Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa
File: 0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa (raw, json)
Hash identifier: h1stVlG9NQSEssgw1Jhg9ZAzW3FFNelLyuaj+uRJnTQ=
Subject key identifier: 17:FA:C3:6B:A2:52:EE:37:E0:26:37:DA:3F:F1:D8:2D:01:EF:02:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47EDBB2D18F177BE69FC05379930137444D3BB72
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa
Signing time: Mon 16 Jun 2025 20:00:22 +0000
ROA not before: Mon 16 Jun 2025 20:00:22 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ed:bb:2d:18:f1:77:be:69:fc:05:37:99:30:13:74:44:d3:bb:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:22 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=32ee2b79699ebca0c768b4c6ef30950df5a48b5e2c542d7941c00d5edde27e14, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5a:26:f8:1c:d1:25:13:78:fc:52:ff:f0:02:
8c:93:6d:65:af:20:73:af:71:e5:1b:e5:65:b2:e1:
43:14:59:57:be:74:29:d6:61:06:47:4d:ac:26:88:
a7:71:00:a7:43:8b:c1:a3:6f:c2:c7:09:ef:fc:30:
06:0b:ea:7f:b8:ba:cd:4e:01:95:3a:e0:f8:f0:f0:
1a:9a:c2:6f:94:cb:b1:dc:2a:78:2c:46:0d:a8:65:
00:09:32:42:e2:af:4c:97:11:bf:57:44:5e:8d:f6:
a5:3f:81:39:ec:53:b0:e4:53:1f:28:15:5b:42:62:
4e:33:62:f0:9f:de:78:a6:f4:38:12:8a:af:b2:35:
70:79:3e:49:e8:a1:d7:cf:f3:36:83:ac:f0:73:8f:
ce:e7:d3:82:8d:b2:c7:20:f5:1c:64:e8:aa:2b:be:
04:92:5c:81:d5:41:24:ef:95:36:70:df:06:8b:0f:
a0:bd:71:54:09:34:2f:0f:12:c4:f5:e5:45:19:97:
9a:a8:1a:dd:d4:c3:27:c4:4f:1d:36:41:b6:7b:03:
d2:df:e2:26:bd:c6:ff:e7:92:ea:77:80:88:cc:12:
3a:97:db:78:09:a3:b9:cf:d3:fb:89:5e:2c:5a:b9:
bf:7a:ce:84:9e:ec:f0:a0:87:a2:6a:b7:bf:49:9c:
da:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FA:C3:6B:A2:52:EE:37:E0:26:37:DA:3F:F1:D8:2D:01:EF:02:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a040::/48
Signature Algorithm: sha256WithRSAEncryption
14:a2:1a:18:c7:31:eb:16:6d:ef:a0:36:7d:1c:ea:dd:58:c5:
b6:38:57:99:67:e4:d1:00:73:45:84:4e:0a:d4:63:aa:20:00:
9d:35:d4:11:61:2b:5e:36:e3:f2:c4:ea:ad:90:7c:6f:95:01:
82:af:68:04:4b:2b:25:ef:3e:82:12:c0:2d:6f:c5:4e:92:3a:
cb:b8:3b:ed:6c:af:fe:1f:88:65:03:2a:07:18:c5:d9:4b:01:
92:91:e8:09:df:f5:59:5a:01:5d:d3:ba:c7:c0:3b:8e:81:3a:
17:dd:fc:4a:65:ee:16:71:da:7e:ca:39:3f:e5:eb:06:cb:5a:
ce:77:e9:4e:33:8c:71:2d:6e:14:d6:60:b7:36:31:a6:af:09:
e9:78:11:e9:ed:e2:32:c0:3b:5f:38:c2:3e:27:20:fa:89:29:
5c:00:b8:df:ca:91:1c:ee:51:5c:a7:c9:2b:14:ca:9a:5e:c8:
31:6b:bd:f4:0a:63:bd:ac:08:22:9d:a3:3d:04:1b:26:b4:06:
ec:0d:9a:e3:0e:c9:26:61:6a:1f:9d:1d:56:24:61:a1:9c:9a:
19:8a:3a:92:da:bd:08:9a:44:a4:28:b8:28:bb:fa:82:3d:d1:
1f:81:4c:f4:17:96:7e:01:5b:ab:e7:c5:c6:11:24:d5:19:2d:
c0:2a:05:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR+27LRjxd75p/AU3mTATdETTu3IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMjJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyZWUyYjc5Njk5ZWJjYTBjNzY4YjRjNmVmMzA5NTBkZjVhNDhiNWUyYzU0
MmQ3OTQxYzAwZDVlZGRlMjdlMTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANlaJvgc0SUTePxS//ACjJNtZa8gc69x5RvlZbLhQxRZV750KdZhBkdNrCaI
p3EAp0OLwaNvwscJ7/wwBgvqf7i6zU4BlTrg+PDwGprCb5TLsdwqeCxGDahlAAky
QuKvTJcRv1dEXo32pT+BOexTsORTHygVW0JiTjNi8J/eeKb0OBKKr7I1cHk+Seih
18/zNoOs8HOPzufTgo2yxyD1HGToqiu+BJJcgdVBJO+VNnDfBosPoL1xVAk0Lw8S
xPXlRRmXmqga3dTDJ8RPHTZBtnsD0t/iJr3G/+eS6neAiMwSOpfbeAmjuc/T+4le
LFq5v3rOhJ7s8KCHomq3v0mc2iUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQX+sNr
olLuN+AmN9o/8dgtAe8CmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGExYTI1ZDctNjkzNS00MjBjLWE5NDktNGE5ZDBlNmE5NWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
QDANBgkqhkiG9w0BAQsFAAOCAQEAFKIaGMcx6xZt76A2fRzq3VjFtjhXmWfk0QBz
RYROCtRjqiAAnTXUEWErXjbj8sTqrZB8b5UBgq9oBEsrJe8+ghLALW/FTpI6y7g7
7Wyv/h+IZQMqBxjF2UsBkpHoCd/1WVoBXdO6x8A7joE6F938SmXuFnHafso5P+Xr
BstaznfpTjOMcS1uFNZgtzYxpq8J6XgR6e3iMsA7XzjCPicg+okpXAC438qRHO5R
XKfJKxTKml7IMWu99ApjvawIIp2jPQQbJrQG7A2a4w7JJmFqH50dViRhoZyaGYo6
ktq9CJpEpCi4KLv6gj3RH4FM9BeWfgFbq+fFxhEk1RktwCoFhQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:38 2025 by rpki-client