Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
File: 9cdad1cc-641a-4187-9b79-fc696cb535f5.roa (raw, json)
Hash identifier: UJifWtzWVjvljApo21AL6Gq/vjNkA4Bj4yv9Pvwrul8=
Subject key identifier: 72:03:FC:29:9D:E6:7F:18:3C:88:7D:70:65:E0:90:2A:40:E8:12:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21C41622C2399F5F343D03B07F3C961309D873ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
Signing time: Tue 10 Jun 2025 17:21:15 +0000
ROA not before: Tue 10 Jun 2025 17:21:15 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c4:16:22:c2:39:9f:5f:34:3d:03:b0:7f:3c:96:13:09:d8:73:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:15 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=cc66aaac32d752881a958dad18e9e9b6565efd1f7d9b7cf80f9586819dabcd59, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3d:98:7e:7d:6a:cc:89:a5:95:b5:43:e9:61:
cb:aa:90:ff:1a:d0:cc:8c:2d:52:1f:b0:ef:03:b5:
7c:ef:67:16:1d:d7:70:fc:d9:80:8d:4b:e3:33:64:
88:c3:48:fe:f5:11:3a:47:ed:2a:af:d5:39:13:e2:
a9:a8:f3:ba:dc:3c:b2:1c:6a:d5:37:95:f3:1d:a6:
4e:73:b2:4b:6a:b8:75:99:df:77:39:f2:bb:26:43:
04:cf:b0:2f:3e:b6:53:92:87:0c:f0:98:9d:cf:da:
20:ac:d6:e5:8c:eb:10:9b:da:33:4e:27:a5:c6:b9:
41:36:db:6c:6b:5c:0d:e3:71:7e:13:8d:8f:59:b5:
b9:c7:f5:81:20:eb:4b:e4:90:d4:b0:43:f4:15:9f:
9e:33:0e:31:5b:43:ab:43:7d:ae:b7:72:e1:6e:13:
a4:a2:d8:99:d9:91:28:a9:83:27:d7:46:b4:88:c0:
3c:4e:34:2d:99:1c:a4:3a:67:d6:c7:bc:70:90:74:
8f:cd:64:97:0b:39:49:00:94:7e:d6:f7:5c:55:ee:
0c:3a:47:eb:2e:88:e9:28:16:83:cb:b6:41:6e:73:
0e:78:b7:f1:88:63:dd:cf:99:c1:46:96:f9:21:3b:
cc:6b:ce:e4:08:75:37:d3:3f:cc:d8:d5:62:33:5d:
7a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:03:FC:29:9D:E6:7F:18:3C:88:7D:70:65:E0:90:2A:40:E8:12:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:800::/40
Signature Algorithm: sha256WithRSAEncryption
6e:18:a0:f2:40:ac:b2:83:e0:50:00:bf:2f:b7:b4:d8:22:ce:
98:f3:f9:a3:c1:1e:fb:d1:e6:c2:e9:d8:3e:5e:bd:ff:d8:1f:
26:2e:39:cf:4d:e8:dd:c7:ef:a2:3a:02:f4:e1:7d:e4:3b:d5:
4e:11:3c:b1:e7:3b:fb:42:f7:6a:59:59:09:9b:77:31:17:b3:
6b:4e:0f:fe:4c:1c:d2:11:43:d5:c6:6e:ed:f9:8e:6b:4d:fd:
1f:d2:cc:41:43:de:b6:bd:b5:d9:09:7e:cf:4a:37:18:dc:50:
08:e7:34:40:b6:10:85:78:d9:81:b5:6d:91:40:4c:cd:31:8a:
e9:0d:85:32:bd:5e:43:59:a2:11:24:97:a6:82:50:83:0e:84:
0e:c0:6d:af:8a:62:33:89:f3:2b:8f:8f:9a:c1:8f:0b:d5:02:
cc:33:b5:6d:1e:ac:ee:14:18:ef:41:39:6a:1e:e4:d2:35:a2:
47:6d:9e:7f:cf:ac:7c:42:fd:25:83:e7:91:9e:e1:1e:d9:87:
5b:de:50:d7:ce:fc:5e:6d:79:fd:b3:67:34:e2:48:7e:8f:fa:
1c:e2:aa:f2:09:44:f0:f8:7b:6b:94:75:97:03:38:5a:1e:9b:
45:e1:cd:9c:ab:67:b5:dc:55:4f:88:e6:75:cf:87:52:21:13:
e9:f3:9f:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIcQWIsI5n180PQOwfzyWEwnYc+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMTVaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjNjZhYWFjMzJkNzUyODgxYTk1OGRhZDE4ZTllOWI2NTY1ZWZkMWY3ZDli
N2NmODBmOTU4NjgxOWRhYmNkNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKI9mH59asyJpZW1Q+lhy6qQ/xrQzIwtUh+w7wO1fO9nFh3XcPzZgI1L4zNk
iMNI/vUROkftKq/VORPiqajzutw8shxq1TeV8x2mTnOyS2q4dZnfdznyuyZDBM+w
Lz62U5KHDPCYnc/aIKzW5YzrEJvaM04npca5QTbbbGtcDeNxfhONj1m1ucf1gSDr
S+SQ1LBD9BWfnjMOMVtDq0N9rrdy4W4TpKLYmdmRKKmDJ9dGtIjAPE40LZkcpDpn
1se8cJB0j81klws5SQCUftb3XFXuDDpH6y6I6SgWg8u2QW5zDni38Yhj3c+ZwUaW
+SE7zGvO5Ah1N9M/zNjVYjNdel0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyA/wp
neZ/GDyIfXBl4JAqQOgSbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWNkYWQxY2MtNjQxYS00MTg3LTliNzktZmM2OTZjYjUzNWY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8I
MA0GCSqGSIb3DQEBCwUAA4IBAQBuGKDyQKyyg+BQAL8vt7TYIs6Y8/mjwR770ebC
6dg+Xr3/2B8mLjnPTejdx++iOgL04X3kO9VOETyx5zv7QvdqWVkJm3cxF7NrTg/+
TBzSEUPVxm7t+Y5rTf0f0sxBQ962vbXZCX7PSjcY3FAI5zRAthCFeNmBtW2RQEzN
MYrpDYUyvV5DWaIRJJemglCDDoQOwG2vimIzifMrj4+awY8L1QLMM7VtHqzuFBjv
QTlqHuTSNaJHbZ5/z6x8Qv0lg+eRnuEe2Ydb3lDXzvxebXn9s2c04kh+j/oc4qry
CUTw+HtrlHWXAzhaHptF4c2cq2e13FVPiOZ1z4dSIRPp85+5
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:30 2025 by rpki-client