Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
File: cfca2455-b58e-43e0-a15f-276f8a5b527f.roa (raw, json)
Hash identifier: 7mmIHDQfgsE+ddGx5ux56XAj+2GzKTbvi4VKRlRJlPM=
Subject key identifier: BA:D9:15:37:5D:6E:47:0E:40:8E:52:7E:E3:E7:C8:4E:CC:52:3A:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77E6460EFFB61F2F1DEF32F0FB2D9B9794242156
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
Signing time: Mon 16 Jun 2025 20:00:57 +0000
ROA not before: Mon 16 Jun 2025 20:00:57 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:e6:46:0e:ff:b6:1f:2f:1d:ef:32:f0:fb:2d:9b:97:94:24:21:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:57 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8c77281f1025edfae4339c5f224a8f6ce873a6eacaf490f34c51faf4bbc9648a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7f:a1:60:96:96:9b:24:59:82:f6:d5:1b:20:
3a:b1:31:93:44:5e:d1:82:95:8f:d6:c2:fd:ce:08:
11:eb:1c:47:4d:70:71:f5:3d:5a:21:90:6a:b9:2e:
41:24:c0:ec:66:c2:69:69:60:ce:9b:0c:ec:e7:53:
93:5d:86:38:46:65:c1:13:28:32:51:65:3f:97:2a:
32:94:b9:2a:d4:2f:4d:0a:a3:ae:a9:b6:35:c5:ca:
9c:77:94:d6:da:2d:99:ae:a8:bd:27:e0:92:c0:ed:
e6:dd:9e:8f:90:99:20:77:91:72:6a:73:88:80:cd:
b2:5e:02:15:dc:9c:09:61:b6:97:f0:9f:9e:df:17:
2c:c3:e1:73:d9:0e:ca:55:53:69:12:8b:3d:5e:c7:
be:97:2d:18:2c:89:68:e2:88:de:a6:4b:3e:80:b8:
ae:7a:e5:96:79:4a:35:a4:3d:66:e3:30:06:96:67:
bc:e0:e7:93:e9:0e:0b:29:77:be:07:60:c8:2e:e0:
63:ba:c2:a3:e0:56:ca:11:83:89:a7:ca:c9:66:ef:
4f:e5:39:51:78:27:0f:e9:40:42:2a:b7:a4:f7:7c:
88:f8:21:b2:bd:e0:61:6d:fb:e4:5e:07:63:34:19:
83:f4:0f:78:7f:45:1c:96:4b:74:b0:2d:e8:a1:75:
ef:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D9:15:37:5D:6E:47:0E:40:8E:52:7E:E3:E7:C8:4E:CC:52:3A:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e040::/48
Signature Algorithm: sha256WithRSAEncryption
5b:94:09:08:b0:ac:72:fa:70:4e:6a:29:37:69:3c:82:61:a4:
16:8a:ff:1b:57:79:8c:9a:ae:32:62:5d:3e:b5:97:14:96:d5:
a5:18:fd:ba:b0:ee:b8:96:22:39:3f:da:70:3a:99:7e:31:9d:
31:15:3d:cb:f6:7d:bb:7b:b9:b3:b0:12:04:21:c0:22:09:9d:
55:8b:b3:a8:2f:a4:c4:49:90:cd:c9:65:e4:53:07:ae:fc:69:
c8:b8:a2:90:ce:ac:2f:17:1a:48:33:bd:36:44:63:1e:b4:c7:
86:6b:dc:87:74:7a:22:34:fc:2a:1d:34:33:40:d4:eb:a2:c3:
ac:eb:51:0d:a1:82:ab:28:96:b0:02:f7:87:6a:40:59:b1:34:
7a:29:d2:71:c2:f4:bb:73:f5:d6:a3:0d:45:2a:f3:98:a7:93:
80:fc:da:79:4d:8b:c6:da:f1:4a:ee:a0:cc:66:6d:5d:be:ba:
f6:b5:12:cc:42:bd:0c:c1:b9:63:31:6a:95:ba:82:d5:42:3b:
d9:f8:b5:38:ca:8c:aa:bb:9b:b0:cd:bf:65:77:c0:20:76:ab:
68:14:e8:f7:2a:a1:5c:80:ca:d9:d1:29:5a:9e:73:06:f4:3f:
ae:c8:c6:4c:33:5a:a9:9c:73:92:9d:8b:bd:e2:8e:32:0b:fa:
21:96:12:65
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd+ZGDv+2Hy8d7zLw+y2bl5QkIVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjNzcyODFmMTAyNWVkZmFlNDMzOWM1ZjIyNGE4ZjZjZTg3M2E2ZWFjYWY0
OTBmMzRjNTFmYWY0YmJjOTY0OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALN/oWCWlpskWYL21RsgOrExk0Re0YKVj9bC/c4IEescR01wcfU9WiGQarku
QSTA7GbCaWlgzpsM7OdTk12GOEZlwRMoMlFlP5cqMpS5KtQvTQqjrqm2NcXKnHeU
1totma6ovSfgksDt5t2ej5CZIHeRcmpziIDNsl4CFdycCWG2l/Cfnt8XLMPhc9kO
ylVTaRKLPV7HvpctGCyJaOKI3qZLPoC4rnrllnlKNaQ9ZuMwBpZnvODnk+kOCyl3
vgdgyC7gY7rCo+BWyhGDiafKyWbvT+U5UXgnD+lAQiq3pPd8iPghsr3gYW375F4H
YzQZg/QPeH9FHJZLdLAt6KF179kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS62RU3
XW5HDkCOUn7j58hOzFI6NDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZjYTI0NTUtYjU4ZS00M2UwLWExNWYtMjc2ZjhhNWI1MjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
QDANBgkqhkiG9w0BAQsFAAOCAQEAW5QJCLCscvpwTmopN2k8gmGkFor/G1d5jJqu
MmJdPrWXFJbVpRj9urDuuJYiOT/acDqZfjGdMRU9y/Z9u3u5s7ASBCHAIgmdVYuz
qC+kxEmQzcll5FMHrvxpyLiikM6sLxcaSDO9NkRjHrTHhmvch3R6IjT8Kh00M0DU
66LDrOtRDaGCqyiWsAL3h2pAWbE0einSccL0u3P11qMNRSrzmKeTgPzaeU2Lxtrx
Su6gzGZtXb669rUSzEK9DMG5YzFqlbqC1UI72fi1OMqMqrubsM2/ZXfAIHaraBTo
9yqhXIDK2dEpWp5zBvQ/rsjGTDNaqZxzkp2LveKOMgv6IZYSZQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:07 2025 by rpki-client