Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
File: a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa (raw, json)
Hash identifier: 2nhfy7uDLeInUnRSc6u8aKllEqCSonIqEeHjFaUKIuw=
Subject key identifier: 08:0A:45:01:A4:7F:0F:EC:F1:63:A8:8B:15:2F:30:1E:3B:53:32:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65E81AF265F9C73F575DE12F37E505EFA167F73F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
Signing time: Tue 03 Jun 2025 20:53:50 +0000
ROA not before: Tue 03 Jun 2025 20:53:50 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:e8:1a:f2:65:f9:c7:3f:57:5d:e1:2f:37:e5:05:ef:a1:67:f7:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 20:53:50 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=08da1313cc2f4e8f9e45ca68d6e6801368f9b683fa2c066de4cd7a7bbfcd91c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:59:66:19:8a:8f:53:53:15:03:60:4f:0a:1b:
c7:14:50:53:03:57:1e:39:8b:4f:e8:99:4b:39:39:
e7:e5:fe:e4:6a:8a:5d:ea:5a:0f:e5:76:ee:f1:15:
9b:e7:fa:e7:e6:96:2c:e1:29:58:e2:01:97:0f:9e:
4a:09:56:0f:72:dd:57:46:02:4c:a8:a3:88:63:c4:
14:a8:63:c3:94:29:4c:12:8e:2e:f5:02:ef:25:9a:
8b:95:64:53:9d:b7:32:d8:87:11:99:de:34:1b:d5:
dd:e6:1a:73:d8:db:22:7d:b5:00:39:f9:a0:ae:44:
21:94:ad:92:92:d9:f8:ae:29:01:dc:bc:1e:bc:75:
7c:95:80:ca:c9:a4:44:44:69:e0:a6:26:db:8f:ee:
c4:41:00:7f:26:52:d8:e2:57:ba:ad:fb:3d:85:60:
61:3d:76:65:e1:f1:50:dc:bb:8d:bd:5a:44:a3:51:
a1:7b:1f:a8:0c:7e:b9:c0:00:21:3d:f6:02:8f:21:
0f:dd:e7:1d:2b:a3:8c:ef:58:29:72:6e:94:8e:29:
9a:6e:2a:1c:42:71:e1:1c:7f:3d:8f:c8:41:47:bf:
44:3f:b7:b7:40:ba:12:4c:71:35:3f:8d:fa:19:2b:
43:ff:a9:45:23:a1:90:67:5b:2e:a2:3f:76:10:d3:
ef:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:0A:45:01:A4:7F:0F:EC:F1:63:A8:8B:15:2F:30:1E:3B:53:32:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:b000::/40
Signature Algorithm: sha256WithRSAEncryption
32:66:97:f2:24:ec:4d:f8:31:96:1e:24:6e:57:d6:f2:62:8a:
b0:9b:c6:3b:3f:20:5a:6a:30:e1:64:6a:ff:a3:2b:ca:de:0f:
f0:97:e5:c6:c6:8f:98:9c:56:a4:c8:97:58:5c:4c:0b:5e:64:
8e:40:11:45:6c:0d:fe:da:a8:83:95:ec:55:04:1a:d5:87:4f:
c3:3b:a9:9e:e0:e2:09:17:1c:9f:4b:4f:94:7c:48:96:aa:fc:
6c:ed:98:b5:01:47:88:d9:4a:da:84:51:c1:8a:72:ef:bd:6a:
19:16:1a:b2:86:e7:c9:d4:bd:94:15:07:5b:28:0a:cd:31:8e:
d1:49:04:5d:f5:98:85:01:32:51:ab:ec:b2:0b:44:4d:69:6f:
be:f1:9c:83:f9:90:52:32:ec:dd:79:f8:dc:00:73:71:36:23:
4b:70:35:00:94:93:71:fb:57:74:9d:00:31:a5:b0:80:22:97:
60:8a:64:aa:28:87:b2:33:18:f1:45:b1:a6:d7:93:75:34:6d:
42:3c:67:eb:67:d8:f4:3d:1a:32:99:52:0e:28:a4:19:70:2b:
51:26:f1:e2:fe:69:10:9a:42:c6:19:bd:ca:94:00:29:44:b2:
7c:19:a1:53:bd:73:f6:72:47:58:f6:91:de:50:a6:e2:d3:d9:
6b:41:04:7d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZega8mX5xz9XXeEvN+UF76Fn9z8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMyMDUzNTBaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4ZGExMzEzY2MyZjRlOGY5ZTQ1Y2E2OGQ2ZTY4MDEzNjhmOWI2ODNmYTJj
MDY2ZGU0Y2Q3YTdiYmZjZDkxYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJZZhmKj1NTFQNgTwobxxRQUwNXHjmLT+iZSzk55+X+5GqKXepaD+V27vEV
m+f65+aWLOEpWOIBlw+eSglWD3LdV0YCTKijiGPEFKhjw5QpTBKOLvUC7yWai5Vk
U523MtiHEZneNBvV3eYac9jbIn21ADn5oK5EIZStkpLZ+K4pAdy8Hrx1fJWAysmk
RERp4KYm24/uxEEAfyZS2OJXuq37PYVgYT12ZeHxUNy7jb1aRKNRoXsfqAx+ucAA
IT32Ao8hD93nHSujjO9YKXJulI4pmm4qHEJx4Rx/PY/IQUe/RD+3t0C6EkxxNT+N
+hkrQ/+pRSOhkGdbLqI/dhDT7/UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQICkUB
pH8P7PFjqIsVLzAeO1MyajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc4YWVmYjQtZDFlYi00YTExLTk4OTktYmY2NzI5ZTE4Y2NkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSw
MA0GCSqGSIb3DQEBCwUAA4IBAQAyZpfyJOxN+DGWHiRuV9byYoqwm8Y7PyBaajDh
ZGr/oyvK3g/wl+XGxo+YnFakyJdYXEwLXmSOQBFFbA3+2qiDlexVBBrVh0/DO6me
4OIJFxyfS0+UfEiWqvxs7Zi1AUeI2UrahFHBinLvvWoZFhqyhufJ1L2UFQdbKArN
MY7RSQRd9ZiFATJRq+yyC0RNaW++8ZyD+ZBSMuzdefjcAHNxNiNLcDUAlJNx+1d0
nQAxpbCAIpdgimSqKIeyMxjxRbGm15N1NG1CPGfrZ9j0PRoymVIOKKQZcCtRJvHi
/mkQmkLGGb3KlAApRLJ8GaFTvXP2ckdY9pHeUKbi09lrQQR9
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:33 2025 by rpki-client