Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
File: 7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa (raw, json)
Hash identifier: qUGB28MyIf+F7yEQupMaj1DN00N6i9xVcbBYsQItoUU=
Subject key identifier: CA:8B:37:6C:38:ED:75:A0:73:74:31:AC:31:FC:72:79:1D:27:80:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 166B8851218F5EF7750DC8D6EC2518B125DD87D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
Signing time: Tue 20 May 2025 19:20:23 +0000
ROA not before: Tue 20 May 2025 19:20:23 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:6b:88:51:21:8f:5e:f7:75:0d:c8:d6:ec:25:18:b1:25:dd:87:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:20:23 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5aaec336a3a845c57bf75c1a64593cac3e017a6121cbc1eb61bc87c65c2443c6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:46:8c:c2:52:ff:de:ea:1b:4d:9c:fe:0b:ce:
12:90:d8:f0:a3:b3:03:e3:fb:52:a7:cb:26:dc:e7:
9a:fe:09:b7:a4:c0:e3:c8:bf:91:5d:a3:a4:b2:19:
37:fa:d7:c0:da:ca:57:51:1b:a2:f6:6c:37:f0:ec:
45:2e:64:2f:f7:bd:97:8a:65:e0:cd:44:36:77:8e:
fc:6b:7e:de:3c:3f:88:bc:51:ce:4b:35:c0:53:7b:
ac:7a:0b:08:90:ad:6d:74:c1:55:0f:65:ba:ac:e2:
d0:a2:fb:8c:f1:c8:8e:c6:06:74:bc:6b:81:30:4c:
97:2f:f3:69:0f:98:5c:9c:a6:b0:7a:46:10:87:bb:
d8:ed:22:b1:45:ab:d1:04:7f:6b:b1:0a:2d:8a:3e:
05:35:b8:f2:39:ca:28:f2:84:a9:be:62:e3:f0:21:
1b:59:6f:8f:7b:f6:e2:d7:e8:9f:ef:08:69:54:7c:
07:1a:0e:32:9d:b8:16:5a:c5:53:86:d4:29:c9:6d:
26:c0:ad:81:43:e4:4d:d7:40:d9:14:1e:04:5c:bd:
96:56:e8:12:99:5d:92:3c:a3:a8:6a:49:0e:52:7d:
3a:44:30:b7:cf:73:7d:b4:b7:99:d2:05:aa:e1:79:
0a:e8:b8:38:35:f8:b4:38:09:d2:5e:fa:79:e2:9a:
29:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8B:37:6C:38:ED:75:A0:73:74:31:AC:31:FC:72:79:1D:27:80:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6040::/46
Signature Algorithm: sha256WithRSAEncryption
96:32:09:0a:61:01:16:90:f9:6f:28:a8:a2:20:9f:5c:e8:ac:
45:9e:85:53:fe:ef:1e:8b:00:a2:54:e8:b1:3c:cc:44:37:65:
b4:69:99:1d:9f:66:74:b8:97:6a:d2:de:92:e2:4f:d0:9f:7e:
e0:bd:52:69:14:4c:e7:f0:13:c0:65:45:6e:f8:a6:bc:b0:77:
a7:d3:13:d0:fd:03:eb:e0:17:f3:70:a2:33:04:f8:71:a9:24:
b7:6e:75:ba:bd:64:1e:eb:52:a4:1f:fa:63:27:00:04:e4:44:
56:6f:05:77:d3:bf:6e:69:23:2b:45:c2:ac:04:21:92:35:57:
78:a8:8e:b4:3b:66:18:2c:8a:04:d4:0e:21:4e:b9:02:66:d3:
f0:63:fc:51:c1:12:d9:9b:68:a2:fc:ba:76:6a:52:f6:46:54:
ba:aa:63:33:23:d9:c1:65:41:c9:b4:5b:9e:c0:52:25:a9:39:
92:58:1a:18:b0:44:84:3c:da:d4:60:24:c8:71:01:24:ac:6e:
73:44:de:e7:27:57:0f:b3:9b:3e:16:a0:ef:83:15:fe:3c:2c:
7e:d2:47:0d:65:35:b1:fa:8e:77:f8:ca:56:44:01:36:cc:b5:
c6:06:20:0e:e7:9a:ca:f7:ef:a0:df:02:f9:14:c1:88:42:cf:
a9:1a:fa:08
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFmuIUSGPXvd1DcjW7CUYsSXdh9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIwMjNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhYWVjMzM2YTNhODQ1YzU3YmY3NWMxYTY0NTkzY2FjM2UwMTdhNjEyMWNi
YzFlYjYxYmM4N2M2NWMyNDQzYzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdGjMJS/97qG02c/gvOEpDY8KOzA+P7UqfLJtznmv4Jt6TA48i/kV2jpLIZ
N/rXwNrKV1EbovZsN/DsRS5kL/e9l4pl4M1ENneO/Gt+3jw/iLxRzks1wFN7rHoL
CJCtbXTBVQ9luqzi0KL7jPHIjsYGdLxrgTBMly/zaQ+YXJymsHpGEIe72O0isUWr
0QR/a7EKLYo+BTW48jnKKPKEqb5i4/AhG1lvj3v24tfon+8IaVR8BxoOMp24FlrF
U4bUKcltJsCtgUPkTddA2RQeBFy9llboEpldkjyjqGpJDlJ9OkQwt89zfbS3mdIF
quF5Cui4ODX4tDgJ0l76eeKaKVkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTKizds
OO11oHN0Mawx/HJ5HSeAPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzQwYzMtY2I2Ny00YTFmLWIzOTEtZmMwYmQ3NTRhNDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Htg
QDANBgkqhkiG9w0BAQsFAAOCAQEAljIJCmEBFpD5byiooiCfXOisRZ6FU/7vHosA
olTosTzMRDdltGmZHZ9mdLiXatLekuJP0J9+4L1SaRRM5/ATwGVFbvimvLB3p9MT
0P0D6+AX83CiMwT4cakkt251ur1kHutSpB/6YycABOREVm8Fd9O/bmkjK0XCrAQh
kjVXeKiOtDtmGCyKBNQOIU65AmbT8GP8UcES2Ztoovy6dmpS9kZUuqpjMyPZwWVB
ybRbnsBSJak5klgaGLBEhDza1GAkyHEBJKxuc0Te5ydXD7ObPhag74MV/jwsftJH
DWU1sfqOd/jKVkQBNsy1xgYgDueayvfvoN8C+RTBiELPqRr6CA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:12 2025 by rpki-client