Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
File: e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa (raw, json)
Hash identifier: YELbaCsryUOgPS87ILGwjn0aDQNg2fuIWD8xmW11/VI=
Subject key identifier: 83:8F:7E:4E:2C:70:BF:03:CB:99:92:5F:6E:B4:B4:00:80:04:8F:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 120F58444073BA2870E02D16BCD9AFF823847BE0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
Signing time: Tue 20 May 2025 20:01:22 +0000
ROA not before: Tue 20 May 2025 20:01:22 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:0f:58:44:40:73:ba:28:70:e0:2d:16:bc:d9:af:f8:23:84:7b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:22 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=a10be652521e0bfa506751c2fb961d5d75f051993dee6c7fcfb337d55c25883f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:17:8c:38:47:f6:c2:a7:39:ec:2c:ec:dd:2b:
65:65:40:6e:20:5d:64:f8:5e:bf:6d:ab:1a:f2:19:
ce:d2:83:52:0a:14:5b:e1:3d:14:1c:30:55:30:ad:
ba:59:cf:84:cb:51:66:d5:b6:39:cc:f0:ec:62:88:
83:6f:a8:ef:8e:5d:f8:c8:de:c7:e8:95:ea:d3:44:
2f:ff:e0:0b:fe:5b:af:b8:f6:ac:3b:bb:75:86:9d:
1a:13:a8:fa:b0:0c:57:65:33:c5:82:15:ff:98:e6:
5d:7e:15:f4:ba:cf:a2:60:d0:d8:92:79:6b:de:43:
9c:a7:39:95:6a:7c:a9:3a:e0:86:bd:0d:8d:fa:79:
04:b2:56:eb:4f:e1:e4:1c:3a:c8:89:68:ab:f3:6d:
6f:33:5d:82:0b:e6:6b:b6:c4:a5:48:dd:71:e2:32:
98:1c:d7:fd:63:87:7e:81:86:52:9f:2c:4e:e5:dc:
e2:ec:70:77:3f:0e:a0:18:c6:74:1d:3e:bb:47:5b:
40:b6:ab:20:4d:d2:5d:f4:b7:06:35:d5:76:ff:ee:
e2:fc:65:5e:40:20:73:f5:0d:47:f3:1e:c5:84:c2:
e1:d1:95:d5:4c:c2:8b:ed:2d:43:4d:d6:03:ea:e8:
ce:4e:d7:cb:62:ba:c9:fe:2a:f9:1d:d8:5c:89:e8:
30:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8F:7E:4E:2C:70:BF:03:CB:99:92:5F:6E:B4:B4:00:80:04:8F:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
32:c9:9b:5a:08:f3:a2:ea:a8:14:55:29:0d:f5:ab:a0:55:c8:
fa:39:df:53:dd:ab:c5:49:cd:9b:61:5e:70:10:5c:ca:bd:ad:
48:0b:24:f8:4a:31:12:df:00:fb:ac:c1:33:16:72:1f:2d:c4:
e5:3e:56:ff:0b:1e:2e:ce:40:fa:8c:79:ec:45:63:f4:17:04:
59:c3:9b:70:b1:39:3f:53:3e:64:51:57:29:54:20:56:95:28:
94:66:10:4b:53:b3:ab:aa:8d:ff:7b:96:b5:c2:24:76:27:32:
f3:19:db:98:c9:7d:c4:db:72:c1:2f:a7:af:6a:d4:f9:56:07:
31:e9:aa:45:2e:73:bb:29:4b:75:71:94:55:67:d5:4a:8e:a2:
3c:7b:dc:b6:bd:5d:15:f1:59:05:36:ba:4d:2f:d6:89:bc:89:
ca:08:d6:7a:5d:87:0a:9c:07:73:df:fd:55:31:fc:2f:ea:da:
6d:97:58:2d:58:20:a0:b9:60:9a:3d:47:03:41:28:07:01:d5:
ed:72:a1:9a:17:39:c5:4b:b7:7f:c8:bf:b8:eb:73:94:6c:2b:
1a:dc:fc:7b:38:7b:34:16:46:b4:1f:02:51:53:e5:57:38:1f:
98:a8:d9:9e:5b:05:61:5f:d3:9e:b8:13:79:02:b9:6c:4b:aa:
c6:f1:83:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEg9YREBzuihw4C0WvNmv+COEe+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMjJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGExMGJlNjUyNTIxZTBiZmE1MDY3NTFjMmZiOTYxZDVkNzVmMDUxOTkzZGVl
NmM3ZmNmYjMzN2Q1NWMyNTg4M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsXjDhH9sKnOews7N0rZWVAbiBdZPhev22rGvIZztKDUgoUW+E9FBwwVTCt
ulnPhMtRZtW2Oczw7GKIg2+o745d+Mjex+iV6tNEL//gC/5br7j2rDu7dYadGhOo
+rAMV2UzxYIV/5jmXX4V9LrPomDQ2JJ5a95DnKc5lWp8qTrghr0Njfp5BLJW60/h
5Bw6yIloq/NtbzNdggvma7bEpUjdceIymBzX/WOHfoGGUp8sTuXc4uxwdz8OoBjG
dB0+u0dbQLarIE3SXfS3BjXVdv/u4vxlXkAgc/UNR/MexYTC4dGV1UzCi+0tQ03W
A+rozk7Xy2K6yf4q+R3YXInoMHUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDj35O
LHC/A8uZkl9utLQAgASPNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTdlZmQ4NjEtOGRjNi00MGM1LTg3MTMtMGJjZmRiZWQ3YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA
MA0GCSqGSIb3DQEBCwUAA4IBAQAyyZtaCPOi6qgUVSkN9augVcj6Od9T3avFSc2b
YV5wEFzKva1ICyT4SjES3wD7rMEzFnIfLcTlPlb/Cx4uzkD6jHnsRWP0FwRZw5tw
sTk/Uz5kUVcpVCBWlSiUZhBLU7Orqo3/e5a1wiR2JzLzGduYyX3E23LBL6evatT5
Vgcx6apFLnO7KUt1cZRVZ9VKjqI8e9y2vV0V8VkFNrpNL9aJvInKCNZ6XYcKnAdz
3/1VMfwv6tptl1gtWCCguWCaPUcDQSgHAdXtcqGaFznFS7d/yL+463OUbCsa3Px7
OHs0Fka0HwJRU+VXOB+YqNmeWwVhX9OeuBN5ArlsS6rG8YNr
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:21 2025 by rpki-client