Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
File: 76526233-4062-463b-bfd0-bbe1d12891fa.roa (raw, json)
Hash identifier: 6Uc4PKT0Ja3hFJ6t/GW19vf381/pGaM8wwbrXF3EjPI=
Subject key identifier: 87:AE:99:4A:C9:4D:14:9D:0A:1E:0B:5C:00:A2:0A:DC:1F:B5:3D:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C8D85F2241CD547BA7E1581D6035F4319D04B1B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
Signing time: Mon 09 Jun 2025 19:20:17 +0000
ROA not before: Mon 09 Jun 2025 19:20:17 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:8d:85:f2:24:1c:d5:47:ba:7e:15:81:d6:03:5f:43:19:d0:4b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:17 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=38a317c951e2999747015c88e109607c830585e558924cd94b1972074f7c1671, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:cc:49:37:f9:56:7c:11:d7:b2:25:2d:82:
9f:4a:db:59:98:9f:c2:97:04:5b:2d:ab:ec:99:fd:
4c:69:e2:48:99:4a:76:a1:80:f7:f0:96:26:37:b8:
00:a5:29:55:8b:22:32:3b:08:d7:14:30:75:a0:84:
5b:41:0e:f2:cd:67:f0:74:7e:bd:f2:b6:17:9a:3d:
80:5d:35:35:e1:37:61:e3:fb:93:cc:98:83:83:a6:
28:fa:fd:a1:bd:96:c8:83:8e:0d:00:b2:f1:30:c7:
4c:01:20:31:83:f5:eb:51:a6:94:dc:64:5a:8f:13:
7d:d8:ff:98:6d:d8:67:0e:94:76:a2:8b:3a:94:37:
37:91:0f:b8:70:73:b5:a8:ec:21:e3:2e:03:9d:10:
ce:63:b7:f8:c9:61:03:81:88:cb:79:5c:dd:f2:81:
dd:88:e8:f4:5a:6e:4d:b2:0b:c6:e8:14:81:76:a7:
29:04:07:d7:d8:0f:fd:43:f6:08:1e:26:84:d1:ea:
79:88:3a:f3:d0:b4:50:68:e1:35:19:ba:b0:08:ff:
10:bd:11:09:c2:e9:49:08:17:1f:aa:33:13:78:2f:
92:c8:ac:90:4c:25:8b:1a:97:a3:48:14:de:a2:15:
c6:d0:37:05:54:36:69:e5:d9:c6:54:9e:85:02:dc:
a7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:AE:99:4A:C9:4D:14:9D:0A:1E:0B:5C:00:A2:0A:DC:1F:B5:3D:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4010::/48
Signature Algorithm: sha256WithRSAEncryption
7f:07:6a:25:0e:d2:5f:7c:da:0b:a1:4e:8a:57:76:bc:67:89:
47:3f:55:91:42:5e:a6:1c:d8:20:c3:76:46:b8:83:97:d4:d2:
6a:13:7f:5d:e1:d5:27:f2:3c:e9:68:3c:0d:28:db:55:fb:56:
d9:a3:8c:1c:d1:22:e4:bf:29:b6:1e:46:e3:eb:e9:82:6c:4e:
8a:87:7d:eb:cc:1f:f9:62:83:74:8b:d4:f9:a7:fd:e0:3c:e3:
6b:4d:4d:c1:84:ca:5c:ea:b1:70:56:e8:4b:8d:9f:8f:6d:ab:
ea:22:c5:f7:a1:56:86:36:b9:fe:ca:33:3b:1c:07:1f:46:90:
e2:8c:54:70:0f:90:4c:9f:41:4a:ec:d2:fb:68:79:e0:4c:08:
56:51:c9:2c:15:39:fb:36:52:84:c8:8b:de:5e:c9:52:1f:5d:
ae:4f:27:3e:e6:b1:35:00:5e:90:6e:c8:33:8a:10:bd:88:b6:
35:71:3b:41:f7:ea:67:90:05:3c:f8:03:78:24:29:2d:38:b4:
52:f8:1d:9e:23:6d:de:c2:88:70:48:9f:fe:d3:b7:ce:42:ed:
c1:18:1f:d1:5a:41:f6:76:a6:f4:ac:40:a2:c3:19:23:fd:25:
1b:4e:4b:16:d9:ec:f3:df:4d:0c:94:60:55:9b:6f:67:0e:13:
af:fb:ed:05
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfI2F8iQc1Ue6fhWB1gNfQxnQSxswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMTdaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4YTMxN2M5NTFlMjk5OTc0NzAxNWM4OGUxMDk2MDdjODMwNTg1ZTU1ODky
NGNkOTRiMTk3MjA3NGY3YzE2NzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDnzEk3+VZ8EdeyJS2Cn0rbWZifwpcEWy2r7Jn9TGniSJlKdqGA9/CWJje4
AKUpVYsiMjsI1xQwdaCEW0EO8s1n8HR+vfK2F5o9gF01NeE3YeP7k8yYg4OmKPr9
ob2WyIOODQCy8TDHTAEgMYP161GmlNxkWo8Tfdj/mG3YZw6UdqKLOpQ3N5EPuHBz
tajsIeMuA50QzmO3+MlhA4GIy3lc3fKB3Yjo9FpuTbILxugUgXanKQQH19gP/UP2
CB4mhNHqeYg689C0UGjhNRm6sAj/EL0RCcLpSQgXH6ozE3gvksiskEwlixqXo0gU
3qIVxtA3BVQ2aeXZxlSehQLcp3kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHrplK
yU0UnQoeC1wAogrcH7U95TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY1MjYyMzMtNDA2Mi00NjNiLWJmZDAtYmJlMWQxMjg5MWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
EDANBgkqhkiG9w0BAQsFAAOCAQEAfwdqJQ7SX3zaC6FOild2vGeJRz9VkUJephzY
IMN2RriDl9TSahN/XeHVJ/I86Wg8DSjbVftW2aOMHNEi5L8pth5G4+vpgmxOiod9
68wf+WKDdIvU+af94Dzja01NwYTKXOqxcFboS42fj22r6iLF96FWhja5/sozOxwH
H0aQ4oxUcA+QTJ9BSuzS+2h54EwIVlHJLBU5+zZShMiL3l7JUh9drk8nPuaxNQBe
kG7IM4oQvYi2NXE7QffqZ5AFPPgDeCQpLTi0UvgdniNt3sKIcEif/tO3zkLtwRgf
0VpB9nam9KxAosMZI/0lG05LFtns899NDJRgVZtvZw4Tr/vtBQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:01:02 2025 by rpki-client