Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
File: 7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa (raw, json)
Hash identifier: gO7LnZ2gs0H3bp1HlyVsj0t7NjfBs/14Uvzp/cl1GOc=
Subject key identifier: 9E:E0:DB:B7:12:A1:4D:E6:FC:02:9F:1A:89:FA:89:DD:27:97:91:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53DE0F375A2780967CADD5291D70C0B29BC2A530
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
Signing time: Tue 20 May 2025 18:21:26 +0000
ROA not before: Tue 20 May 2025 18:21:26 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:de:0f:37:5a:27:80:96:7c:ad:d5:29:1d:70:c0:b2:9b:c2:a5:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:21:26 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=273ef42064af32cd72628d1fec4759064e414a369f4e5297c465646743417fb3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cb:40:5b:40:5c:8a:dd:64:7c:6c:6c:0f:50:
89:0b:f1:db:d0:99:2a:49:15:72:dd:ce:65:37:42:
54:91:43:7a:cc:24:62:37:a7:3a:db:5b:fe:ff:bd:
5c:2d:51:1e:87:87:97:13:63:1b:88:1a:d8:49:15:
52:66:9e:77:bc:9b:83:59:1e:5a:32:54:86:75:03:
52:b7:6d:6f:4b:4a:6c:3d:7d:89:8c:44:7e:ea:05:
85:46:5c:b3:df:4e:cd:b7:1b:38:cd:4d:93:76:2a:
35:86:9d:c3:10:c2:35:0c:ca:4e:89:c1:67:91:e0:
9b:2e:c2:f4:24:0f:e6:cb:9d:76:aa:32:01:f0:40:
be:67:d1:64:fe:fe:71:55:41:4a:64:7e:ea:4b:58:
c7:53:d4:e0:ae:fd:23:13:59:e0:91:d0:6a:20:5c:
26:46:c6:b6:81:87:15:f1:7d:64:31:fa:ca:06:e5:
5d:3a:52:8b:2b:08:5b:f0:7d:34:ca:63:68:9c:0d:
e0:07:f1:b3:54:77:4d:3c:0d:b1:1b:c0:df:59:36:
8b:18:89:0d:a5:ff:c3:a5:8e:53:0c:a3:d2:74:a4:
b7:dc:a4:fa:67:92:3f:5d:02:da:66:da:24:7b:36:
e3:84:b8:2c:41:e8:d7:44:75:bb:0c:b2:7d:14:fa:
a3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E0:DB:B7:12:A1:4D:E6:FC:02:9F:1A:89:FA:89:DD:27:97:91:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
87:79:53:cf:c5:28:6f:df:6e:c3:1b:c3:a7:f5:09:c2:d1:c7:
c9:69:b4:92:94:f6:1d:71:52:7d:e8:aa:f2:89:9d:31:c4:cc:
a7:06:05:0f:08:6d:6f:07:8b:e5:23:e9:d2:7f:17:c2:b3:14:
37:d6:7b:c0:33:11:69:af:49:f8:64:08:c4:6a:cc:37:0f:be:
bc:63:dd:4b:07:16:3d:1c:1c:cb:a0:22:30:03:14:66:89:51:
22:de:d9:4f:7e:45:73:f6:96:bb:a7:89:3b:bb:32:da:98:eb:
28:4e:f1:27:28:27:a6:a0:43:44:97:9d:33:30:e4:56:cc:aa:
99:b6:44:ae:96:61:55:0a:04:11:7b:47:66:cb:ba:29:be:15:
7d:9a:81:7b:fd:ee:c3:bb:ab:25:ff:be:da:dd:3d:04:5b:b8:
c6:1b:ad:36:db:f9:b8:1d:2e:f3:06:63:6a:a5:14:cc:54:07:
cf:24:b5:70:04:57:08:83:8b:5b:a1:f9:f9:b5:78:2f:6e:2f:
c8:e0:bb:46:74:02:2b:0c:71:d9:c7:90:97:13:1b:b8:9c:00:
03:9e:69:af:7f:33:7a:e8:1d:77:84:ef:9d:97:18:09:bd:7b:
b5:47:47:37:17:ec:0e:77:50:bc:33:1b:f1:7f:af:92:83:7e:
0b:a2:ec:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUU94PN1ongJZ8rdUpHXDAspvCpTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIxMjZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3M2VmNDIwNjRhZjMyY2Q3MjYyOGQxZmVjNDc1OTA2NGU0MTRhMzY5ZjRl
NTI5N2M0NjU2NDY3NDM0MTdmYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/LQFtAXIrdZHxsbA9QiQvx29CZKkkVct3OZTdCVJFDeswkYjenOttb/v+9
XC1RHoeHlxNjG4ga2EkVUmaed7ybg1keWjJUhnUDUrdtb0tKbD19iYxEfuoFhUZc
s99OzbcbOM1Nk3YqNYadwxDCNQzKTonBZ5Hgmy7C9CQP5suddqoyAfBAvmfRZP7+
cVVBSmR+6ktYx1PU4K79IxNZ4JHQaiBcJkbGtoGHFfF9ZDH6ygblXTpSiysIW/B9
NMpjaJwN4Afxs1R3TTwNsRvA31k2ixiJDaX/w6WOUwyj0nSkt9yk+meSP10C2mba
JHs244S4LEHo10R1uwyyfRT6o9sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSe4Nu3
EqFN5vwCnxqJ+ondJ5eRoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E2ZDVjNGQtNDBkZC00NTc3LTk1MjAtYTJhYzI4NmM4MTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
wDANBgkqhkiG9w0BAQsFAAOCAQEAh3lTz8Uob99uwxvDp/UJwtHHyWm0kpT2HXFS
feiq8omdMcTMpwYFDwhtbweL5SPp0n8XwrMUN9Z7wDMRaa9J+GQIxGrMNw++vGPd
SwcWPRwcy6AiMAMUZolRIt7ZT35Fc/aWu6eJO7sy2pjrKE7xJygnpqBDRJedMzDk
VsyqmbZErpZhVQoEEXtHZsu6Kb4VfZqBe/3uw7urJf++2t09BFu4xhutNtv5uB0u
8wZjaqUUzFQHzyS1cARXCIOLW6H5+bV4L24vyOC7RnQCKwxx2ceQlxMbuJwAA55p
r38zeugdd4TvnZcYCb17tUdHNxfsDndQvDMb8X+vkoN+C6Lsuw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:27 2025 by rpki-client