Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: TOTYncIm9A7VU14f2LMgQPqMrXqpHLeLEHZUykDLMY4=
Subject key identifier: 97:58:22:B4:32:C3:A6:94:4E:46:0D:E1:61:2C:CD:4E:38:56:0C:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C3DCC427ED57787478E3EA7F6C16619C4B028F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Mon 16 Jun 2025 19:40:43 +0000
ROA not before: Mon 16 Jun 2025 19:40:43 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:3d:cc:42:7e:d5:77:87:47:8e:3e:a7:f6:c1:66:19:c4:b0:28:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:43 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=79f36371e21ec89add663285f36a7a2e691eab9dea903534e53a4e7094486677, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c2:8d:cd:98:82:40:74:c7:75:e8:46:51:62:
35:55:9b:ef:22:15:a7:22:6c:f7:0a:95:6f:61:3e:
2e:86:b3:92:9a:82:57:c4:c9:99:b6:06:10:ac:9d:
c7:e9:ac:c2:10:ee:07:30:99:dc:2d:16:d7:8e:66:
e5:06:e3:e5:c0:e4:45:7f:dc:6f:43:39:06:a1:f3:
77:de:17:86:75:f1:c5:21:50:d6:cf:04:6d:f4:e0:
e3:f5:7c:86:75:8a:ad:e4:c1:93:3d:cd:6a:fe:3b:
0b:a7:cc:7c:e2:b5:0d:fb:b0:a6:36:34:b3:f5:92:
65:6c:45:3a:25:b5:18:73:6f:0e:75:87:62:1b:5f:
13:b7:c3:f9:a3:3e:3d:77:b4:da:a3:a1:c4:ff:58:
02:df:6e:e3:70:5d:fb:1c:17:75:e2:02:5d:49:4e:
12:ee:fc:89:cf:62:89:a0:2b:3e:64:de:eb:9b:bc:
a5:1a:86:f1:ba:9b:09:0f:3c:35:d8:65:f5:54:05:
de:ad:84:54:01:aa:4f:fe:23:a1:cc:15:be:3f:9e:
4b:53:95:37:09:04:5c:f4:30:ad:1a:b7:45:14:a8:
57:f2:f4:99:3a:93:d5:4b:54:a0:81:a2:f4:b8:51:
f2:4d:ff:ff:f3:90:24:69:99:41:a8:cc:c7:5c:82:
75:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:58:22:B4:32:C3:A6:94:4E:46:0D:E1:61:2C:CD:4E:38:56:0C:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
69:89:a5:cc:86:80:ad:bb:ac:f5:4f:da:79:7f:8f:f9:78:15:
de:23:42:26:21:c9:1f:74:f4:f6:1b:17:35:14:71:7d:99:90:
4b:54:66:9f:96:ac:a2:be:29:e7:d1:15:74:5a:a8:0a:74:8f:
a2:61:f6:e2:de:c6:41:a8:aa:dd:1b:05:df:b7:6f:23:59:47:
77:fc:15:c5:89:51:3b:da:86:e6:bc:1e:e0:98:88:c6:9e:0c:
d1:6f:9f:d0:9a:9c:c1:d9:b4:d7:c6:36:ec:f1:ec:b9:17:92:
28:3f:5e:d4:d8:c5:39:a6:0a:73:98:b7:60:cb:65:ee:e8:48:
4d:41:10:8d:27:ad:82:a7:10:2e:c6:66:af:e8:e3:0c:ea:ae:
f9:8a:25:ac:d7:4c:02:80:00:21:5c:c2:d0:bf:08:f4:f8:a8:
8b:bf:41:b6:bc:bc:d1:42:99:5e:f4:08:30:1b:99:ec:3d:b9:
a3:72:b8:2f:d8:b2:37:55:98:2f:4a:a4:7e:44:ce:e1:06:7d:
9c:b3:b7:66:aa:c8:c1:a8:04:8f:7b:21:54:03:b1:ff:b2:77:
1e:19:c0:dc:5e:65:ce:b0:5d:7e:21:98:46:4b:a2:e0:29:c6:
5e:51:8e:c9:47:80:93:4a:53:16:0d:6a:91:a9:92:21:8d:ac:
8c:db:da:84
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbD3MQn7Vd4dHjj6n9sFmGcSwKPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwNDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5ZjM2MzcxZTIxZWM4OWFkZDY2MzI4NWYzNmE3YTJlNjkxZWFiOWRlYTkw
MzUzNGU1M2E0ZTcwOTQ0ODY2NzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnCjc2YgkB0x3XoRlFiNVWb7yIVpyJs9wqVb2E+LoazkpqCV8TJmbYGEKyd
x+mswhDuBzCZ3C0W145m5Qbj5cDkRX/cb0M5BqHzd94XhnXxxSFQ1s8EbfTg4/V8
hnWKreTBkz3Nav47C6fMfOK1DfuwpjY0s/WSZWxFOiW1GHNvDnWHYhtfE7fD+aM+
PXe02qOhxP9YAt9u43Bd+xwXdeICXUlOEu78ic9iiaArPmTe65u8pRqG8bqbCQ88
Ndhl9VQF3q2EVAGqT/4jocwVvj+eS1OVNwkEXPQwrRq3RRSoV/L0mTqT1UtUoIGi
9LhR8k3///OQJGmZQajMx1yCdbECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSXWCK0
MsOmlE5GDeFhLM1OOFYMXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEAaYmlzIaArbus9U/aeX+P+XgV3iNCJiHJH3T0
9hsXNRRxfZmQS1Rmn5asor4p59EVdFqoCnSPomH24t7GQaiq3RsF37dvI1lHd/wV
xYlRO9qG5rwe4JiIxp4M0W+f0Jqcwdm018Y27PHsuReSKD9e1NjFOaYKc5i3YMtl
7uhITUEQjSetgqcQLsZmr+jjDOqu+YolrNdMAoAAIVzC0L8I9Pioi79Btry80UKZ
XvQIMBuZ7D25o3K4L9iyN1WYL0qkfkTO4QZ9nLO3ZqrIwagEj3shVAOx/7J3HhnA
3F5lzrBdfiGYRkui4CnGXlGOyUeAk0pTFg1qkamSIY2sjNvahA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:18 2025 by rpki-client