Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
File: e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa (raw, json)
Hash identifier: lYgku6IaDSDMUzcZLGQgDgSydC7cbYGq2YcB/t6As/I=
Subject key identifier: 16:D5:50:01:E8:AB:2E:42:4A:67:6B:29:D7:1C:20:E8:C4:19:C2:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FF93EEB078F2063E51614F1AA17E3D707E2A1AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
Signing time: Fri 11 Jul 2025 20:10:22 +0000
ROA not before: Fri 11 Jul 2025 20:10:22 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:f9:3e:eb:07:8f:20:63:e5:16:14:f1:aa:17:e3:d7:07:e2:a1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:10:22 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=5883029be5f3cdb01aa4931eca4b728453a576a3d5be0659ccb7cdeae28e72e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:29:b8:b4:42:51:d2:54:c5:62:cb:f4:c7:78:
16:0f:93:58:af:48:0e:42:a6:b0:fe:f1:0b:3b:82:
dd:00:95:d0:1f:f6:d4:54:bf:8f:68:9a:00:b8:1d:
9c:ba:5f:63:f2:19:3d:da:7e:08:94:e8:a1:c2:16:
1b:17:9f:e7:47:a6:28:23:59:88:10:f2:90:19:30:
85:8a:71:fa:93:74:85:36:9a:bc:d0:0d:26:e6:53:
28:a3:f8:e6:fe:ac:2f:25:4e:3e:3c:ac:dd:9e:60:
6e:31:47:2c:e1:a1:84:a6:1c:ce:03:70:89:6a:c9:
af:38:ef:ae:03:2c:97:82:cc:8b:70:b4:2d:91:2b:
a8:81:f1:63:12:4f:0c:9e:a4:d3:b2:d1:74:b4:08:
7f:06:8c:d1:32:23:b7:5c:cb:c1:89:59:75:31:cc:
42:31:13:e3:02:78:97:c0:85:48:df:48:ed:71:66:
5c:af:2e:31:08:2e:d7:4b:6b:c3:ae:1f:c6:6f:8a:
2a:03:9a:73:c7:82:37:43:41:c2:d3:92:a2:18:99:
a3:2a:e1:6d:f0:d7:8d:70:d6:95:92:5d:16:9c:f1:
f4:25:85:a7:8e:05:3b:bd:3b:9f:4c:cb:b8:ea:aa:
52:09:47:44:f0:a7:b1:80:29:0f:dc:0b:25:6a:a9:
53:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D5:50:01:E8:AB:2E:42:4A:67:6B:29:D7:1C:20:E8:C4:19:C2:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
31:04:c7:e5:d3:22:ee:55:4d:f0:21:18:8f:7c:97:a0:50:ea:
20:b7:24:a0:2d:89:26:37:21:be:5a:19:23:4d:b3:2b:1c:37:
c3:5f:d8:4c:e6:a2:79:bd:75:5f:74:d8:01:42:d5:10:b0:55:
23:fd:2b:7e:4a:c7:09:5d:3f:a4:bb:69:93:e9:0b:a3:24:4b:
8a:bf:d0:38:43:dd:25:bd:83:3c:fe:f2:28:d6:18:f0:a7:6b:
29:ca:f0:04:5d:1b:d2:56:b6:3d:9e:d6:13:ca:f0:74:92:3e:
a3:ca:11:b8:38:ae:4b:69:fa:7a:7d:94:7b:9a:9f:28:0a:25:
ab:d4:93:66:78:28:68:f6:e3:a6:95:dd:74:f2:de:e5:46:dd:
fc:8f:f0:d0:ae:8d:bc:7f:9a:72:73:06:b2:54:67:9a:c3:f0:
3c:f9:f9:bb:29:03:e8:6b:f6:11:43:57:7d:2d:28:58:bb:97:
88:05:8d:5e:29:8e:04:32:6f:5f:d5:0c:ae:e8:03:51:be:cc:
29:07:2a:4c:8b:3a:c2:39:59:73:48:d6:56:1f:55:6d:00:58:
4a:d1:1a:13:eb:57:f5:25:7b:8c:df:59:69:51:f9:36:0b:60:
28:d2:b8:fa:95:ed:7a:ec:3e:34:fd:d7:84:ab:e8:55:ec:6a:
dc:4e:84:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD/k+6wePIGPlFhTxqhfj1wfioaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDEwMjJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4ODMwMjliZTVmM2NkYjAxYWE0OTMxZWNhNGI3Mjg0NTNhNTc2YTNkNWJl
MDY1OWNjYjdjZGVhZTI4ZTcyZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8puLRCUdJUxWLL9Md4Fg+TWK9IDkKmsP7xCzuC3QCV0B/21FS/j2iaALgd
nLpfY/IZPdp+CJToocIWGxef50emKCNZiBDykBkwhYpx+pN0hTaavNANJuZTKKP4
5v6sLyVOPjys3Z5gbjFHLOGhhKYczgNwiWrJrzjvrgMsl4LMi3C0LZErqIHxYxJP
DJ6k07LRdLQIfwaM0TIjt1zLwYlZdTHMQjET4wJ4l8CFSN9I7XFmXK8uMQgu10tr
w64fxm+KKgOac8eCN0NBwtOSohiZoyrhbfDXjXDWlZJdFpzx9CWFp44FO707n0zL
uOqqUglHRPCnsYApD9wLJWqpU7ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQW1VAB
6KsuQkpnaynXHCDoxBnCMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTdlZmQ4NjEtOGRjNi00MGM1LTg3MTMtMGJjZmRiZWQ3YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA
MA0GCSqGSIb3DQEBCwUAA4IBAQAxBMfl0yLuVU3wIRiPfJegUOogtySgLYkmNyG+
WhkjTbMrHDfDX9hM5qJ5vXVfdNgBQtUQsFUj/St+SscJXT+ku2mT6QujJEuKv9A4
Q90lvYM8/vIo1hjwp2spyvAEXRvSVrY9ntYTyvB0kj6jyhG4OK5Lafp6fZR7mp8o
CiWr1JNmeCho9uOmld108t7lRt38j/DQro28f5pycwayVGeaw/A8+fm7KQPoa/YR
Q1d9LShYu5eIBY1eKY4EMm9f1Qyu6ANRvswpBypMizrCOVlzSNZWH1VtAFhK0RoT
61f1JXuM31lpUfk2C2Ao0rj6le167D40/deEq+hV7GrcToTf
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:08:39 2025 by rpki-client