Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
File: ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa (raw, json)
Hash identifier: OFqPdJpUsXvlpozXscUG7LA5REeF99m2N5A/HU9E2PI=
Subject key identifier: E0:1B:F9:F1:1E:15:54:2E:90:5F:29:93:81:C8:D2:C1:F6:5D:E2:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BCAAC93D8C11E757B50B9DA3E068B070CD6FD85
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
Signing time: Tue 17 Jun 2025 00:40:53 +0000
ROA not before: Tue 17 Jun 2025 00:40:53 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:ca:ac:93:d8:c1:1e:75:7b:50:b9:da:3e:06:8b:07:0c:d6:fd:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:53 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=66c71a147a017d420c8bf1dc5f9e1e7530cff673ac2d7e02b7009077d6e54f1a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e8:d5:f6:98:29:fe:e1:11:61:fb:50:3e:63:
bd:a5:83:a1:8e:ae:e8:28:68:9e:8d:5c:c7:59:c4:
6b:45:e7:01:2c:a2:60:ca:9e:a5:ae:31:12:46:c5:
33:8e:19:78:73:bb:37:44:13:37:20:a8:b8:3f:10:
f8:42:98:3e:3b:c2:2b:67:1a:09:6b:b5:f1:94:06:
ff:8a:76:f6:2a:ed:14:c7:c1:b2:3d:8f:35:88:90:
59:5f:21:f9:2a:09:34:a3:25:dd:33:46:0b:62:1c:
6a:76:17:bb:e0:a2:2a:1d:1a:5c:8c:07:2e:65:ed:
f5:6e:ce:d5:cc:9d:8a:dc:fe:48:52:30:07:ed:ba:
03:6c:81:f7:f2:98:85:eb:35:47:69:ff:5e:ad:a9:
ed:a9:98:30:76:d2:40:c0:f2:b6:d1:23:01:e0:6b:
01:63:30:f7:24:a8:49:bb:c0:f9:d7:e3:eb:f0:12:
4a:64:8f:10:2a:b7:df:79:22:a0:3e:77:a6:e2:fb:
5a:95:fb:00:75:19:28:a9:1f:e6:2f:04:e2:89:2e:
4a:b6:5b:ce:e4:58:46:b8:a1:13:90:88:24:e1:56:
f7:2f:86:10:7c:48:0b:02:2d:f7:b5:09:50:40:80:
1a:ee:6b:bc:7b:b2:3c:bd:7b:aa:92:c4:c6:14:e7:
bf:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:1B:F9:F1:1E:15:54:2E:90:5F:29:93:81:C8:D2:C1:F6:5D:E2:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b6:e2:14:5f:8e:bf:22:36:f5:b0:83:83:b0:45:88:88:5c:45:
63:cd:68:49:64:ab:7f:5e:b7:12:74:cf:87:35:68:ff:61:fe:
07:76:c7:6c:a0:ce:00:39:96:33:f2:e9:cc:07:20:60:bd:58:
f5:6f:15:cb:77:23:b6:3b:95:0b:7d:27:3c:78:45:56:69:a4:
b9:bf:65:04:3b:c7:f1:a0:32:72:05:44:6d:c6:76:06:dc:b0:
e0:df:fa:7c:3e:e0:54:be:08:d3:7c:13:ef:38:64:f8:8e:a1:
10:98:68:e2:ab:8c:7a:90:8a:05:15:7f:3a:08:e0:d4:b1:00:
a0:55:a3:61:5d:c8:22:e4:ac:8e:85:86:f8:06:e3:63:6c:7c:
f9:87:e9:c2:86:f5:b1:62:d9:69:51:17:9d:7b:89:63:dc:ee:
be:51:14:d9:18:9b:41:56:1b:55:ab:ef:2c:42:38:61:fb:b4:
94:90:d5:46:24:5b:8b:23:c3:92:b8:b9:35:de:30:a2:52:59:
37:b4:f2:5f:f5:8d:38:12:42:0b:5d:92:92:46:ee:d9:42:43:
c0:a2:84:83:f4:6e:11:84:b1:a1:57:7c:02:74:fd:84:53:51:
1a:46:1c:cb:ab:78:ee:eb:4b:3d:0f:90:51:a7:2e:df:5e:64:
e9:af:c7:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG8qsk9jBHnV7ULnaPgaLBwzW/YUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwNTNaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2YzcxYTE0N2EwMTdkNDIwYzhiZjFkYzVmOWUxZTc1MzBjZmY2NzNhYzJk
N2UwMmI3MDA5MDc3ZDZlNTRmMWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAObo1faYKf7hEWH7UD5jvaWDoY6u6Chono1cx1nEa0XnASyiYMqepa4xEkbF
M44ZeHO7N0QTNyCouD8Q+EKYPjvCK2caCWu18ZQG/4p29irtFMfBsj2PNYiQWV8h
+SoJNKMl3TNGC2IcanYXu+CiKh0aXIwHLmXt9W7O1cyditz+SFIwB+26A2yB9/KY
hes1R2n/Xq2p7amYMHbSQMDyttEjAeBrAWMw9ySoSbvA+dfj6/ASSmSPECq333ki
oD53puL7WpX7AHUZKKkf5i8E4okuSrZbzuRYRrihE5CIJOFW9y+GEHxICwIt97UJ
UECAGu5rvHuyPL17qpLExhTnvy0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgG/nx
HhVULpBfKZOByNLB9l3iTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmZkYzNkYTEtMmVjNy00MTFlLTk1NTAtYjdjOTU2ZmI0NmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A
MA0GCSqGSIb3DQEBCwUAA4IBAQC24hRfjr8iNvWwg4OwRYiIXEVjzWhJZKt/XrcS
dM+HNWj/Yf4HdsdsoM4AOZYz8unMByBgvVj1bxXLdyO2O5ULfSc8eEVWaaS5v2UE
O8fxoDJyBURtxnYG3LDg3/p8PuBUvgjTfBPvOGT4jqEQmGjiq4x6kIoFFX86CODU
sQCgVaNhXcgi5KyOhYb4BuNjbHz5h+nChvWxYtlpURede4lj3O6+URTZGJtBVhtV
q+8sQjhh+7SUkNVGJFuLI8OSuLk13jCiUlk3tPJf9Y04EkILXZKSRu7ZQkPAooSD
9G4RhLGhV3wCdP2EU1EaRhzLq3ju60s9D5BRpy7fXmTpr8dK
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:54:13 2025 by rpki-client