Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
File: ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa (raw, json)
Hash identifier: wL7P773HweWQdN90K0U+E4TyJ2LXRUPetr7c7XSeqFQ=
Subject key identifier: 1E:51:8C:7C:21:CD:04:64:7B:6F:E4:75:60:9A:5C:4D:F5:E5:75:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0817DE4E335FE0102482F9AE6261E7EF7218A41C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
Signing time: Fri 06 Jun 2025 15:10:18 +0000
ROA not before: Fri 06 Jun 2025 15:10:18 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:17:de:4e:33:5f:e0:10:24:82:f9:ae:62:61:e7:ef:72:18:a4:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:18 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=81b638c4a13dd6d3a7d31271185101ffd789dc369cad15dbbe52510932a9336a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6a:7a:e1:e7:08:d4:95:d1:7c:c8:a8:48:14:
bc:95:2e:77:c5:5c:0b:b0:ab:1e:03:de:ba:18:12:
89:47:f6:6f:14:13:d7:9e:ad:a0:49:50:63:0f:d0:
34:54:d8:83:f8:4c:a2:ec:d9:65:75:bd:98:0b:d1:
bf:c4:cd:f1:8a:e0:ed:9c:77:66:1d:7a:b6:8c:2e:
c5:30:2e:8c:bd:c7:31:59:5c:d3:91:ac:b1:ce:8f:
bf:a1:00:9c:d2:60:c1:22:c2:c1:31:69:07:d4:d7:
b6:7d:f2:51:c3:5f:20:22:1e:ab:10:6d:c9:79:1d:
97:7d:15:50:30:5f:3b:d2:f6:80:8d:c5:e4:51:5a:
7d:aa:71:d9:1a:38:6a:f6:c8:ef:5c:c6:14:fa:9f:
6e:21:c1:e1:5f:01:a4:42:68:a5:ed:62:26:77:0a:
e8:23:ff:ab:ad:8d:67:7b:75:68:52:69:85:76:28:
71:51:43:3f:02:a2:a2:3e:49:4f:72:26:56:51:c9:
76:d1:24:b5:49:16:1a:0a:a7:5f:d0:fa:f2:9f:11:
92:36:30:64:92:b7:05:83:bd:0f:30:90:5b:da:39:
95:21:f4:26:d4:02:cf:19:09:94:d7:be:9c:fd:f8:
df:cd:d8:6f:4c:1a:40:b0:91:b2:a9:b1:93:a2:38:
ef:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:51:8C:7C:21:CD:04:64:7B:6F:E4:75:60:9A:5C:4D:F5:E5:75:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:88:4c:f7:da:bd:ed:a5:04:f1:9b:2f:42:e1:ea:9e:e4:50:
cd:28:a0:1b:76:3f:b5:a7:93:68:52:5e:64:bb:37:b6:97:f2:
f2:bb:a1:d3:81:2f:98:f9:89:e5:bb:af:c9:4f:d3:93:fb:27:
ff:47:88:fe:f8:9d:72:58:d9:a6:57:6b:96:69:ba:9e:39:70:
75:04:a5:ba:70:12:4a:3f:9f:46:0d:6c:f0:f7:74:cc:17:9f:
f2:af:cb:0e:1c:c3:7c:a8:8a:f8:89:1f:85:db:c2:ad:54:59:
ad:a7:58:4e:24:68:eb:f6:1d:a4:15:1b:f3:c7:3e:63:b4:1a:
c9:1b:2c:9e:d0:18:ee:68:da:e6:ce:87:b3:6b:4a:5a:b3:f5:
fb:e1:95:2e:30:4c:e0:6a:a0:11:80:73:ff:d2:4b:26:a6:d4:
9e:3d:79:c0:c5:32:20:24:ff:4c:8d:86:05:ba:d6:8a:b2:c6:
9c:07:af:c0:4c:10:5d:54:bf:5a:37:db:5c:56:41:aa:02:06:
ea:e9:20:4f:e3:11:05:da:aa:13:68:d7:40:f7:16:5c:3b:13:
e2:09:fb:81:04:26:a9:dc:f8:ad:d9:8d:bd:28:23:18:7c:93:
b9:19:14:2e:18:ac:cf:8c:d7:d8:85:1c:be:a1:8a:b7:e9:ae:
b4:e9:2c:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCBfeTjNf4BAkgvmuYmHn73IYpBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwMThaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxYjYzOGM0YTEzZGQ2ZDNhN2QzMTI3MTE4NTEwMWZmZDc4OWRjMzY5Y2Fk
MTVkYmJlNTI1MTA5MzJhOTMzNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVqeuHnCNSV0XzIqEgUvJUud8VcC7CrHgPeuhgSiUf2bxQT156toElQYw/Q
NFTYg/hMouzZZXW9mAvRv8TN8Yrg7Zx3Zh16towuxTAujL3HMVlc05Gssc6Pv6EA
nNJgwSLCwTFpB9TXtn3yUcNfICIeqxBtyXkdl30VUDBfO9L2gI3F5FFafapx2Ro4
avbI71zGFPqfbiHB4V8BpEJope1iJncK6CP/q62NZ3t1aFJphXYocVFDPwKioj5J
T3ImVlHJdtEktUkWGgqnX9D68p8RkjYwZJK3BYO9DzCQW9o5lSH0JtQCzxkJlNe+
nP34383Yb0waQLCRsqmxk6I470ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQeUYx8
Ic0EZHtv5HVgmlxN9eV1mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWM3ZDE2NTMtMmZhMy00ODE3LThlMDAtODdlNmMzZjJhOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQDAiEz32r3tpQTxmy9C4eqe5FDNKKAbdj+1p5No
Ul5kuze2l/Lyu6HTgS+Y+Ynlu6/JT9OT+yf/R4j++J1yWNmmV2uWabqeOXB1BKW6
cBJKP59GDWzw93TMF5/yr8sOHMN8qIr4iR+F28KtVFmtp1hOJGjr9h2kFRvzxz5j
tBrJGyye0BjuaNrmzoeza0pas/X74ZUuMEzgaqARgHP/0ksmptSePXnAxTIgJP9M
jYYFutaKssacB6/ATBBdVL9aN9tcVkGqAgbq6SBP4xEF2qoTaNdA9xZcOxPiCfuB
BCap3Pit2Y29KCMYfJO5GRQuGKzPjNfYhRy+oYq36a606Sw1
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:06 2025 by rpki-client