Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
File: f9753974-947c-42c4-885b-aa94c43c56a0.roa (raw, json)
Hash identifier: S0PfxbnDlQDfEcklMVPnH2EA908TdawBOHmtZSElPz8=
Subject key identifier: D7:CC:9C:9A:15:F3:D8:62:EE:9C:B4:CA:68:7C:6B:B1:92:BF:0B:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7245D0115BFA8BCCF219A9ED7E0E6885EB99B3EE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
Signing time: Mon 16 Jun 2025 19:40:05 +0000
ROA not before: Mon 16 Jun 2025 19:40:05 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:45:d0:11:5b:fa:8b:cc:f2:19:a9:ed:7e:0e:68:85:eb:99:b3:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:05 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0c1a53d7b6279512e5f265433471d2b9120c5de8664b759498119b8d4aed044a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3e:9b:4d:98:aa:9a:09:bd:c3:59:84:39:7e:
26:98:fa:57:82:60:f2:45:0f:64:ca:d5:9c:3d:be:
80:8c:cb:ff:7e:ff:5f:58:9d:74:eb:4d:5a:e2:61:
d8:74:6e:16:13:4a:09:98:11:b7:f6:93:78:36:5c:
4f:1a:45:c5:aa:72:ea:fc:ba:5a:8c:0f:17:78:4d:
fb:dd:3e:58:bb:b2:9b:68:ef:d6:25:64:99:85:2f:
4a:97:97:e4:f5:cd:70:36:70:85:2e:ca:22:49:74:
39:00:ee:94:31:fe:bc:3f:93:6b:cd:1f:b1:33:9c:
45:a2:c3:f6:95:20:f2:72:00:a7:06:91:85:18:53:
e4:b3:85:ec:7e:ca:6f:6e:89:4e:71:2f:7d:c3:18:
fe:b8:e3:03:09:8a:82:43:af:43:f7:27:a0:d7:16:
ec:9f:73:fd:a5:1b:85:88:3e:8a:13:ff:f6:e4:37:
55:e3:cb:ca:ec:50:81:8f:a8:d6:f4:16:6d:36:3b:
79:24:56:52:f9:3f:73:c9:04:7d:7b:1a:43:30:bd:
ef:9c:cb:be:7f:64:99:17:75:15:3c:c0:84:c2:c9:
0f:b8:ce:37:de:d0:b1:ab:a2:0b:6c:74:65:70:aa:
66:81:c0:aa:d5:d7:fd:b8:c2:19:c5:bb:ac:43:7f:
2f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CC:9C:9A:15:F3:D8:62:EE:9C:B4:CA:68:7C:6B:B1:92:BF:0B:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:18:67:61:eb:ff:e1:f6:e2:2e:cd:9c:6b:a7:e3:1a:ec:6c:
17:d1:5e:f9:f5:13:c0:b7:cf:cc:76:8e:02:81:61:f7:dd:9d:
d8:6b:0d:fc:f0:62:f6:6d:a9:43:1b:f0:01:cb:3c:34:7b:74:
35:c4:ad:d5:1d:13:7b:19:2d:7a:3b:b9:b3:22:5a:80:3a:44:
76:3c:fd:f6:f7:52:96:31:bf:47:98:bd:94:76:50:62:a9:dd:
a2:d0:9c:04:aa:14:80:fb:fb:34:dd:f3:e6:88:4a:64:1e:4c:
32:6e:f2:5e:c6:38:6a:14:72:45:22:08:98:83:4b:04:1a:30:
71:ec:00:ac:f8:1c:a1:5e:c5:a7:d7:be:47:84:fa:3b:54:50:
af:a5:a7:8d:94:8a:4c:8e:b6:ca:d3:07:92:62:d2:23:7c:2e:
3b:63:10:0c:57:91:bb:02:8b:3f:1c:ed:12:58:75:97:d7:1d:
64:6a:24:1c:ff:20:d3:93:4c:3b:26:a1:96:f3:4f:23:b7:15:
ac:4a:68:80:33:49:ff:5a:25:5f:c8:88:a5:85:61:88:1a:e2:
df:dc:89:03:a9:d9:87:31:eb:ac:fb:57:7d:34:8f:9a:bd:20:
ab:48:78:bb:7d:c8:ba:67:db:cd:96:c1:4b:59:4f:dc:43:01:
62:cb:18:0b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUckXQEVv6i8zyGantfg5oheuZs+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwMDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjMWE1M2Q3YjYyNzk1MTJlNWYyNjU0MzM0NzFkMmI5MTIwYzVkZTg2NjRi
NzU5NDk4MTE5YjhkNGFlZDA0NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANA+m02YqpoJvcNZhDl+Jpj6V4Jg8kUPZMrVnD2+gIzL/37/X1iddOtNWuJh
2HRuFhNKCZgRt/aTeDZcTxpFxapy6vy6WowPF3hN+90+WLuym2jv1iVkmYUvSpeX
5PXNcDZwhS7KIkl0OQDulDH+vD+Ta80fsTOcRaLD9pUg8nIApwaRhRhT5LOF7H7K
b26JTnEvfcMY/rjjAwmKgkOvQ/cnoNcW7J9z/aUbhYg+ihP/9uQ3VePLyuxQgY+o
1vQWbTY7eSRWUvk/c8kEfXsaQzC975zLvn9kmRd1FTzAhMLJD7jON97QsauiC2x0
ZXCqZoHAqtXX/bjCGcW7rEN/L98CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTXzJya
FfPYYu6ctMpofGuxkr8LLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3NTM5NzQtOTQ3Yy00MmM0LTg4NWItYWE5NGM0M2M1NmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
wDANBgkqhkiG9w0BAQsFAAOCAQEAPxhnYev/4fbiLs2ca6fjGuxsF9Fe+fUTwLfP
zHaOAoFh992d2GsN/PBi9m2pQxvwAcs8NHt0NcSt1R0Texkteju5syJagDpEdjz9
9vdSljG/R5i9lHZQYqndotCcBKoUgPv7NN3z5ohKZB5MMm7yXsY4ahRyRSIImINL
BBowcewArPgcoV7Fp9e+R4T6O1RQr6WnjZSKTI62ytMHkmLSI3wuO2MQDFeRuwKL
PxztElh1l9cdZGokHP8g05NMOyahlvNPI7cVrEpogDNJ/1olX8iIpYVhiBri39yJ
A6nZhzHrrPtXfTSPmr0gq0h4u33IumfbzZbBS1lP3EMBYssYCw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:18 2025 by rpki-client