Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
File: 7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa (raw, json)
Hash identifier: HCXpv9FhrACxTUkhnl1edqm39o0pB1U0Ikgx0bvVVM0=
Subject key identifier: F0:E5:77:D8:B1:D5:0D:9D:B1:A6:76:BC:B0:63:B0:C0:CE:E2:2A:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EF9072A1A5228488A3FDD16798B0FC6BAED3AC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
Signing time: Tue 20 May 2025 19:31:04 +0000
ROA not before: Tue 20 May 2025 19:31:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:f9:07:2a:1a:52:28:48:8a:3f:dd:16:79:8b:0f:c6:ba:ed:3a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:31:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4648e32f3fa7542ff0352886fd7db50a12a945a81f9f2b91e761ea6028d18319, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:36:73:ce:f9:93:7a:4f:94:23:0a:64:3e:08:
b0:77:86:ae:04:dd:94:db:00:2d:f8:5c:4d:d8:19:
4b:b8:71:d0:90:a6:af:84:5d:d8:38:85:9d:d4:ff:
1a:79:55:4f:de:5c:95:47:19:35:d3:6e:d1:bc:b6:
a4:73:2e:88:9d:2e:f3:f3:e3:4f:8d:be:10:55:47:
32:33:bb:6c:fe:4b:b3:25:68:a6:e9:42:3d:a5:2e:
c3:a2:c5:9f:02:3a:7a:b7:30:c2:6b:89:ed:9a:f2:
3d:d9:ec:ce:b3:ec:39:fc:d4:da:91:03:34:ac:0b:
78:3e:9d:6f:00:ba:96:c7:1b:42:2c:3d:74:2c:d9:
53:2c:11:c6:79:ce:55:c2:f1:7f:b1:05:91:61:ae:
28:a8:89:43:24:94:32:30:e6:4f:1a:3d:e9:b1:10:
f1:76:eb:36:e9:66:54:bc:2e:b3:5b:50:54:89:f9:
9a:2c:92:15:b3:99:4a:7b:16:ef:5b:d1:1b:66:ee:
23:aa:45:01:ab:57:ca:12:a4:0d:99:ce:d6:eb:29:
ec:e6:ba:f9:19:dc:c5:74:43:c8:12:83:a4:60:ad:
29:35:bb:eb:b3:ed:ed:2d:21:20:0b:92:7a:46:c4:
f5:6b:b3:bf:19:51:1f:3f:bd:97:8c:ae:2a:74:52:
00:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E5:77:D8:B1:D5:0D:9D:B1:A6:76:BC:B0:63:B0:C0:CE:E2:2A:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5080::/46
Signature Algorithm: sha256WithRSAEncryption
0e:7c:34:15:9e:f2:ea:52:e8:49:04:f6:67:ef:c5:0c:49:11:
14:9d:a6:0c:c9:82:99:b1:9b:49:db:28:fb:95:0f:de:02:a3:
05:03:f0:30:b0:fc:14:54:86:ec:24:c9:5b:bb:19:a5:48:d8:
2e:1a:f9:34:b3:06:e0:53:53:cb:55:1e:8c:7d:85:99:b2:41:
9a:51:9f:83:a3:e0:b8:18:86:be:17:38:61:0b:3c:67:29:79:
ee:ab:5d:f0:9d:56:c2:58:a2:3e:4d:fe:33:e0:96:4e:90:f3:
e2:24:fe:f9:d4:a6:37:e3:84:ea:01:44:ee:5b:87:6c:5c:88:
be:df:98:eb:42:df:1d:fe:6a:47:20:f0:7c:12:f5:19:52:de:
e9:90:ed:11:db:2d:6f:e9:0c:73:e4:1a:d6:39:26:7d:04:c7:
cf:19:64:73:ae:ff:b5:34:34:4d:1f:24:ca:79:af:bc:e9:5b:
c4:97:1f:0d:6b:07:f2:00:b7:b4:2c:14:1d:61:89:fd:04:1f:
07:7a:d6:e7:c8:ae:9b:bb:0f:b2:a8:23:50:05:2a:76:a0:28:
09:13:3a:74:bc:df:cd:26:83:f1:2a:89:ef:96:04:be:91:6c:
8d:55:2d:8a:3c:e6:d2:ea:f0:ef:f2:be:39:28:5e:8d:b3:e8:
39:90:98:8c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHvkHKhpSKEiKP90WeYsPxrrtOsQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMxMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NDhlMzJmM2ZhNzU0MmZmMDM1Mjg4NmZkN2RiNTBhMTJhOTQ1YTgxZjlm
MmI5MWU3NjFlYTYwMjhkMTgzMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMM2c875k3pPlCMKZD4IsHeGrgTdlNsALfhcTdgZS7hx0JCmr4Rd2DiFndT/
GnlVT95clUcZNdNu0by2pHMuiJ0u8/PjT42+EFVHMjO7bP5LsyVopulCPaUuw6LF
nwI6ercwwmuJ7ZryPdnszrPsOfzU2pEDNKwLeD6dbwC6lscbQiw9dCzZUywRxnnO
VcLxf7EFkWGuKKiJQySUMjDmTxo96bEQ8XbrNulmVLwus1tQVIn5miySFbOZSnsW
71vRG2buI6pFAatXyhKkDZnO1usp7Oa6+RncxXRDyBKDpGCtKTW767Pt7S0hIAuS
ekbE9WuzvxlRHz+9l4yuKnRSAGMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTw5XfY
sdUNnbGmdrywY7DAzuIqOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E4Mzg2ZWUtMTRmYi00MDg5LTkyYmQtNmI0YjFjOWMwMWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVQ
gDANBgkqhkiG9w0BAQsFAAOCAQEADnw0FZ7y6lLoSQT2Z+/FDEkRFJ2mDMmCmbGb
Sdso+5UP3gKjBQPwMLD8FFSG7CTJW7sZpUjYLhr5NLMG4FNTy1UejH2FmbJBmlGf
g6PguBiGvhc4YQs8Zyl57qtd8J1WwliiPk3+M+CWTpDz4iT++dSmN+OE6gFE7luH
bFyIvt+Y60LfHf5qRyDwfBL1GVLe6ZDtEdstb+kMc+Qa1jkmfQTHzxlkc67/tTQ0
TR8kynmvvOlbxJcfDWsH8gC3tCwUHWGJ/QQfB3rW58ium7sPsqgjUAUqdqAoCRM6
dLzfzSaD8SqJ75YEvpFsjVUtijzm0urw7/K+OShejbPoOZCYjA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:49 2025 by rpki-client