Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
File: 7e690adc-099c-4d58-ad1b-856f693d90b3.roa (raw, json)
Hash identifier: b26uYu8QlNY3dtzLbHi3EcxF8m0/veKmm1LdAeH54WI=
Subject key identifier: C1:41:64:98:63:08:56:C5:AE:95:87:71:DF:0A:88:23:DA:E1:FB:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76C23F79FE8E076939FAF14834B332B1E66BF543
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
Signing time: Fri 06 Jun 2025 15:10:49 +0000
ROA not before: Fri 06 Jun 2025 15:10:49 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c2:3f:79:fe:8e:07:69:39:fa:f1:48:34:b3:32:b1:e6:6b:f5:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:49 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=33fd740f95a06332ebade6a828bd6aa1e15553fc77dd797bca3fda5352e6dcf0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:2b:e3:99:29:0e:dc:36:62:d3:51:69:d7:
9e:b7:6d:6b:06:71:bc:5e:69:f4:eb:e9:c5:b7:95:
01:ff:4a:e4:d7:e5:85:93:67:e9:a5:b9:89:f3:aa:
c9:ab:fc:01:c6:38:b7:5a:64:49:9c:46:46:9c:09:
5c:b1:44:01:f6:d5:ff:e7:97:04:83:2b:42:36:a4:
75:1c:00:ee:60:d9:63:d8:21:43:37:79:bd:c3:e6:
d6:02:6f:59:8f:b3:76:e4:87:93:ea:4e:72:9d:44:
31:32:b4:3e:3d:a7:7d:e6:b0:71:28:e3:8e:dd:c3:
22:2b:41:57:a6:98:cc:72:25:bb:65:4e:55:a9:3e:
c3:ba:51:88:53:76:9a:11:7a:5b:a9:37:f0:3d:0c:
a0:5b:97:ea:e7:40:56:03:3e:38:bf:bc:49:bc:ba:
83:6c:d7:98:08:41:0f:2a:70:5a:71:e8:19:44:97:
36:23:3f:87:87:1e:ed:01:df:c3:11:53:a1:b9:98:
eb:d4:20:08:83:18:14:00:6f:62:90:8d:78:01:e9:
6f:b8:da:3a:76:b1:b7:78:d5:91:e6:51:b9:aa:55:
6d:5a:cf:cc:b8:59:88:76:64:14:df:a9:96:49:f1:
62:ea:0d:62:f0:aa:a7:d3:14:b2:9c:f8:ca:d6:45:
b9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:41:64:98:63:08:56:C5:AE:95:87:71:DF:0A:88:23:DA:E1:FB:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:57:30:d5:71:9b:76:df:96:e9:ff:0a:ab:6c:65:cd:1d:b2:
57:5c:17:a5:0c:8f:33:05:8a:f5:10:18:04:50:35:24:6c:b6:
06:75:19:eb:c2:57:81:6b:a3:09:77:ef:66:36:b1:41:bc:4c:
a0:a8:7f:0d:97:f3:9d:2b:b7:c4:d3:d1:17:b7:3d:e8:0f:39:
0c:86:17:78:b9:71:21:46:66:17:16:56:9a:b3:5e:a1:6e:e8:
4e:c8:0c:91:92:75:5b:d2:5e:59:09:7b:ac:2e:cc:3a:32:a3:
1b:63:48:c3:b0:e4:39:96:75:31:50:4f:5f:fb:4b:c0:de:b8:
24:aa:37:05:04:89:01:5a:2d:7b:f3:5f:a4:a6:f1:39:61:ff:
d5:2a:fe:56:bd:9b:08:0a:da:0f:1b:13:98:98:2c:de:11:94:
60:db:3a:f7:af:32:e4:f4:ee:ab:63:79:d3:2b:2c:e4:ee:c2:
76:b2:f5:69:61:a4:95:09:87:ce:32:bd:a8:4a:82:a4:05:bf:
05:b3:76:53:4e:ad:fd:a8:8d:f6:83:10:fb:c1:51:67:6e:ce:
1f:1c:42:dc:60:b6:2b:fa:9e:34:72:29:8c:90:16:c2:7b:38:
0b:d8:c0:6d:06:84:a8:52:8f:19:bf:42:be:cb:79:37:44:aa:
06:cd:a8:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdsI/ef6OB2k5+vFINLMyseZr9UMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNDlaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZmQ3NDBmOTVhMDYzMzJlYmFkZTZhODI4YmQ2YWExZTE1NTUzZmM3N2Rk
Nzk3YmNhM2ZkYTUzNTJlNmRjZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/AK+OZKQ7cNmLTUWnXnrdtawZxvF5p9OvpxbeVAf9K5NflhZNn6aW5ifOq
yav8AcY4t1pkSZxGRpwJXLFEAfbV/+eXBIMrQjakdRwA7mDZY9ghQzd5vcPm1gJv
WY+zduSHk+pOcp1EMTK0Pj2nfeawcSjjjt3DIitBV6aYzHIlu2VOVak+w7pRiFN2
mhF6W6k38D0MoFuX6udAVgM+OL+8Sby6g2zXmAhBDypwWnHoGUSXNiM/h4ce7QHf
wxFTobmY69QgCIMYFABvYpCNeAHpb7jaOnaxt3jVkeZRuapVbVrPzLhZiHZkFN+p
lknxYuoNYvCqp9MUspz4ytZFueMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTBQWSY
YwhWxa6Vh3HfCogj2uH7fjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2U2OTBhZGMtMDk5Yy00ZDU4LWFkMWItODU2ZjY5M2Q5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQDIVzDVcZt235bp/wqrbGXNHbJXXBelDI8zBYr1
EBgEUDUkbLYGdRnrwleBa6MJd+9mNrFBvEygqH8Nl/OdK7fE09EXtz3oDzkMhhd4
uXEhRmYXFlaas16hbuhOyAyRknVb0l5ZCXusLsw6MqMbY0jDsOQ5lnUxUE9f+0vA
3rgkqjcFBIkBWi1781+kpvE5Yf/VKv5WvZsICtoPGxOYmCzeEZRg2zr3rzLk9O6r
Y3nTKyzk7sJ2svVpYaSVCYfOMr2oSoKkBb8Fs3ZTTq39qI32gxD7wVFnbs4fHELc
YLYr+p40cimMkBbCezgL2MBtBoSoUo8Zv0K+y3k3RKoGzaiv
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:56 2025 by rpki-client