Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
File: f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa (raw, json)
Hash identifier: 2iwyt4Pcnul0Ch2YZsxkOH2i63jcFcdvowLTK51BSnw=
Subject key identifier: 3E:69:95:F9:EC:EF:8A:2B:2F:E8:84:94:73:5D:48:9C:89:7A:5E:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36374665BE6C65A75020F4DBD3FDB6758B913EBC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
Signing time: Fri 11 Jul 2025 19:10:11 +0000
ROA not before: Fri 11 Jul 2025 19:10:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:37:46:65:be:6c:65:a7:50:20:f4:db:d3:fd:b6:75:8b:91:3e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=d5c5834ccb7239ee06fd3c554a2deddf0bbf46166fc34ca5f1e4434a88e4b0f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:28:d6:93:25:f2:2b:43:49:f2:02:56:87:45:
68:5e:a0:28:5f:7d:e7:5f:b9:c7:c3:5f:e4:4a:cd:
f6:fc:9d:77:60:8f:c6:13:9e:2b:d0:89:0b:cb:98:
16:7f:19:6d:24:75:88:bf:8c:05:7a:ee:64:f5:23:
f5:18:44:80:a5:1b:e4:b6:6e:51:cd:5b:8c:cc:76:
15:fa:8b:c0:3c:4f:af:89:d5:f0:7c:06:3e:12:83:
6a:26:7f:01:f7:87:18:4d:5f:34:b3:67:74:be:1c:
2a:6f:eb:c4:fa:17:8e:0b:ff:0e:35:80:be:db:52:
a1:35:23:f1:37:f5:b9:72:13:86:df:d6:ba:8f:4c:
c8:89:d7:08:10:8d:8d:94:6c:08:23:26:66:e6:de:
85:84:90:21:45:d2:f8:e2:29:e6:b8:db:94:26:ba:
fc:f6:e5:3d:ca:14:4b:5b:65:bc:bf:fb:67:bd:c3:
98:2a:27:c5:3f:fe:81:75:16:b6:ea:1c:d5:87:8d:
e6:f8:ef:e9:86:b4:33:fa:67:30:db:b5:e6:da:18:
5f:1c:56:40:f8:d8:0d:f8:05:3b:8e:9b:df:2f:cc:
a7:26:ce:ee:d8:21:62:f8:59:45:76:68:27:e1:12:
86:c2:ca:b4:6d:f1:c0:50:28:0d:01:68:fa:52:05:
0e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:69:95:F9:EC:EF:8A:2B:2F:E8:84:94:73:5D:48:9C:89:7A:5E:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:fd:40:3d:0f:c0:29:8b:05:2a:57:12:9d:b6:b1:e6:97:92:
b9:1e:10:c6:c8:2a:48:ee:b4:ea:33:c3:66:63:45:7a:32:ca:
ee:bf:c5:8b:23:3d:62:2a:95:0c:a3:5e:63:f9:62:1a:a5:71:
61:f0:21:48:c5:c9:16:10:54:c4:8d:c0:35:be:63:e1:03:05:
44:f8:6b:7a:06:d7:1a:bb:8a:4e:ae:7d:a4:d6:5b:09:5f:d3:
be:e1:70:4b:83:eb:5b:d6:e4:14:f6:20:9e:39:ef:89:e8:bd:
34:48:9d:6e:66:24:6e:f5:e9:00:e0:3d:8d:fd:9d:57:25:7d:
eb:bd:83:3c:6e:8b:8b:4a:a3:4d:dc:bd:ef:d5:71:59:3b:1c:
77:4f:98:85:5e:7e:74:67:6c:b7:cc:d9:a5:8b:36:2b:14:7f:
a6:9e:69:05:2c:95:e2:16:82:c8:05:6d:03:6e:fe:c8:fb:cd:
78:66:0f:ce:da:f2:d1:ab:c1:ac:ff:30:d5:1e:dd:fd:9f:2e:
0e:80:1b:ce:5a:a8:d5:25:cd:94:a5:c2:a1:6e:1f:79:c6:fc:
b4:2f:19:08:71:74:3b:7a:bd:df:b7:96:f3:7f:74:d7:30:b1:
48:a2:6b:b2:25:55:ad:7b:ab:f9:74:1b:b7:9b:09:bd:29:81:
49:4f:31:1a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNjdGZb5sZadQIPTb0/22dYuRPrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1YzU4MzRjY2I3MjM5ZWUwNmZkM2M1NTRhMmRlZGRmMGJiZjQ2MTY2ZmMz
NGNhNWYxZTQ0MzRhODhlNGIwZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUo1pMl8itDSfICVodFaF6gKF9951+5x8Nf5ErN9vydd2CPxhOeK9CJC8uY
Fn8ZbSR1iL+MBXruZPUj9RhEgKUb5LZuUc1bjMx2FfqLwDxPr4nV8HwGPhKDaiZ/
AfeHGE1fNLNndL4cKm/rxPoXjgv/DjWAvttSoTUj8Tf1uXITht/Wuo9MyInXCBCN
jZRsCCMmZubehYSQIUXS+OIp5rjblCa6/PblPcoUS1tlvL/7Z73DmConxT/+gXUW
tuoc1YeN5vjv6Ya0M/pnMNu15toYXxxWQPjYDfgFO46b3y/MpybO7tghYvhZRXZo
J+EShsLKtG3xwFAoDQFo+lIFDo0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+aZX5
7O+KKy/ohJRzXUiciXpeCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjE5YTFjZTMtMzcyNi00ZDhkLThkM2EtYjJlYzA1MDljYzc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC6/UA9D8ApiwUqVxKdtrHml5K5HhDGyCpI7rTq
M8NmY0V6Msruv8WLIz1iKpUMo15j+WIapXFh8CFIxckWEFTEjcA1vmPhAwVE+Gt6
Btcau4pOrn2k1lsJX9O+4XBLg+tb1uQU9iCeOe+J6L00SJ1uZiRu9ekA4D2N/Z1X
JX3rvYM8bouLSqNN3L3v1XFZOxx3T5iFXn50Z2y3zNmlizYrFH+mnmkFLJXiFoLI
BW0Dbv7I+814Zg/O2vLRq8Gs/zDVHt39ny4OgBvOWqjVJc2UpcKhbh95xvy0LxkI
cXQ7er3ft5bzf3TXMLFIomuyJVWte6v5dBu3mwm9KYFJTzEa
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:41:24 2025 by rpki-client