Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
File: 03f51c56-79aa-48ca-895c-790a431bbd73.roa (raw, json)
Hash identifier: e55w0BYm8w2AFg00DBWHcwEeSqYObi+8Ldfm0inaZv0=
Subject key identifier: 0A:6C:DA:20:D1:75:78:EB:61:53:63:4A:C5:4A:14:86:48:1F:45:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BE6F4AF69AD864EA05F086FFC6691FD7CC4937D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
Signing time: Tue 10 Jun 2025 17:21:07 +0000
ROA not before: Tue 10 Jun 2025 17:21:07 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:e6:f4:af:69:ad:86:4e:a0:5f:08:6f:fc:66:91:fd:7c:c4:93:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:07 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=7932779f5de86e0156505391b1dd193d60d741abcbeb5a41cea1e9103c7fff75, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:17:14:f4:c6:0c:c5:0a:4b:f1:f9:9e:6e:29:
b8:9d:21:42:98:1d:d8:79:bf:4f:d2:dd:01:d2:32:
a3:77:f3:e8:97:81:de:74:e8:41:34:2c:0e:02:6b:
ad:f7:c3:20:21:15:ef:16:0a:61:ca:c0:ed:17:93:
49:82:30:80:e2:9c:1f:85:b0:85:cb:c7:2a:a0:6a:
4f:85:c5:fc:60:a6:db:5c:2b:a1:28:82:c6:20:63:
48:92:ed:d6:d6:b6:54:b1:4d:3f:b4:bd:c0:80:e9:
2d:38:88:d9:8c:45:11:74:51:ce:8f:8a:4c:ca:31:
ba:31:d1:2e:ad:f0:8c:d0:f2:78:f8:14:83:13:70:
e3:00:64:e7:69:1b:bc:ff:40:9a:c9:e4:6b:bd:fc:
d7:fd:de:87:94:f1:b0:19:0d:bc:4b:2a:df:f7:d5:
66:88:b9:3c:5b:a8:c0:8f:4f:0c:8b:fa:c4:0d:27:
02:48:1a:eb:70:fb:57:20:17:f4:69:0c:c7:b1:7d:
b6:62:a8:63:62:00:c7:2b:1f:74:42:cf:9c:b8:8e:
fc:2a:63:73:6b:f9:c4:ed:aa:ad:d7:3e:f4:ed:22:
7e:fe:78:cb:49:57:1a:dd:f7:58:f4:a1:da:35:04:
9b:62:03:77:4a:33:19:f6:59:ab:bf:b9:af:eb:40:
69:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6C:DA:20:D1:75:78:EB:61:53:63:4A:C5:4A:14:86:48:1F:45:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:800::/40
Signature Algorithm: sha256WithRSAEncryption
a3:1c:f9:ba:c4:9e:c5:03:ec:3a:f7:fe:6a:7b:7a:f9:d3:5c:
01:03:62:a6:12:78:06:25:ee:79:50:e9:92:23:07:0b:c6:df:
e1:fe:cf:63:ae:95:d2:2c:ba:46:ef:67:b4:1a:3c:a8:a2:3c:
2b:e1:4c:69:ac:3c:d2:5b:43:ce:46:ae:a8:0f:c8:39:20:c0:
99:4f:e3:18:6f:a4:5d:ce:42:32:9f:04:95:51:8a:f0:f4:a6:
17:5a:10:85:88:bf:c6:ce:24:07:6c:d9:c3:63:5d:c3:ee:62:
2b:e8:42:d2:27:ca:af:f1:78:e7:e1:0a:37:b0:73:6d:a9:4f:
19:47:7d:ab:c0:90:73:9f:d8:a3:1a:68:22:c8:54:5b:64:94:
63:fe:f9:48:a3:3f:2c:29:f2:71:63:e3:80:9f:75:58:f2:60:
a1:b3:88:bd:57:c5:14:c0:ea:31:6a:d4:94:69:80:a2:3f:31:
3c:7f:63:77:11:96:bd:1f:81:e7:10:0c:f1:03:42:c4:a9:1c:
1c:4a:e3:48:ff:3b:6c:0d:b5:b7:f1:53:6f:68:a9:c3:c6:36:
0b:7a:f9:47:d7:f7:7d:ca:00:4d:94:1a:33:df:6f:e7:23:3d:
94:1e:2e:5d:dd:21:d1:35:60:b0:db:39:fb:cb:af:9b:70:d8:
cc:4d:66:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW+b0r2mthk6gXwhv/GaR/XzEk30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMDdaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MzI3NzlmNWRlODZlMDE1NjUwNTM5MWIxZGQxOTNkNjBkNzQxYWJjYmVi
NWE0MWNlYTFlOTEwM2M3ZmZmNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoXFPTGDMUKS/H5nm4puJ0hQpgd2Hm/T9LdAdIyo3fz6JeB3nToQTQsDgJr
rffDICEV7xYKYcrA7ReTSYIwgOKcH4WwhcvHKqBqT4XF/GCm21wroSiCxiBjSJLt
1ta2VLFNP7S9wIDpLTiI2YxFEXRRzo+KTMoxujHRLq3wjNDyePgUgxNw4wBk52kb
vP9Amsnka7381/3eh5TxsBkNvEsq3/fVZoi5PFuowI9PDIv6xA0nAkga63D7VyAX
9GkMx7F9tmKoY2IAxysfdELPnLiO/Cpjc2v5xO2qrdc+9O0ifv54y0lXGt33WPSh
2jUEm2IDd0ozGfZZq7+5r+tAaRcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQKbNog
0XV462FTY0rFShSGSB9FgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNmNTFjNTYtNzlhYS00OGNhLTg5NWMtNzkwYTQzMWJiZDczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUI
MA0GCSqGSIb3DQEBCwUAA4IBAQCjHPm6xJ7FA+w69/5qe3r501wBA2KmEngGJe55
UOmSIwcLxt/h/s9jrpXSLLpG72e0Gjyoojwr4UxprDzSW0PORq6oD8g5IMCZT+MY
b6RdzkIynwSVUYrw9KYXWhCFiL/GziQHbNnDY13D7mIr6ELSJ8qv8Xjn4Qo3sHNt
qU8ZR32rwJBzn9ijGmgiyFRbZJRj/vlIoz8sKfJxY+OAn3VY8mChs4i9V8UUwOox
atSUaYCiPzE8f2N3EZa9H4HnEAzxA0LEqRwcSuNI/ztsDbW38VNvaKnDxjYLevlH
1/d9ygBNlBoz32/nIz2UHi5d3SHRNWCw2zn7y6+bcNjMTWYq
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:03:08 2025 by rpki-client