Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
File: 78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa (raw, json)
Hash identifier: Wk25Jk/+HuDAM9d6q3nNQNX2Ezu5Rg8LdNikueuj46w=
Subject key identifier: 6B:59:75:16:E0:C9:41:16:DA:13:69:0B:13:08:53:D6:41:9B:40:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DC6B2DB49515A904B03D186E5EFA73DD38E27C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
Signing time: Fri 06 Jun 2025 15:10:48 +0000
ROA not before: Fri 06 Jun 2025 15:10:48 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:c6:b2:db:49:51:5a:90:4b:03:d1:86:e5:ef:a7:3d:d3:8e:27:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:48 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=e0b83e94552aef325ce68cafaae1e6331241815b6271960aa23ee022cce37d85, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:68:2e:73:4d:59:f7:1c:11:62:08:bf:6a:fd:
ff:9a:4a:1a:32:23:c4:46:f0:84:55:c2:fb:7a:aa:
f1:80:96:5c:19:0b:15:4c:60:65:4a:3f:a1:21:f3:
24:e4:2b:a8:8d:1d:4d:89:ea:34:b7:10:be:d1:45:
11:85:c1:fc:f2:16:40:ac:e1:c3:b9:3c:07:3e:e7:
d5:46:de:5a:f6:0a:f9:e5:43:d1:4c:98:f2:6e:a4:
e8:d3:a0:71:1c:48:e9:f1:8b:1b:a8:ba:73:90:21:
a2:3a:43:88:20:ac:6b:d9:68:b7:71:3e:ca:1d:bf:
90:f6:0e:cf:fd:55:bd:7b:13:bd:25:fa:2e:bb:8f:
a2:bb:3c:5a:e8:0c:94:c6:0b:56:85:ac:f8:bc:a2:
44:88:b9:9c:18:74:62:ce:0c:58:85:47:87:b7:74:
c7:73:f9:9b:ad:ed:0b:e6:da:bd:a1:72:41:80:a0:
67:d1:ea:87:0e:b9:a5:7c:67:c3:5c:ea:c4:4c:93:
d4:69:d4:14:e0:b4:ef:64:ec:21:bc:92:a3:a1:8a:
dc:41:df:00:04:a8:37:bf:d1:38:62:40:c7:22:21:
fb:e0:2d:4d:e2:dc:e1:2b:7a:62:96:19:3e:93:6a:
34:0d:0c:30:3a:f3:ce:59:53:93:b3:de:93:7c:39:
43:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:59:75:16:E0:C9:41:16:DA:13:69:0B:13:08:53:D6:41:9B:40:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:47:f3:69:b4:fd:6b:b7:80:b3:3d:5e:c8:bb:54:11:28:f4:
12:bf:d7:e8:9b:2e:30:d9:85:f5:90:f9:10:50:1b:bf:2c:07:
d1:c9:76:6a:6e:36:2d:e1:5c:89:f5:d6:6b:2e:29:f9:06:20:
28:4d:bb:72:4b:ac:03:31:38:4e:77:db:8a:1d:dc:d2:9c:b4:
fc:c3:c3:11:cc:48:b5:da:bb:21:11:e7:1c:33:41:ac:a8:dc:
58:e2:72:fb:73:e1:b9:f5:ac:75:1f:7f:87:db:c9:c1:34:37:
d7:f1:e3:27:4a:6a:d5:a4:17:d1:a8:13:ca:72:b9:0e:2e:64:
f2:35:14:cb:22:81:61:f5:7d:60:4c:17:70:db:53:20:da:e2:
2c:7d:1c:bc:66:5e:36:7f:7e:75:04:72:06:50:f9:44:17:8b:
a0:f6:7c:2d:86:eb:8e:63:b1:c1:be:05:b4:cc:16:be:12:76:
8a:7e:a0:9a:3e:cd:2b:33:9c:73:5d:11:11:34:8b:99:47:bc:
79:77:75:a4:f2:f9:d9:68:a3:2e:be:ec:22:f7:0f:7f:98:b5:
a3:88:b1:89:62:7c:b2:42:27:f5:44:d4:37:ba:4c:00:37:cd:
ba:b3:ba:fa:d6:8b:e3:69:b4:66:ab:4b:a8:43:84:8e:ac:0d:
1a:c8:e1:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTcay20lRWpBLA9GG5e+nPdOOJ8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNDhaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwYjgzZTk0NTUyYWVmMzI1Y2U2OGNhZmFhZTFlNjMzMTI0MTgxNWI2Mjcx
OTYwYWEyM2VlMDIyY2NlMzdkODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFoLnNNWfccEWIIv2r9/5pKGjIjxEbwhFXC+3qq8YCWXBkLFUxgZUo/oSHz
JOQrqI0dTYnqNLcQvtFFEYXB/PIWQKzhw7k8Bz7n1UbeWvYK+eVD0UyY8m6k6NOg
cRxI6fGLG6i6c5AhojpDiCCsa9lot3E+yh2/kPYOz/1VvXsTvSX6LruPors8WugM
lMYLVoWs+LyiRIi5nBh0Ys4MWIVHh7d0x3P5m63tC+bavaFyQYCgZ9Hqhw65pXxn
w1zqxEyT1GnUFOC072TsIbySo6GK3EHfAASoN7/ROGJAxyIh++AtTeLc4St6YpYZ
PpNqNA0MMDrzzllTk7Pek3w5Q4ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrWXUW
4MlBFtoTaQsTCFPWQZtAGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwODVkMGEtZjFhYy00M2I3LWFjNmItYThhZmNmOTc4MmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQB9R/NptP1rt4CzPV7Iu1QRKPQSv9fomy4w2YX1
kPkQUBu/LAfRyXZqbjYt4VyJ9dZrLin5BiAoTbtyS6wDMThOd9uKHdzSnLT8w8MR
zEi12rshEeccM0GsqNxY4nL7c+G59ax1H3+H28nBNDfX8eMnSmrVpBfRqBPKcrkO
LmTyNRTLIoFh9X1gTBdw21Mg2uIsfRy8Zl42f351BHIGUPlEF4ug9nwthuuOY7HB
vgW0zBa+EnaKfqCaPs0rM5xzXRERNIuZR7x5d3Wk8vnZaKMuvuwi9w9/mLWjiLGJ
YnyyQif1RNQ3ukwAN826s7r61ovjabRmq0uoQ4SOrA0ayOG2
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:12 2025 by rpki-client