Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
File: eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa (raw, json)
Hash identifier: 54T24+3YxHzCv2JtNttV1YbWE2sZGvW+cnrH46WI8P0=
Subject key identifier: AE:D6:D0:A8:02:3E:FC:CC:B1:39:8A:8B:89:C1:46:1A:F3:23:11:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7854E9B1466D548FBA95D33436CEE93F7B390276
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
Signing time: Mon 16 Jun 2025 20:10:17 +0000
ROA not before: Mon 16 Jun 2025 20:10:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:54:e9:b1:46:6d:54:8f:ba:95:d3:34:36:ce:e9:3f:7b:39:02:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:10:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=628bb7da9a4cee69a85ea7bcec7f3b2a30a988d7e1e9449c83a25d6c8041c5ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a7:04:be:c4:4c:61:ed:dc:62:4d:a3:20:da:
1e:5b:82:89:99:da:4e:d1:ca:a3:cc:1c:94:6b:d8:
3a:77:b7:db:af:f9:5c:09:ee:53:02:e2:33:f3:d3:
5a:73:57:04:07:81:36:3d:53:8c:c2:ad:66:c3:a9:
5d:50:b3:6d:0c:9f:5d:d2:90:8a:84:64:c7:17:01:
31:09:d3:4d:93:71:a9:ac:6c:c3:18:0b:26:4f:10:
32:94:24:9f:a0:93:26:22:25:2c:6e:92:42:96:ce:
fe:b3:18:f3:25:20:f4:dc:74:40:76:21:68:87:7e:
dc:76:85:1f:ad:37:95:49:66:57:f3:82:a7:16:55:
fb:68:f8:43:6c:80:65:ba:7a:f0:25:69:34:1c:04:
0b:40:ac:af:15:57:81:6a:d6:c7:88:21:ad:b8:b5:
42:c1:bb:62:6f:8b:ff:44:6e:05:ed:d6:b0:61:93:
60:39:00:b3:3f:7b:51:57:0b:c2:79:4b:8f:37:8c:
d8:9e:e7:c0:4a:03:44:b7:03:d8:84:75:c9:25:07:
83:ba:71:78:84:69:db:93:5c:ca:d5:20:be:24:43:
50:b9:99:af:8b:a2:cf:c6:55:55:9d:f9:6f:3b:b4:
2d:42:94:4f:0c:4c:b3:16:ec:71:44:1d:ad:78:9e:
08:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D6:D0:A8:02:3E:FC:CC:B1:39:8A:8B:89:C1:46:1A:F3:23:11:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4040::/48
Signature Algorithm: sha256WithRSAEncryption
a6:43:ea:cb:48:a3:51:fd:e0:13:e5:6f:b7:65:11:e2:ac:86:
b2:a2:81:bd:3e:86:d9:36:35:d2:5e:c4:b9:0e:dc:86:06:02:
4d:38:c2:3d:20:3a:20:32:4b:4c:78:fb:79:fd:0d:8c:7b:28:
03:13:25:0d:83:c2:7f:ec:79:ce:9a:bb:1f:1c:50:47:3a:46:
37:a8:9d:65:f4:54:db:17:df:40:fa:44:42:95:09:cf:d9:c4:
1a:50:7d:92:f8:94:2a:96:79:ed:27:d7:05:9d:ea:5d:e9:4b:
f7:d6:d0:6e:3b:e4:75:80:3a:71:be:55:44:9f:5b:ef:31:35:
6d:69:29:df:20:78:c6:ee:b8:aa:ad:0b:38:8a:84:14:d3:c7:
bd:ec:81:d9:73:41:02:51:21:6f:60:4f:56:93:5c:4d:44:23:
ba:e4:e4:87:eb:5d:03:dc:38:2f:fd:91:15:8f:9b:5a:95:40:
a6:b5:a0:2b:f5:c5:f7:af:f1:a2:df:e4:39:49:57:5c:55:5a:
c7:72:a5:d9:85:a1:5d:96:7b:a3:bf:d9:ca:0a:2a:91:e1:4f:
24:70:17:3b:14:b4:2b:7e:46:8b:ac:1d:15:66:55:ea:ba:a1:
49:51:0b:08:26:ac:3d:7b:21:f7:5d:c3:00:ee:32:96:f4:09:
84:05:b4:e0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeFTpsUZtVI+6ldM0Ns7pP3s5AnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDEwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyOGJiN2RhOWE0Y2VlNjlhODVlYTdiY2VjN2YzYjJhMzBhOTg4ZDdlMWU5
NDQ5YzgzYTI1ZDZjODA0MWM1YWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWnBL7ETGHt3GJNoyDaHluCiZnaTtHKo8wclGvYOne326/5XAnuUwLiM/PT
WnNXBAeBNj1TjMKtZsOpXVCzbQyfXdKQioRkxxcBMQnTTZNxqaxswxgLJk8QMpQk
n6CTJiIlLG6SQpbO/rMY8yUg9Nx0QHYhaId+3HaFH603lUlmV/OCpxZV+2j4Q2yA
Zbp68CVpNBwEC0CsrxVXgWrWx4ghrbi1QsG7Ym+L/0RuBe3WsGGTYDkAsz97UVcL
wnlLjzeM2J7nwEoDRLcD2IR1ySUHg7pxeIRp25NcytUgviRDULmZr4uiz8ZVVZ35
bzu0LUKUTwxMsxbscUQdrXieCHsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSu1tCo
Aj78zLE5iouJwUYa8yMRgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWVkZGRiYmQtMmJiZC00ZTY0LTliMzctZGRkZDMzOTJjZThmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
QDANBgkqhkiG9w0BAQsFAAOCAQEApkPqy0ijUf3gE+Vvt2UR4qyGsqKBvT6G2TY1
0l7EuQ7chgYCTTjCPSA6IDJLTHj7ef0NjHsoAxMlDYPCf+x5zpq7HxxQRzpGN6id
ZfRU2xffQPpEQpUJz9nEGlB9kviUKpZ57SfXBZ3qXelL99bQbjvkdYA6cb5VRJ9b
7zE1bWkp3yB4xu64qq0LOIqEFNPHveyB2XNBAlEhb2BPVpNcTUQjuuTkh+tdA9w4
L/2RFY+bWpVAprWgK/XF96/xot/kOUlXXFVax3Kl2YWhXZZ7o7/ZygoqkeFPJHAX
OxS0K35Gi6wdFWZV6rqhSVELCCasPXsh913DAO4ylvQJhAW04A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:06 2025 by rpki-client