPPH45s5Ur9OhYVs8x5ENUK1khHPTF
nwiKH1wpXRcuZ91PsfiKLd82+3fl7EPj26Yx5eMs72dkvDHacOMsndoDfZBD12NX
mCPMBsIsN6yqSpD32N2y9Au52GAGnroX9UDEV9nLOSuzTGirbX/30LxHterfJigA
4b7LvFNAmqnYqG9Bgce85T4i8OaemVP1b9XCVFSAqbMsvsUNaCiQLh6AY6rW2Qx+
YblRrXz/X3uD1PBtvfi9GVZyMUZjqqgpzQsMkH8nk1avLHsT
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:27 2025 by rpki-client