Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
File: f3736ec9-491c-43bd-b672-c821fdae78f1.roa (raw, json)
Hash identifier: 5FaLDus45sxu6YcEjEvNNO/Dm4mOxEcN3tlIiRuBrGM=
Subject key identifier: D7:E8:80:6F:9C:4C:3D:97:10:26:3A:89:B0:3C:79:DD:E3:52:E3:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79E3AB4F971339375D68EF1EC7DDE3D33E20E123
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
Signing time: Mon 09 Jun 2025 19:20:14 +0000
ROA not before: Mon 09 Jun 2025 19:20:14 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:e3:ab:4f:97:13:39:37:5d:68:ef:1e:c7:dd:e3:d3:3e:20:e1:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:14 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=cfba6efa485926c7dde124ef5e0c4f3339d1cce825f7983736974ee5ab092405, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a0:86:d6:da:17:d6:fa:fe:7c:10:ae:b8:88:
a4:cf:67:ae:35:19:db:6d:f3:7b:a3:ec:3d:0c:03:
c2:dd:56:fc:6b:4d:23:e4:ad:d6:c9:3d:c7:8a:bb:
82:24:5b:35:b8:fe:89:f0:ed:67:87:1d:6e:67:ee:
6f:57:80:aa:d1:66:69:74:97:01:7a:59:50:1b:f0:
dc:7d:6a:90:5d:59:85:6a:5c:87:08:0b:08:61:2d:
96:f8:6b:b9:9b:51:00:df:f0:f4:8a:f1:80:f4:44:
67:aa:16:8e:87:49:4b:b5:01:90:15:b9:58:32:9e:
c8:0b:e9:c2:52:72:57:f9:ab:bc:35:cb:df:f0:6f:
eb:69:79:6c:99:94:da:50:8d:27:58:39:0b:af:1b:
aa:20:b1:51:47:75:59:f7:79:b1:b0:9e:88:69:e9:
3f:47:f7:e4:b3:d0:f3:88:86:1e:f5:5d:92:a4:7d:
e9:32:25:0e:bb:9d:4e:17:13:15:a2:a5:49:5f:24:
86:da:7d:4b:45:e9:5d:2b:d1:3b:12:d9:c1:40:69:
14:ef:af:cb:e1:3c:7d:16:3c:ed:fd:cc:fe:f3:3b:
9c:ca:a0:eb:dc:9e:d8:f4:92:1c:9d:32:1c:6e:a4:
28:57:85:67:32:a6:30:95:6a:d6:0a:4e:a3:86:cf:
d5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E8:80:6F:9C:4C:3D:97:10:26:3A:89:B0:3C:79:DD:E3:52:E3:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:4000::/48
Signature Algorithm: sha256WithRSAEncryption
44:c5:79:27:66:c4:ae:47:39:fd:5d:57:00:da:a9:dd:d1:04:
fb:d7:f5:15:0a:dd:20:53:93:e0:3e:a7:14:28:ad:12:b3:7c:
4e:3c:10:58:d3:c9:5d:bc:12:45:14:b8:86:58:2a:84:7b:71:
4e:b8:4d:46:e6:0c:14:de:ca:84:72:b0:93:10:6b:8e:ac:d9:
91:0b:45:38:51:8c:6d:a9:ae:cf:db:b5:dd:c0:fe:66:91:30:
80:e4:10:d1:ff:3d:34:8a:42:80:36:8e:78:a9:8a:ea:c0:df:
46:e6:09:0a:e1:a3:94:a1:b8:2f:92:52:94:9f:7e:85:ce:6d:
30:fe:9a:fe:13:29:de:a9:9a:52:69:e3:1e:2d:26:a6:4e:94:
45:d1:27:40:52:e1:2f:21:3a:f7:c1:e3:86:ec:b0:08:32:1b:
23:00:db:ae:0e:58:0b:56:bd:a8:6a:2a:22:06:2a:2e:12:0b:
c1:da:0b:51:12:b8:10:e2:57:f6:7d:d4:b2:7c:c7:e0:20:ef:
dc:73:02:1b:0b:56:2c:6a:63:97:02:19:ef:45:b7:f3:1a:f0:
40:39:ce:61:e7:31:73:0e:3e:8d:72:ff:fe:30:ca:11:7d:19:
1a:7a:6f:36:8c:72:3d:ce:17:2f:99:87:13:b2:98:e6:62:f4:
38:09:e0:f2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeeOrT5cTOTddaO8ex93j0z4g4SMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMTRaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmYmE2ZWZhNDg1OTI2YzdkZGUxMjRlZjVlMGM0ZjMzMzlkMWNjZTgyNWY3
OTgzNzM2OTc0ZWU1YWIwOTI0MDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSghtbaF9b6/nwQrriIpM9nrjUZ223ze6PsPQwDwt1W/GtNI+St1sk9x4q7
giRbNbj+ifDtZ4cdbmfub1eAqtFmaXSXAXpZUBvw3H1qkF1ZhWpchwgLCGEtlvhr
uZtRAN/w9IrxgPREZ6oWjodJS7UBkBW5WDKeyAvpwlJyV/mrvDXL3/Bv62l5bJmU
2lCNJ1g5C68bqiCxUUd1Wfd5sbCeiGnpP0f35LPQ84iGHvVdkqR96TIlDrudThcT
FaKlSV8khtp9S0XpXSvROxLZwUBpFO+vy+E8fRY87f3M/vM7nMqg69ye2PSSHJ0y
HG6kKFeFZzKmMJVq1gpOo4bP1eMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTX6IBv
nEw9lxAmOomwPHnd41Lj8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjM3MzZlYzktNDkxYy00M2JkLWI2NzItYzgyMWZkYWU3OGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZA
ADANBgkqhkiG9w0BAQsFAAOCAQEARMV5J2bErkc5/V1XANqp3dEE+9f1FQrdIFOT
4D6nFCitErN8TjwQWNPJXbwSRRS4hlgqhHtxTrhNRuYMFN7KhHKwkxBrjqzZkQtF
OFGMbamuz9u13cD+ZpEwgOQQ0f89NIpCgDaOeKmK6sDfRuYJCuGjlKG4L5JSlJ9+
hc5tMP6a/hMp3qmaUmnjHi0mpk6URdEnQFLhLyE698HjhuywCDIbIwDbrg5YC1a9
qGoqIgYqLhILwdoLURK4EOJX9n3UsnzH4CDv3HMCGwtWLGpjlwIZ70W38xrwQDnO
Yecxcw4+jXL//jDKEX0ZGnpvNoxyPc4XL5mHE7KY5mL0OAng8g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:18 2025 by rpki-client