Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
File: e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa (raw, json)
Hash identifier: 6if8xGZDyM9Z0Na4Lm2bIiI6ZYo/RgCN8nhZo6GqGUo=
Subject key identifier: 71:26:1B:05:7F:B8:B3:9F:89:AC:55:36:18:DD:29:C2:2D:B9:B0:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74E1ED7370F4C5801C4EDE4FBBE44A238A6E5D26
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
Signing time: Mon 16 Jun 2025 21:10:54 +0000
ROA not before: Mon 16 Jun 2025 21:10:54 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:e1:ed:73:70:f4:c5:80:1c:4e:de:4f:bb:e4:4a:23:8a:6e:5d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:54 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1690900dfce7e6b459652cae6735c6c5b7707643d34d0d40c1c4fa2c5ab6d05b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:51:9e:ac:f0:db:43:86:e6:11:a1:56:46:d3:
d4:dc:a5:23:5b:99:3d:11:41:65:28:ec:e6:b5:5d:
96:f4:a2:26:d2:22:f2:bf:6e:6e:41:53:40:21:40:
ae:db:2a:b6:cd:c2:d1:76:a6:83:19:9e:5d:cd:86:
e3:b2:9b:7a:38:a7:de:d0:8e:8c:f8:bd:7d:63:4e:
53:8b:28:27:87:94:a6:50:fe:e3:3f:06:27:80:fa:
eb:3c:14:74:e1:1c:f6:60:a8:13:be:0c:cd:13:fa:
3a:5c:ea:64:88:bf:b2:08:00:57:ef:99:6d:f4:27:
47:3c:5e:a6:10:4f:dc:50:54:13:0b:a8:69:0e:77:
f8:19:4f:9a:8a:7f:13:e0:b1:3b:fc:2d:46:88:63:
af:47:05:d6:c8:6b:f2:a6:71:34:4d:a9:58:ed:bd:
f7:25:eb:66:e4:47:25:d7:4a:6a:e8:fb:c9:7f:1d:
62:1d:64:9e:5d:a6:07:49:15:b7:08:f7:ad:f4:75:
76:7e:3b:a2:18:2e:8e:66:a1:cf:5a:92:53:99:2f:
93:ae:93:fc:f1:e2:8f:da:18:38:1d:15:9f:a6:2a:
08:3e:a5:c3:93:23:a6:4d:32:5e:2b:2e:f7:ac:ba:
ea:97:ac:9a:1c:f6:6c:b5:a9:65:bd:60:bc:40:b6:
a5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:26:1B:05:7F:B8:B3:9F:89:AC:55:36:18:DD:29:C2:2D:B9:B0:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
0b:61:fb:be:04:da:9f:9e:04:1e:fe:68:93:76:51:c5:b3:10:
f7:51:2c:b1:13:92:80:37:99:2c:7c:00:6e:31:ab:43:0c:9d:
19:0a:e8:0e:12:d7:d4:73:07:97:43:92:7a:cf:de:78:9e:33:
34:18:3a:10:5f:41:cf:9b:c0:94:af:3a:c0:d0:f8:ca:5b:20:
53:0f:24:c8:0a:f3:c7:b4:a4:46:bf:6f:7e:78:25:dc:7a:92:
70:82:2a:a3:b9:5f:cf:08:43:53:fe:3f:e4:0d:1e:33:29:57:
c4:04:c0:07:b9:8e:8f:bf:23:6e:fb:a9:4e:f3:ee:57:5a:76:
5e:2a:72:a7:71:78:ff:5d:e1:59:da:ce:07:a6:b5:01:f9:57:
77:0b:29:0b:82:76:9d:7f:ab:38:bb:64:1a:53:27:67:06:51:
22:79:f1:b2:6e:37:ab:80:db:f6:d4:91:b7:f1:c8:61:91:64:
4c:21:2e:ba:00:55:4a:12:19:11:28:75:7c:bb:61:87:d1:0a:
34:bf:9b:4e:1b:e3:c8:d2:05:0d:a3:5d:f8:3d:1b:88:bf:e7:
a6:94:b9:79:f9:dd:df:1f:53:87:46:c0:12:f2:cf:c4:25:6a:
fc:a5:69:10:17:55:6a:73:f8:5f:88:12:d9:b4:f9:e9:54:34:
cb:cc:99:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdOHtc3D0xYAcTt5Pu+RKI4puXSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwNTRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2OTA5MDBkZmNlN2U2YjQ1OTY1MmNhZTY3MzVjNmM1Yjc3MDc2NDNkMzRk
MGQ0MGMxYzRmYTJjNWFiNmQwNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORRnqzw20OG5hGhVkbT1NylI1uZPRFBZSjs5rVdlvSiJtIi8r9ubkFTQCFA
rtsqts3C0XamgxmeXc2G47Kbejin3tCOjPi9fWNOU4soJ4eUplD+4z8GJ4D66zwU
dOEc9mCoE74MzRP6OlzqZIi/sggAV++ZbfQnRzxephBP3FBUEwuoaQ53+BlPmop/
E+CxO/wtRohjr0cF1shr8qZxNE2pWO299yXrZuRHJddKauj7yX8dYh1knl2mB0kV
twj3rfR1dn47ohgujmahz1qSU5kvk66T/PHij9oYOB0Vn6YqCD6lw5Mjpk0yXisu
96y66pesmhz2bLWpZb1gvEC2pUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxJhsF
f7izn4msVTYY3SnCLbmwZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTdlZmQ4NjEtOGRjNi00MGM1LTg3MTMtMGJjZmRiZWQ3YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA
MA0GCSqGSIb3DQEBCwUAA4IBAQALYfu+BNqfngQe/miTdlHFsxD3USyxE5KAN5ks
fABuMatDDJ0ZCugOEtfUcweXQ5J6z954njM0GDoQX0HPm8CUrzrA0PjKWyBTDyTI
CvPHtKRGv29+eCXcepJwgiqjuV/PCENT/j/kDR4zKVfEBMAHuY6PvyNu+6lO8+5X
WnZeKnKncXj/XeFZ2s4HprUB+Vd3CykLgnadf6s4u2QaUydnBlEiefGybjergNv2
1JG38chhkWRMIS66AFVKEhkRKHV8u2GH0Qo0v5tOG+PI0gUNo134PRuIv+emlLl5
+d3fH1OHRsAS8s/EJWr8pWkQF1Vqc/hfiBLZtPnpVDTLzJlG
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:57 2025 by rpki-client