Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f07adbd-573b-4a8c-861a-930797d8dcc7.roa
File: 1f07adbd-573b-4a8c-861a-930797d8dcc7.roa (raw, json)
Hash identifier: lP8E/1KOgm/mEp4ObBJsJmeXjLuPfb+VaBZ2E16fPe8=
Subject key identifier: CC:83:CF:D0:0C:FF:23:0A:62:3A:07:04:E9:76:EE:F4:FD:4E:3E:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B42633D7160769EDAF6DF09DBEF59D8B36933FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f07adbd-573b-4a8c-861a-930797d8dcc7.roa
Signing time: Tue 20 May 2025 19:40:21 +0000
ROA not before: Tue 20 May 2025 19:40:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:40c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:42:63:3d:71:60:76:9e:da:f6:df:09:db:ef:59:d8:b3:69:33:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=dfc4bbe6b1b025dd67f38ccdb8ff2bb521f0092d67c996dbf9d0b89d16d04a36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:db:a4:86:a0:9c:a6:4b:29:bc:e5:72:96:b8:
e0:0f:e4:91:1f:b1:6a:41:95:0a:62:30:50:94:fa:
83:a0:2e:65:bb:bc:37:bf:77:19:e7:90:b3:b4:8d:
be:50:61:be:cc:aa:d3:bf:66:4d:f0:13:48:27:2f:
9d:db:49:de:e1:98:9d:ef:34:1c:05:04:0a:b1:5c:
93:cd:7f:5b:59:70:78:5b:d4:d4:f4:07:c8:aa:2b:
c6:ba:77:c6:76:29:56:fb:de:6a:e9:f7:4e:3b:46:
52:c0:9e:5b:ee:53:ac:2c:31:bc:fd:d0:4a:14:f4:
ba:fb:6d:6e:f1:b8:2d:fa:8f:f7:29:f8:3d:c4:c1:
a8:f6:89:91:32:8a:26:6d:9d:61:1e:b1:78:9a:eb:
6c:8b:de:e0:05:f1:13:32:65:6f:d4:ae:79:8b:84:
38:e3:35:be:b3:37:29:1a:9e:b5:93:a8:22:ae:b0:
8f:f1:af:39:78:6a:eb:be:f6:2f:56:f2:8a:3b:bf:
09:1d:e9:0e:10:2c:27:b3:fb:73:15:08:b8:d0:2b:
af:a0:4c:6c:10:08:8f:ae:1c:62:e4:b9:f0:4f:96:
21:44:79:b2:b4:d0:f6:eb:1f:8d:f5:44:38:0b:02:
7e:58:2f:48:9c:02:ac:4e:9d:09:cb:fb:46:24:1b:
97:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:83:CF:D0:0C:FF:23:0A:62:3A:07:04:E9:76:EE:F4:FD:4E:3E:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f07adbd-573b-4a8c-861a-930797d8dcc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:40c0::/46
Signature Algorithm: sha256WithRSAEncryption
72:97:7f:80:0d:26:ce:2d:eb:f2:d0:eb:54:b3:d0:0e:dc:e7:
dc:9d:7b:92:fd:67:a2:15:81:65:cf:8c:80:d5:e1:94:4c:1d:
7c:38:a2:4c:7d:24:5b:93:38:ce:1a:ac:eb:b5:41:5e:ab:b0:
33:cb:4c:af:72:fb:3f:b9:6e:33:f8:cf:21:51:bb:64:b2:a3:
d6:fb:59:a8:3c:1d:7e:03:7e:17:31:71:eb:8e:33:c3:5b:4a:
f8:f0:11:8a:f7:7f:28:77:55:51:15:fa:46:9b:33:a2:7f:b0:
b0:c2:68:7e:a1:fb:9c:c5:a1:98:fe:95:d4:7a:82:f0:f3:79:
db:ec:ed:ce:c8:4f:6b:10:d5:f4:b1:e6:7f:f0:5f:0f:d8:68:
88:ed:ac:ce:bf:bd:75:9f:3c:4f:b8:01:cf:2f:0b:5b:a0:bc:
4e:f8:c8:f0:f6:79:7a:ae:fb:aa:d3:fd:99:fc:18:30:0a:36:
83:f9:56:00:5e:b8:d5:70:ee:db:28:4f:6d:24:04:d1:56:df:
95:7c:21:6f:d2:40:98:aa:bf:ea:8c:5f:e2:ae:5e:9e:52:11:
b0:33:74:63:f0:fb:4f:60:54:43:62:cf:ee:73:36:33:30:00:
94:d5:6e:35:d3:b1:96:9b:5b:2f:83:45:0f:8a:0d:e0:8a:af:
97:cc:17:5f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe0JjPXFgdp7a9t8J2+9Z2LNpM/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmYzRiYmU2YjFiMDI1ZGQ2N2YzOGNjZGI4ZmYyYmI1MjFmMDA5MmQ2N2M5
OTZkYmY5ZDBiODlkMTZkMDRhMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbbpIagnKZLKbzlcpa44A/kkR+xakGVCmIwUJT6g6AuZbu8N793GeeQs7SN
vlBhvsyq079mTfATSCcvndtJ3uGYne80HAUECrFck81/W1lweFvU1PQHyKorxrp3
xnYpVvveaun3TjtGUsCeW+5TrCwxvP3QShT0uvttbvG4LfqP9yn4PcTBqPaJkTKK
Jm2dYR6xeJrrbIve4AXxEzJlb9SueYuEOOM1vrM3KRqetZOoIq6wj/GvOXhq6772
L1byiju/CR3pDhAsJ7P7cxUIuNArr6BMbBAIj64cYuS58E+WIUR5srTQ9usfjfVE
OAsCflgvSJwCrE6dCcv7RiQblyMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTMg8/Q
DP8jCmI6BwTpdu70/U4+NTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWYwN2FkYmQtNTczYi00YThjLTg2MWEtOTMwNzk3ZDhkY2M3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdA
wDANBgkqhkiG9w0BAQsFAAOCAQEAcpd/gA0mzi3r8tDrVLPQDtzn3J17kv1nohWB
Zc+MgNXhlEwdfDiiTH0kW5M4zhqs67VBXquwM8tMr3L7P7luM/jPIVG7ZLKj1vtZ
qDwdfgN+FzFx644zw1tK+PARivd/KHdVURX6Rpszon+wsMJofqH7nMWhmP6V1HqC
8PN52+ztzshPaxDV9LHmf/BfD9hoiO2szr+9dZ88T7gBzy8LW6C8TvjI8PZ5eq77
qtP9mfwYMAo2g/lWAF641XDu2yhPbSQE0VbflXwhb9JAmKq/6oxf4q5enlIRsDN0
Y/D7T2BUQ2LP7nM2MzAAlNVuNdOxlptbL4NFD4oN4Iqvl8wXXw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:48 2025 by rpki-client