Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b67c662a-6e73-47c9-9455-74ad9ce3cdb3.roa
File: b67c662a-6e73-47c9-9455-74ad9ce3cdb3.roa (raw, json)
Hash identifier: 4PHVmB4jUNFU8I3+q9bVo8wtIzFt7qI+stt85jHQd7A=
Subject key identifier: D0:A1:E1:46:85:E3:97:E4:66:E9:C2:B6:D5:C8:7C:F9:37:C2:5D:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30E3C43F842F4A65E782BF57B6E4A2C2CE0E45E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b67c662a-6e73-47c9-9455-74ad9ce3cdb3.roa
Signing time: Sat 31 May 2025 00:50:07 +0000
ROA not before: Sat 31 May 2025 00:50:07 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:e3:c4:3f:84:2f:4a:65:e7:82:bf:57:b6:e4:a2:c2:ce:0e:45:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 00:50:07 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=32bc558573f39f612237611ed4a24c9b87474059711e3a9c517d50b0693186ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1b:c0:6a:57:c3:9e:90:41:b1:04:c6:b8:34:
32:ef:d5:92:5e:76:33:7a:6f:77:81:6c:40:42:e7:
45:55:b6:fe:8f:3e:f3:a0:36:98:e8:d8:b3:31:af:
40:2a:ee:20:df:b0:e3:61:57:30:74:9f:c8:51:32:
3b:8f:a5:1a:70:b7:35:e0:cd:a7:02:04:43:ad:8c:
aa:34:6c:84:02:c2:b3:3d:75:2d:3e:9b:ee:b4:34:
85:3f:d8:6f:0e:b4:75:2a:aa:38:3b:0c:9f:da:a5:
36:13:34:b8:70:c5:52:5c:db:4d:8d:7c:c1:f7:a3:
4a:0c:8d:21:64:91:b0:8f:70:50:f3:7e:7c:28:f8:
e6:94:6e:29:b0:10:1b:9c:b8:cb:a1:57:8d:e5:2e:
8f:a2:93:0f:20:08:ab:4c:02:c4:53:7c:dd:e3:69:
b9:3d:d8:f6:3f:6f:7e:43:2f:e1:bd:c4:16:de:e5:
fc:f8:58:89:13:12:15:e4:c7:ee:fe:17:0f:d2:93:
3d:72:b5:67:18:80:99:dd:5f:c6:e2:95:45:ae:60:
00:b9:86:87:f4:ea:45:af:01:0b:42:2d:f0:b8:d4:
3c:d3:96:5a:e3:1b:e2:1a:af:72:22:58:aa:9f:9a:
c0:60:fb:22:27:81:bf:69:18:c9:c5:5a:60:6c:fd:
45:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A1:E1:46:85:E3:97:E4:66:E9:C2:B6:D5:C8:7C:F9:37:C2:5D:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b67c662a-6e73-47c9-9455-74ad9ce3cdb3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:8000::/40
Signature Algorithm: sha256WithRSAEncryption
31:47:81:9b:f4:61:b9:c5:e1:0d:86:82:16:0b:c2:a4:ee:54:
3f:e7:d7:9f:a5:48:85:21:e2:c1:3a:f7:16:5a:ee:d7:89:ef:
ed:68:3e:ab:82:86:4e:5a:84:0b:0c:b4:08:6a:90:2e:4f:2d:
00:82:e8:ac:75:cc:28:d9:a6:45:d5:cb:eb:69:56:2f:73:e8:
1f:bb:d4:a9:8c:dc:6c:c7:d2:82:6a:6a:46:08:4f:81:89:d2:
05:f1:49:84:ed:92:13:cf:b7:66:b6:82:d0:ef:da:29:32:a4:
8f:08:6b:60:57:6c:54:92:74:01:02:20:af:3d:99:a9:70:2b:
7c:47:a2:e9:3d:70:8d:dd:f3:42:a7:98:35:08:30:92:6a:9f:
2d:bd:c4:7d:1e:56:f4:12:ff:76:e0:ab:55:54:30:8f:3f:e4:
81:35:0e:01:7c:d5:8d:f1:7f:ad:c0:67:26:ed:bf:5c:28:41:
87:19:9f:ab:72:10:af:03:ae:b1:37:d8:b4:2e:db:62:ae:49:
a5:07:5d:cd:9c:d0:40:7d:df:a5:c1:f9:e5:c1:cb:89:71:37:
71:12:9d:f7:10:4f:8d:ce:d0:d8:91:cf:4c:2e:b3:55:f6:c8:
aa:39:32:d7:05:0c:69:36:99:32:d0:c7:3b:99:bc:5c:c3:24:
08:3e:81:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMOPEP4QvSmXngr9XtuSiws4OReEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MzEwMDUwMDdaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyYmM1NTg1NzNmMzlmNjEyMjM3NjExZWQ0YTI0YzliODc0NzQwNTk3MTFl
M2E5YzUxN2Q1MGIwNjkzMTg2ZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQbwGpXw56QQbEExrg0Mu/Vkl52M3pvd4FsQELnRVW2/o8+86A2mOjYszGv
QCruIN+w42FXMHSfyFEyO4+lGnC3NeDNpwIEQ62MqjRshALCsz11LT6b7rQ0hT/Y
bw60dSqqODsMn9qlNhM0uHDFUlzbTY18wfejSgyNIWSRsI9wUPN+fCj45pRuKbAQ
G5y4y6FXjeUuj6KTDyAIq0wCxFN83eNpuT3Y9j9vfkMv4b3EFt7l/PhYiRMSFeTH
7v4XD9KTPXK1ZxiAmd1fxuKVRa5gALmGh/TqRa8BC0It8LjUPNOWWuMb4hqvciJY
qp+awGD7IieBv2kYycVaYGz9RT8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQoeFG
heOX5GbpwrbVyHz5N8JdDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjY3YzY2MmEtNmU3My00N2M5LTk0NTUtNzRhZDljZTNjZGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKA
MA0GCSqGSIb3DQEBCwUAA4IBAQAxR4Gb9GG5xeENhoIWC8Kk7lQ/59efpUiFIeLB
OvcWWu7Xie/taD6rgoZOWoQLDLQIapAuTy0Aguisdcwo2aZF1cvraVYvc+gfu9Sp
jNxsx9KCampGCE+BidIF8UmE7ZITz7dmtoLQ79opMqSPCGtgV2xUknQBAiCvPZmp
cCt8R6LpPXCN3fNCp5g1CDCSap8tvcR9Hlb0Ev924KtVVDCPP+SBNQ4BfNWN8X+t
wGcm7b9cKEGHGZ+rchCvA66xN9i0LttirkmlB13NnNBAfd+lwfnlwcuJcTdxEp33
EE+NztDYkc9MLrNV9siqOTLXBQxpNpky0Mc7mbxcwyQIPoEH
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:21 2025 by rpki-client