Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ab64f0c-c76e-4d78-bdcc-28b3e3d8a5cc.roa
File: 7ab64f0c-c76e-4d78-bdcc-28b3e3d8a5cc.roa (raw, json)
Hash identifier: HZxDmhQMx53Az4WxXQqz7dVw9FSAL3hxvpbdF7kR18A=
Subject key identifier: 40:A3:D1:CB:EA:97:36:49:B3:50:2D:30:24:F3:2B:1F:6E:E7:51:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B4A40BE13E55750E3AD96160D28274281EADD5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ab64f0c-c76e-4d78-bdcc-28b3e3d8a5cc.roa
Signing time: Tue 20 May 2025 19:40:23 +0000
ROA not before: Tue 20 May 2025 19:40:23 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:4a:40:be:13:e5:57:50:e3:ad:96:16:0d:28:27:42:81:ea:dd:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:23 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=6f4bd0fcb78d3288bb5ebbbf323a355c27231395493de6f5c842f3088c9b72b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a0:f6:34:ba:1f:42:c6:3b:e4:a5:61:cc:36:
1d:8f:97:08:64:9b:ed:83:a7:7a:37:e2:e6:b9:24:
ef:94:68:dc:57:16:98:80:bf:2d:b7:d1:11:10:b9:
75:92:e0:be:31:4d:18:eb:29:96:84:d0:52:2d:fd:
14:47:44:b4:e9:8e:0f:44:5f:b0:fb:c5:69:78:d9:
5d:7c:12:53:79:74:f0:d0:26:b0:1f:d0:5b:3c:0f:
31:01:4f:93:e3:2f:0d:8f:f2:57:98:f5:ad:ab:87:
f3:67:4a:a1:64:37:c0:ad:32:f7:ea:3d:66:52:f4:
56:c4:77:6d:1a:59:c2:06:ab:41:dd:4b:f7:a0:56:
d3:5a:1c:b3:4d:1d:d7:b4:cb:da:33:f0:87:96:95:
15:e2:12:d3:f3:3a:1a:d7:94:9e:b8:02:1e:0d:2c:
15:13:f9:43:d4:72:bc:22:a0:1f:cd:c9:56:63:1e:
0d:2f:bc:ef:b5:45:59:b6:c3:d8:76:37:9c:49:b0:
fb:c6:22:52:e8:da:d3:9b:65:ae:1a:14:83:ef:4b:
8c:44:0e:80:63:54:01:3b:1f:b5:5a:62:bc:0e:3e:
3b:5b:50:7a:99:ef:e3:37:08:a5:24:2d:7d:03:f9:
83:04:e7:a5:4b:c0:95:0d:0b:42:1b:fd:3d:2b:17:
7d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A3:D1:CB:EA:97:36:49:B3:50:2D:30:24:F3:2B:1F:6E:E7:51:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ab64f0c-c76e-4d78-bdcc-28b3e3d8a5cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:b000::/40
Signature Algorithm: sha256WithRSAEncryption
56:4c:0a:48:19:9a:01:6d:1d:25:d4:7d:e1:4f:32:14:f4:63:
74:11:51:6f:74:62:29:bc:02:29:bd:8d:59:ef:49:96:bd:4a:
1d:9d:33:01:be:f8:88:a1:1e:d0:b6:6f:43:50:44:94:ef:a7:
0a:41:b2:c1:19:47:3f:43:64:7d:26:a9:3a:2b:77:f2:3c:87:
6f:bf:33:72:89:38:b1:5e:ab:06:26:7f:38:4f:53:76:79:b7:
71:6f:99:7a:cf:49:5f:90:2a:83:c9:c9:ba:ed:8f:99:b0:3a:
86:58:40:42:e1:32:3b:82:5b:71:63:c8:d9:71:ca:85:2a:fc:
00:ad:6e:06:18:44:e5:26:b3:d1:31:c9:cb:fa:fa:67:3d:4a:
0f:01:76:cd:2c:7f:19:2c:1c:d3:3e:f5:b0:23:40:8d:c6:0a:
60:da:d2:4b:60:12:19:77:69:c8:c6:53:98:25:72:a5:e4:78:
56:5a:ea:f3:e9:f3:fb:5a:7e:61:86:88:d7:e1:c1:96:96:4b:
67:6b:d0:df:db:ac:46:85:a2:36:93:b8:19:0e:9d:4c:02:65:
82:0c:11:04:7e:db:17:83:02:82:ba:01:c5:2a:98:d1:2c:34:
3e:2f:f9:68:f5:ca:31:ff:27:69:ec:ea:de:8a:6f:fc:dc:df:
39:03:e3:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO0pAvhPlV1DjrZYWDSgnQoHq3VowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwMjNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmNGJkMGZjYjc4ZDMyODhiYjVlYmJiZjMyM2EzNTVjMjcyMzEzOTU0OTNk
ZTZmNWM4NDJmMzA4OGM5YjcyYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyg9jS6H0LGO+SlYcw2HY+XCGSb7YOnejfi5rkk75Ro3FcWmIC/LbfRERC5
dZLgvjFNGOsploTQUi39FEdEtOmOD0RfsPvFaXjZXXwSU3l08NAmsB/QWzwPMQFP
k+MvDY/yV5j1rauH82dKoWQ3wK0y9+o9ZlL0VsR3bRpZwgarQd1L96BW01ocs00d
17TL2jPwh5aVFeIS0/M6GteUnrgCHg0sFRP5Q9RyvCKgH83JVmMeDS+877VFWbbD
2HY3nEmw+8YiUuja05tlrhoUg+9LjEQOgGNUATsftVpivA4+O1tQepnv4zcIpSQt
fQP5gwTnpUvAlQ0LQhv9PSsXfTUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRAo9HL
6pc2SbNQLTAk8ysfbudR3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2FiNjRmMGMtYzc2ZS00ZDc4LWJkY2MtMjhiM2UzZDhhNWNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Huw
MA0GCSqGSIb3DQEBCwUAA4IBAQBWTApIGZoBbR0l1H3hTzIU9GN0EVFvdGIpvAIp
vY1Z70mWvUodnTMBvviIoR7Qtm9DUESU76cKQbLBGUc/Q2R9Jqk6K3fyPIdvvzNy
iTixXqsGJn84T1N2ebdxb5l6z0lfkCqDycm67Y+ZsDqGWEBC4TI7gltxY8jZccqF
KvwArW4GGETlJrPRMcnL+vpnPUoPAXbNLH8ZLBzTPvWwI0CNxgpg2tJLYBIZd2nI
xlOYJXKl5HhWWurz6fP7Wn5hhojX4cGWlktna9Df26xGhaI2k7gZDp1MAmWCDBEE
ftsXgwKCugHFKpjRLDQ+L/lo9cox/ydp7Oreim/83N85A+Nh
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:32 2025 by rpki-client