Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7b89972-677a-470e-88ff-f95e3c9a9443.roa
File: d7b89972-677a-470e-88ff-f95e3c9a9443.roa (raw, json)
Hash identifier: RBFINyzADTkEEfdU1i0yS8KTuzZaeUCbxcqzwEFGrrk=
Subject key identifier: 7C:EC:8F:3F:E1:FF:86:4B:AB:45:FE:7A:30:F1:3C:FB:B0:C5:06:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 126896B79A33A5564E376C902B4A39C859C8276E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7b89972-677a-470e-88ff-f95e3c9a9443.roa
Signing time: Mon 16 Jun 2025 21:31:41 +0000
ROA not before: Mon 16 Jun 2025 21:31:41 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:68:96:b7:9a:33:a5:56:4e:37:6c:90:2b:4a:39:c8:59:c8:27:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:41 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=712bc75c099815a9c6ae43ef5e6036293b2ed708837dc0bf06e6df145c89849d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b2:27:55:67:d5:d6:2b:39:ee:50:a7:bc:ec:
2b:44:9f:0d:22:5d:e7:10:6e:9a:a4:78:91:89:68:
b1:ee:fe:98:99:14:81:6e:88:78:b4:22:a9:b8:5d:
74:2a:d8:ed:bc:44:5b:c2:1e:de:89:65:85:41:b9:
9d:6c:e8:01:56:a5:86:18:9d:61:9a:4b:d5:b2:33:
ef:7c:da:13:d7:a1:82:d7:bf:69:9f:3e:4b:a4:a0:
e9:d4:a5:79:01:96:b9:71:9b:41:b6:08:db:84:ca:
67:de:5f:ed:98:32:ad:1c:6a:80:c5:d5:6f:8e:3e:
56:58:07:5f:6d:02:c4:44:28:60:a3:b2:3b:59:7b:
e8:10:b7:28:7e:e5:82:06:ab:38:79:c2:3e:c2:76:
b4:dc:46:38:ac:a0:e8:ad:17:c8:98:6a:be:78:aa:
5c:94:a3:cd:e2:20:39:c0:eb:4d:83:69:8a:8f:cf:
6e:8a:53:82:f5:d0:da:a5:a0:b7:f7:88:9a:09:fb:
bb:c1:b7:33:de:d5:ab:10:cd:8e:b1:b3:9d:f3:9a:
94:cc:d4:67:ea:64:39:08:e3:16:ff:ed:03:d9:05:
62:8b:99:15:6e:0c:2a:cf:e5:d9:c8:ad:f5:9c:c0:
aa:cd:7d:03:59:f8:d5:52:12:7a:40:fc:4e:4a:ab:
bc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:EC:8F:3F:E1:FF:86:4B:AB:45:FE:7A:30:F1:3C:FB:B0:C5:06:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7b89972-677a-470e-88ff-f95e3c9a9443.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:800::/40
Signature Algorithm: sha256WithRSAEncryption
ae:99:f8:c4:4f:71:9c:41:79:c0:db:0c:8a:65:3b:57:d1:42:
c9:43:e3:50:0e:4e:f1:f2:70:d5:d4:ef:1c:95:9f:9f:55:d5:
08:ce:4d:b8:82:b4:50:7a:cb:6b:81:43:7b:03:a0:9e:03:4c:
a2:0a:c0:db:66:bc:44:99:45:b5:93:1e:01:af:62:33:89:b0:
b2:09:be:2a:cc:98:91:4e:7f:e7:d8:ce:4d:26:05:f3:90:45:
27:b4:b2:26:90:85:a2:52:15:96:63:6e:69:b9:9d:91:19:ad:
22:12:f3:8b:6a:96:3c:6b:ca:f0:52:da:e6:bd:85:12:54:c9:
e5:5c:97:73:f5:7a:87:9e:e8:40:f0:ab:bc:07:84:a3:83:19:
b4:35:04:2c:13:c4:3d:1e:f6:86:0b:96:e5:3c:4a:c6:82:40:
dd:5d:96:8f:7a:60:11:25:a9:14:1a:41:d7:45:68:a1:cc:26:
d8:6b:48:23:58:52:3b:a2:1d:f8:ac:47:c6:6a:84:23:64:7c:
cb:bb:3d:58:92:5a:e2:df:be:28:df:97:a5:ee:dc:80:43:0c:
30:42:6d:0b:b0:bd:c1:08:ed:4c:1a:a4:bb:55:ac:d5:cf:03:
8d:65:72:c5:5d:87:1b:3e:b9:94:c2:72:6e:74:70:61:95:5a:
37:df:c5:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEmiWt5ozpVZON2yQK0o5yFnIJ24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxNDFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxMmJjNzVjMDk5ODE1YTljNmFlNDNlZjVlNjAzNjI5M2IyZWQ3MDg4Mzdk
YzBiZjA2ZTZkZjE0NWM4OTg0OWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGyJ1Vn1dYrOe5Qp7zsK0SfDSJd5xBumqR4kYlose7+mJkUgW6IeLQiqbhd
dCrY7bxEW8Ie3ollhUG5nWzoAValhhidYZpL1bIz73zaE9ehgte/aZ8+S6Sg6dSl
eQGWuXGbQbYI24TKZ95f7ZgyrRxqgMXVb44+VlgHX20CxEQoYKOyO1l76BC3KH7l
ggarOHnCPsJ2tNxGOKyg6K0XyJhqvniqXJSjzeIgOcDrTYNpio/PbopTgvXQ2qWg
t/eImgn7u8G3M97VqxDNjrGznfOalMzUZ+pkOQjjFv/tA9kFYouZFW4MKs/l2cit
9ZzAqs19A1n41VISekD8TkqrvPkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR87I8/
4f+GS6tF/now8Tz7sMUG4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiODk5NzItNjc3YS00NzBlLTg4ZmYtZjk1ZTNjOWE5NDQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0I
MA0GCSqGSIb3DQEBCwUAA4IBAQCumfjET3GcQXnA2wyKZTtX0ULJQ+NQDk7x8nDV
1O8clZ+fVdUIzk24grRQestrgUN7A6CeA0yiCsDbZrxEmUW1kx4Br2IzibCyCb4q
zJiRTn/n2M5NJgXzkEUntLImkIWiUhWWY25puZ2RGa0iEvOLapY8a8rwUtrmvYUS
VMnlXJdz9XqHnuhA8Ku8B4Sjgxm0NQQsE8Q9HvaGC5blPErGgkDdXZaPemARJakU
GkHXRWihzCbYa0gjWFI7oh34rEfGaoQjZHzLuz1Yklri374o35el7tyAQwwwQm0L
sL3BCO1MGqS7VazVzwONZXLFXYcbPrmUwnJudHBhlVo338XQ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:42 2025 by rpki-client