Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa
File: d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa (raw, json)
Hash identifier: M+BBElEXVLiOshMLUKKBoJnEyTNCRvErHgx1kTFp/00=
Subject key identifier: 48:D5:6D:7D:C7:4B:66:37:A6:8D:ED:98:56:E7:39:F0:5F:7C:7F:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CC2A880BD64B3E0E1AC82B6FF4210057FB77A0B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa
Signing time: Wed 18 Jun 2025 00:30:36 +0000
ROA not before: Wed 18 Jun 2025 00:30:36 +0000
ROA not after: Wed 23 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:c2:a8:80:bd:64:b3:e0:e1:ac:82:b6:ff:42:10:05:7f:b7:7a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 18 00:30:36 2025 GMT
Not After : Jul 23 23:59:59 2025 GMT
Subject: serialNumber=9b866090081c9c8bc9fe9f745610229e0e9a45f25baf2017d4a622c8b0937066, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ae:65:d4:4d:08:f8:74:d3:18:93:40:3a:cd:
4e:de:dd:3e:30:ad:45:18:e0:20:e1:ae:fa:7e:0e:
3b:ae:00:2f:97:6a:ea:ce:ba:77:a5:33:f0:72:b4:
8e:b5:83:7e:7e:44:70:41:c3:c7:09:ca:40:a3:1d:
64:b2:ae:a5:8a:f7:29:87:9e:ef:30:74:6f:7f:f1:
25:8d:7e:f1:dd:7e:72:f7:07:9e:a7:9c:41:ec:0f:
c7:b8:3d:9f:02:c9:6b:15:73:83:e2:72:07:a5:8f:
81:6c:10:a0:34:6b:5f:49:6f:59:15:49:2a:bb:91:
56:61:56:22:9c:e1:5f:0a:e2:ac:14:06:d4:b4:63:
72:56:42:d3:89:26:2a:c5:84:1c:9c:3c:5b:2a:2c:
3f:65:34:37:24:8f:07:c1:d2:83:8b:45:d2:28:3b:
4e:cb:82:7b:07:ff:06:17:3d:dd:7b:53:ec:95:3a:
66:0b:ee:ec:b5:0e:a2:3c:03:f7:d3:4a:a9:7b:d2:
ae:eb:ff:ad:a1:7a:95:da:cd:e5:69:29:f4:3f:cf:
78:fa:91:f6:99:7d:0e:ee:79:0f:aa:38:9a:09:08:
62:b0:0f:fa:0a:40:bc:ce:00:c3:1f:72:46:85:94:
42:12:a9:a9:1a:c6:f2:7b:68:fe:fa:6b:4a:fd:51:
c9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D5:6D:7D:C7:4B:66:37:A6:8D:ED:98:56:E7:39:F0:5F:7C:7F:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1800::/38
Signature Algorithm: sha256WithRSAEncryption
a5:89:07:e6:04:c7:3b:b2:71:8e:9b:fa:ec:fe:e0:d8:1b:7b:
ea:52:4a:f1:e3:47:bb:77:4c:55:d7:7e:36:8a:25:90:5c:34:
5c:1b:e8:67:5a:85:eb:5b:88:4c:65:e1:29:97:b7:6b:d2:e9:
1a:5d:c7:c9:a2:48:ed:27:02:d8:12:71:c7:3a:48:97:fa:09:
b5:f6:b7:6e:57:0b:94:06:6d:3b:63:69:3b:c9:5e:1a:bf:02:
0d:ec:20:76:51:06:25:05:3d:7a:f6:dc:6c:b1:c9:ff:be:2e:
fe:b9:74:e0:e9:c9:06:79:fc:c2:7b:bf:0d:0b:5e:74:3c:3b:
e6:cf:aa:84:80:91:a4:bf:a6:e7:02:72:71:ab:39:62:c2:be:
dd:34:fd:d8:45:42:5b:df:ed:61:cf:2e:e2:15:3c:49:7c:f9:
17:6c:46:75:ba:6c:85:01:90:d9:1b:ae:70:a6:0f:49:63:cb:
e0:66:ed:68:af:56:69:f6:7b:e3:56:fc:e5:2a:22:02:15:d2:
0b:a5:2c:7e:b0:16:4b:94:28:57:11:8a:65:ea:f1:82:a4:66:
f8:73:09:99:46:61:ce:8a:04:9c:7a:62:d5:7e:50:ee:78:64:
90:c2:a0:af:2e:ef:f3:02:66:1a:b9:b2:b4:0a:62:01:7a:4e:
26:61:e7:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfMKogL1ks+DhrIK2/0IQBX+3egswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTgwMDMwMzZaFw0yNTA3MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDliODY2MDkwMDgxYzljOGJjOWZlOWY3NDU2MTAyMjllMGU5YTQ1ZjI1YmFm
MjAxN2Q0YTYyMmM4YjA5MzcwNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2uZdRNCPh00xiTQDrNTt7dPjCtRRjgIOGu+n4OO64AL5dq6s66d6Uz8HK0
jrWDfn5EcEHDxwnKQKMdZLKupYr3KYee7zB0b3/xJY1+8d1+cvcHnqecQewPx7g9
nwLJaxVzg+JyB6WPgWwQoDRrX0lvWRVJKruRVmFWIpzhXwrirBQG1LRjclZC04km
KsWEHJw8WyosP2U0NySPB8HSg4tF0ig7TsuCewf/Bhc93XtT7JU6Zgvu7LUOojwD
99NKqXvSruv/raF6ldrN5Wkp9D/PePqR9pl9Du55D6o4mgkIYrAP+gpAvM4Awx9y
RoWUQhKpqRrG8nto/vprSv1RyacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRI1W19
x0tmN6aN7ZhW5znwX3x/cTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDk5NWMzYTEtMjg1OC00MDkwLWEwOTYtMWJmNmFlY2NkNWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQY
MA0GCSqGSIb3DQEBCwUAA4IBAQCliQfmBMc7snGOm/rs/uDYG3vqUkrx40e7d0xV
1342iiWQXDRcG+hnWoXrW4hMZeEpl7dr0ukaXcfJokjtJwLYEnHHOkiX+gm19rdu
VwuUBm07Y2k7yV4avwIN7CB2UQYlBT169txsscn/vi7+uXTg6ckGefzCe78NC150
PDvmz6qEgJGkv6bnAnJxqzliwr7dNP3YRUJb3+1hzy7iFTxJfPkXbEZ1umyFAZDZ
G65wpg9JY8vgZu1or1Zp9nvjVvzlKiICFdILpSx+sBZLlChXEYpl6vGCpGb4cwmZ
RmHOigScemLVflDueGSQwqCvLu/zAmYaubK0CmIBek4mYedl
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:57 2025 by rpki-client