Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
File: 6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa (raw, json)
Hash identifier: zFrnElu4+NqEuMTjlnG0tJSB20Nrc7CbHQivV7qXHvs=
Subject key identifier: 3E:EE:97:24:88:3C:9E:7D:71:4D:70:FE:9E:E8:CC:FC:92:2D:D5:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79E7A89E3F9EC818BD4F6802B38D572F60B2FB8D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
Signing time: Fri 11 Jul 2025 20:11:09 +0000
ROA not before: Fri 11 Jul 2025 20:11:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:e7:a8:9e:3f:9e:c8:18:bd:4f:68:02:b3:8d:57:2f:60:b2:fb:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ef64b433c364bfcc79789fe5bb759e666257cc7fc1898a3c0f8bb8e02feed8a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:95:eb:a5:4e:b3:28:e3:a6:a6:e7:02:3e:30:
88:21:4b:24:bb:7c:27:24:93:b5:33:12:ee:d4:44:
ed:d5:e6:27:bd:1b:af:0b:fc:70:5a:7f:a9:81:af:
79:27:60:f1:32:ee:63:8a:9e:43:f8:c4:d0:d3:93:
60:50:3a:d8:6f:1b:10:9e:d1:b7:30:a6:0e:1c:33:
c0:fe:cc:48:4a:70:37:ce:ea:bd:0f:a8:32:06:29:
2b:ac:47:a5:55:b2:21:5d:e5:84:cc:ea:78:ab:17:
a0:09:81:d4:cc:99:cc:ed:9d:9e:07:a4:83:c1:39:
06:e1:28:65:1f:2a:8d:97:7b:18:80:e4:5b:81:a6:
e7:5d:c5:2a:00:04:00:9a:f7:ce:1a:11:29:c2:49:
9a:f3:f6:35:d7:7a:88:04:be:4b:14:cb:2e:c2:70:
67:8a:61:cc:6e:f5:a7:8a:51:70:a5:23:2b:84:f6:
19:90:c5:ce:9f:e8:c5:4d:1b:7f:11:ab:98:be:1b:
39:1b:ba:41:81:85:c0:1d:66:22:b2:65:de:2d:f3:
67:e8:df:f9:0e:c5:2a:af:d2:cc:7d:5d:11:46:39:
24:83:70:c7:c1:f8:d5:a6:fd:24:de:b9:8b:2f:76:
b5:30:b7:c6:2a:71:97:c3:30:60:af:88:ee:12:68:
9a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:EE:97:24:88:3C:9E:7D:71:4D:70:FE:9E:E8:CC:FC:92:2D:D5:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:c000::/40
Signature Algorithm: sha256WithRSAEncryption
96:f0:e4:36:4e:04:65:11:3c:6d:f6:28:bc:59:22:7b:3a:10:
26:bd:da:f1:75:14:67:46:68:f9:4d:0d:22:49:57:c0:71:65:
aa:36:76:3e:f8:88:d7:f7:69:f7:69:1e:d1:d1:c9:6e:55:d5:
80:09:91:68:e0:01:d7:0d:22:3c:3b:e4:02:cb:4b:80:39:3f:
b4:73:ab:00:44:32:b6:b6:fa:f1:c9:57:09:eb:29:ab:c6:5a:
96:8f:47:fc:ad:b3:e4:e3:cc:9a:1e:87:38:b5:78:ab:a4:01:
1a:e1:77:f7:d7:b8:19:9d:9f:97:75:e0:f8:4c:2d:40:92:b6:
52:90:32:2a:13:02:db:51:85:84:42:ed:fa:6b:6a:a8:b1:e5:
e9:4d:1f:a9:4b:c5:42:07:f0:46:55:3c:14:6c:a3:c4:cd:14:
15:fc:4c:0f:22:ed:1d:44:a8:f4:ae:b3:4c:88:31:2f:85:68:
5e:c1:c9:fd:dd:aa:79:a1:fc:b9:bf:05:61:a0:07:08:16:1f:
c0:8b:a8:06:92:f7:7e:7b:67:e5:0c:38:e2:34:4b:d9:fc:66:
83:93:26:1b:f0:f8:d9:b7:f0:f3:5b:1d:3a:89:36:80:58:34:
22:ad:34:fe:e3:d9:6e:78:d9:d1:cc:13:b3:6a:0a:26:34:02:
3a:98:7a:e3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeeeonj+eyBi9T2gCs41XL2Cy+40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmNjRiNDMzYzM2NGJmY2M3OTc4OWZlNWJiNzU5ZTY2NjI1N2NjN2ZjMTg5
OGEzYzBmOGJiOGUwMmZlZWQ4YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6V66VOsyjjpqbnAj4wiCFLJLt8JySTtTMS7tRE7dXmJ70brwv8cFp/qYGv
eSdg8TLuY4qeQ/jE0NOTYFA62G8bEJ7RtzCmDhwzwP7MSEpwN87qvQ+oMgYpK6xH
pVWyIV3lhMzqeKsXoAmB1MyZzO2dngekg8E5BuEoZR8qjZd7GIDkW4Gm513FKgAE
AJr3zhoRKcJJmvP2Ndd6iAS+SxTLLsJwZ4phzG71p4pRcKUjK4T2GZDFzp/oxU0b
fxGrmL4bORu6QYGFwB1mIrJl3i3zZ+jf+Q7FKq/SzH1dEUY5JINwx8H41ab9JN65
iy92tTC3xipxl8MwYK+I7hJomqkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+7pck
iDyefXFNcP6e6Mz8ki3VyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVlNDI0ZDYtYTA2Ny00ZmI5LWE4MmUtMDU4OTBjZjhhODhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FjA
MA0GCSqGSIb3DQEBCwUAA4IBAQCW8OQ2TgRlETxt9ii8WSJ7OhAmvdrxdRRnRmj5
TQ0iSVfAcWWqNnY++IjX92n3aR7R0cluVdWACZFo4AHXDSI8O+QCy0uAOT+0c6sA
RDK2tvrxyVcJ6ymrxlqWj0f8rbPk48yaHoc4tXirpAEa4Xf317gZnZ+XdeD4TC1A
krZSkDIqEwLbUYWEQu36a2qoseXpTR+pS8VCB/BGVTwUbKPEzRQV/EwPIu0dRKj0
rrNMiDEvhWhewcn93ap5ofy5vwVhoAcIFh/Ai6gGkvd+e2flDDjiNEvZ/GaDkyYb
8PjZt/DzWx06iTaAWDQirTT+49lueNnRzBOzagomNAI6mHrj
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:44 2025 by rpki-client