Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c9758f-7e15-4a7f-a85d-17f82d36dc5d.roa
File: d1c9758f-7e15-4a7f-a85d-17f82d36dc5d.roa (raw, json)
Hash identifier: j8Y/JW2Tm3lQFjH0RqiYqdv9YISURjIVFhV8hXDB6/4=
Subject key identifier: 59:69:5A:52:89:7B:34:88:B9:F8:E4:FF:D2:5B:53:65:97:83:CF:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CE342C8D92B1ADDEA22097CF4C135EFC11B3009
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c9758f-7e15-4a7f-a85d-17f82d36dc5d.roa
Signing time: Tue 20 May 2025 19:51:56 +0000
ROA not before: Tue 20 May 2025 19:51:56 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:20c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:e3:42:c8:d9:2b:1a:dd:ea:22:09:7c:f4:c1:35:ef:c1:1b:30:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:51:56 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4181896934f0987e137adcfb45aa8fdaa96865cf6f03c3d5e1f91d038541cfbc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:69:cc:88:7b:f2:ee:2b:d7:e6:bc:96:29:36:
3c:0b:0c:e0:42:4b:d6:6d:59:77:af:fb:f7:72:55:
5a:88:c2:00:2e:6e:4c:f1:72:7e:94:56:d0:0f:ed:
35:21:7d:43:fa:ed:f6:e8:ab:11:49:8d:87:72:d1:
32:6e:b3:ac:ff:6f:6a:77:ac:c7:ec:ee:e9:97:b2:
df:dc:5c:c3:82:34:a8:6c:c8:63:d3:6d:a8:76:cf:
44:ee:99:5b:6d:f9:0f:d5:9f:2d:cd:e9:39:f0:a0:
0f:01:8e:5e:78:2d:1c:8d:e5:2c:95:04:a9:88:af:
79:fa:aa:60:51:c5:dc:a9:6b:9e:7c:22:29:2e:85:
4c:c1:23:80:02:a0:2b:2b:5e:8d:b3:c4:50:41:dd:
4a:58:b6:e3:94:4f:f5:42:eb:51:88:ea:83:a0:14:
8a:31:9e:09:a4:e2:c5:ae:9f:ee:3d:e9:28:6b:7f:
46:1a:58:84:f9:d1:de:42:23:63:6b:47:66:51:04:
19:22:37:06:67:21:07:ab:0a:ea:ed:1f:6d:e0:04:
f6:04:cc:0a:5a:f2:1e:01:72:d7:37:64:71:58:ee:
47:38:32:2c:10:b1:08:54:c1:54:29:4e:eb:b2:51:
80:0b:a7:b1:8d:8b:47:5f:6f:83:79:89:c2:e4:9e:
77:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:69:5A:52:89:7B:34:88:B9:F8:E4:FF:D2:5B:53:65:97:83:CF:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c9758f-7e15-4a7f-a85d-17f82d36dc5d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:20c0::/46
Signature Algorithm: sha256WithRSAEncryption
1a:ea:f2:3a:97:fb:26:a8:21:14:b1:25:76:d8:b8:60:56:fa:
57:f7:36:dd:b9:f5:00:c9:f9:21:76:7b:09:01:b6:ce:6f:1b:
1e:7f:30:3b:b1:e6:a3:56:9a:37:15:36:f7:6e:12:97:a5:c3:
dd:4b:22:b4:d8:5b:3d:b6:76:09:8f:2b:c3:cb:7a:9d:09:ca:
6b:6e:8d:34:5d:f0:8f:4d:9a:8b:fa:c3:6c:79:45:54:23:31:
aa:78:f9:f7:d9:d1:03:1c:2b:36:0f:79:10:65:50:96:92:53:
a5:f4:42:0e:db:4f:f1:77:93:3a:d5:0e:9a:08:a5:fb:fb:d5:
56:21:b1:75:dd:c0:d3:e6:c9:22:bc:fc:83:db:e7:9d:8f:62:
8e:40:71:c4:51:f6:67:69:4d:4d:9d:9e:9f:b8:5e:c5:ad:88:
55:ad:62:46:0f:ac:31:ae:32:1b:ee:86:43:02:5a:aa:86:73:
e0:df:5c:3f:f8:7b:ce:14:51:48:2a:be:f5:49:90:39:72:b5:
98:2f:55:c9:e9:36:c1:00:8b:e0:2e:d4:9e:d9:00:fe:55:53:
ec:43:43:61:0e:16:74:20:93:2a:89:01:10:24:94:49:12:5e:
81:e5:c8:bb:32:55:32:20:05:cb:4c:cd:7c:36:53:20:6e:b3:
01:42:8d:5d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfONCyNkrGt3qIgl89ME178EbMAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTUxNTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxODE4OTY5MzRmMDk4N2UxMzdhZGNmYjQ1YWE4ZmRhYTk2ODY1Y2Y2ZjAz
YzNkNWUxZjkxZDAzODU0MWNmYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZpzIh78u4r1+a8lik2PAsM4EJL1m1Zd6/793JVWojCAC5uTPFyfpRW0A/t
NSF9Q/rt9uirEUmNh3LRMm6zrP9vanesx+zu6Zey39xcw4I0qGzIY9NtqHbPRO6Z
W235D9WfLc3pOfCgDwGOXngtHI3lLJUEqYivefqqYFHF3KlrnnwiKS6FTMEjgAKg
KytejbPEUEHdSli245RP9ULrUYjqg6AUijGeCaTixa6f7j3pKGt/RhpYhPnR3kIj
Y2tHZlEEGSI3BmchB6sK6u0fbeAE9gTMClryHgFy1zdkcVjuRzgyLBCxCFTBVClO
67JRgAunsY2LR19vg3mJwuSed3ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRZaVpS
iXs0iLn45P/SW1Nll4PPaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFjOTc1OGYtN2UxNS00YTdmLWE4NWQtMTdmODJkMzZkYzVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hsg
wDANBgkqhkiG9w0BAQsFAAOCAQEAGuryOpf7JqghFLEldti4YFb6V/c23bn1AMn5
IXZ7CQG2zm8bHn8wO7Hmo1aaNxU2924Sl6XD3UsitNhbPbZ2CY8rw8t6nQnKa26N
NF3wj02ai/rDbHlFVCMxqnj599nRAxwrNg95EGVQlpJTpfRCDttP8XeTOtUOmgil
+/vVViGxdd3A0+bJIrz8g9vnnY9ijkBxxFH2Z2lNTZ2en7hexa2IVa1iRg+sMa4y
G+6GQwJaqoZz4N9cP/h7zhRRSCq+9UmQOXK1mC9Vyek2wQCL4C7UntkA/lVT7END
YQ4WdCCTKokBECSUSRJegeXIuzJVMiAFy0zNfDZTIG6zAUKNXQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:31 2025 by rpki-client