Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
File: c3736673-707b-4dfc-aca4-88dcbb52a94d.roa (raw, json)
Hash identifier: eWvPN7eyBroyWBxn3x1jJZb5/kkEUfezSF9K+3i+xBg=
Subject key identifier: 46:DC:4E:E1:5B:11:33:A7:A6:FB:32:2A:53:3E:E8:43:73:B4:C2:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DF5C73337EADDEE964CB48BFD29779D06FE2D19
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
Signing time: Tue 10 Jun 2025 17:21:04 +0000
ROA not before: Tue 10 Jun 2025 17:21:04 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:f5:c7:33:37:ea:dd:ee:96:4c:b4:8b:fd:29:77:9d:06:fe:2d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:04 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=650bb5a08e0ea1a704ccfaa88caab501ac976b10fc1b8527f4e169917c5fde8e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:68:cf:72:4e:68:7c:b8:b2:50:a7:d5:8e:32:
6c:e7:ad:b2:51:1f:14:a3:4a:36:c5:0b:97:3c:89:
cf:93:c7:f2:46:2f:a2:8f:7e:15:08:2d:8e:db:f8:
9a:90:08:5e:ca:3a:3e:48:67:b5:09:6f:cf:96:96:
d7:8b:a8:c8:6a:e4:9b:bf:a9:48:42:cc:bc:34:59:
22:a7:5b:12:52:44:09:74:63:c9:21:37:85:c1:ac:
df:a6:f2:c8:3b:de:9e:78:1f:3b:1d:48:73:96:e7:
3f:42:2c:96:9b:80:8b:e2:87:5d:72:08:e4:2e:c9:
f0:04:c5:a8:ed:0a:c9:0d:87:60:63:b1:b2:5e:f7:
f0:52:b3:a2:13:1e:2c:64:8e:8f:43:2c:d6:e4:97:
a7:97:4b:da:d6:85:2f:63:d1:90:e0:a6:4f:74:63:
ac:f4:e3:ae:4c:85:0a:03:4d:51:3d:fe:b6:45:10:
52:d8:cd:11:10:ad:2c:8d:ee:bf:fb:68:f5:ee:6c:
7e:b3:8b:16:1d:b2:a9:f5:ad:b8:8a:ad:2a:4f:8a:
65:f2:b7:9d:93:ed:17:37:f3:b3:39:5f:21:be:45:
67:e2:65:98:2f:36:42:11:aa:aa:f3:e6:25:d5:31:
9d:05:6d:52:b8:14:f6:41:80:b4:5a:18:ba:4f:5a:
85:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:DC:4E:E1:5B:11:33:A7:A6:FB:32:2A:53:3E:E8:43:73:B4:C2:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:800::/40
Signature Algorithm: sha256WithRSAEncryption
1a:f1:13:77:c8:ac:a1:72:c1:df:d1:8c:c0:7a:74:98:61:ee:
87:1a:05:b7:8b:d6:d9:d6:fb:a8:d0:8e:d5:52:d5:54:44:b7:
c3:02:4f:13:68:05:ab:1e:37:67:20:37:8c:0c:d0:90:67:ec:
ef:9c:f0:58:ac:1b:26:72:26:9e:99:a0:f9:8c:46:2e:de:70:
cc:d0:aa:9f:07:95:65:ec:ca:b6:01:af:a4:7f:57:62:f2:3b:
46:3c:7e:ea:c5:64:66:05:61:ed:0f:ec:49:f6:08:b9:e6:40:
24:ab:dc:2a:38:2c:d0:7d:e8:3a:63:7b:b7:d3:90:cf:a7:6a:
f2:69:87:c8:dd:38:f2:24:cc:84:2f:8d:97:bb:16:46:d8:62:
5b:59:4b:80:c0:f6:3c:c5:07:3e:b3:a9:08:d2:21:c1:30:f7:
ed:31:aa:3d:20:86:e4:04:ef:0e:1c:67:72:28:b5:4f:ac:4f:
5f:12:60:a8:e4:d0:c4:9b:1a:fa:41:0f:79:9e:f4:ae:87:9d:
b9:48:ec:e5:43:57:61:ae:c0:b3:cf:91:79:cc:fb:85:09:d1:
c5:4d:48:e0:15:b1:12:14:0d:19:a3:68:e3:cd:65:7e:dc:61:
51:ea:9e:84:cd:7f:50:59:8d:b6:8f:d0:73:b0:28:44:ad:f4:
19:58:0d:b5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUffXHMzfq3e6WTLSL/Sl3nQb+LRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMDRaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1MGJiNWEwOGUwZWExYTcwNGNjZmFhODhjYWFiNTAxYWM5NzZiMTBmYzFi
ODUyN2Y0ZTE2OTkxN2M1ZmRlOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1oz3JOaHy4slCn1Y4ybOetslEfFKNKNsULlzyJz5PH8kYvoo9+FQgtjtv4
mpAIXso6PkhntQlvz5aW14uoyGrkm7+pSELMvDRZIqdbElJECXRjySE3hcGs36by
yDvenngfOx1Ic5bnP0IslpuAi+KHXXII5C7J8ATFqO0KyQ2HYGOxsl738FKzohMe
LGSOj0Ms1uSXp5dL2taFL2PRkOCmT3RjrPTjrkyFCgNNUT3+tkUQUtjNERCtLI3u
v/to9e5sfrOLFh2yqfWtuIqtKk+KZfK3nZPtFzfzszlfIb5FZ+JlmC82QhGqqvPm
JdUxnQVtUrgU9kGAtFoYuk9ahY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRG3E7h
WxEzp6b7MipTPuhDc7TCjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM3MzY2NzMtNzA3Yi00ZGZjLWFjYTQtODhkY2JiNTJhOTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HgI
MA0GCSqGSIb3DQEBCwUAA4IBAQAa8RN3yKyhcsHf0YzAenSYYe6HGgW3i9bZ1vuo
0I7VUtVURLfDAk8TaAWrHjdnIDeMDNCQZ+zvnPBYrBsmciaemaD5jEYu3nDM0Kqf
B5Vl7Mq2Aa+kf1di8jtGPH7qxWRmBWHtD+xJ9gi55kAkq9wqOCzQfeg6Y3u305DP
p2ryaYfI3TjyJMyEL42XuxZG2GJbWUuAwPY8xQc+s6kI0iHBMPftMao9IIbkBO8O
HGdyKLVPrE9fEmCo5NDEmxr6QQ95nvSuh525SOzlQ1dhrsCzz5F5zPuFCdHFTUjg
FbESFA0Zo2jjzWV+3GFR6p6EzX9QWY22j9BzsChErfQZWA21
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:55 2025 by rpki-client