Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
File: 0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa (raw, json)
Hash identifier: VbxVSaPzYJ/Wyx64Rudo6BZVEUesa2WAwkoWUXAjFKg=
Subject key identifier: 3F:08:55:08:B3:7E:89:5E:B2:A7:E3:7F:AC:01:AC:11:EF:8C:89:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 148001EFA82D5FF69B7E3FE841353C3FD5E1523A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
Signing time: Mon 16 Jun 2025 19:51:06 +0000
ROA not before: Mon 16 Jun 2025 19:51:06 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:80:01:ef:a8:2d:5f:f6:9b:7e:3f:e8:41:35:3c:3f:d5:e1:52:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:06 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9741833de00050203789a2271cf0bf37099a2528d1872fda78c5b577cb0f649b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:33:ac:38:69:c6:ec:a8:20:71:e2:a3:aa:bb:
0e:5b:29:06:41:04:98:4c:c0:76:56:1e:08:cc:14:
fc:9a:3e:86:03:f6:82:f6:5f:bd:e1:18:83:f0:0f:
c0:f6:48:d5:58:d2:aa:d3:46:64:97:c3:9d:76:46:
28:2c:f8:85:cb:52:e5:61:b4:dd:8d:0c:b7:53:8d:
7a:8f:7a:11:d8:b5:c9:3f:2a:c4:d8:96:3a:9d:a8:
8a:ea:33:5b:19:07:73:16:de:45:2c:e0:3e:9a:d5:
fa:d6:b6:89:1b:a9:38:c6:69:03:50:58:09:09:af:
aa:ed:0e:27:99:74:57:74:21:5a:bc:08:6f:15:eb:
8e:06:be:42:13:34:8b:27:00:e3:29:24:a4:f3:51:
92:62:e9:2a:f4:a3:61:32:bc:ff:5d:cd:88:c0:0c:
75:f2:0b:cc:8a:fe:ee:af:82:0a:67:b4:a0:0f:8a:
ab:a7:0c:e5:96:95:61:cf:bc:e6:5d:3c:88:02:7b:
29:59:31:ca:dc:2a:09:3f:ca:bd:62:6a:4e:7e:24:
76:bf:5d:95:32:66:01:d3:c5:b2:5c:b2:b2:f4:ba:
aa:e2:8c:0e:9a:7d:a0:1f:93:b4:e3:81:18:bc:d1:
24:a5:0a:12:04:32:91:08:15:3b:69:79:15:88:7e:
1f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:08:55:08:B3:7E:89:5E:B2:A7:E3:7F:AC:01:AC:11:EF:8C:89:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
8d:60:d9:58:00:00:c6:ed:12:96:3f:23:c9:f9:2f:99:d6:8e:
ba:41:4b:b7:4c:95:72:b3:99:58:b6:87:7f:41:39:3d:72:f8:
41:97:b0:19:a0:32:69:e9:2d:de:36:b2:c3:00:3d:a3:98:2f:
aa:8a:6c:80:a4:d6:5f:96:1c:6b:93:72:d8:5e:fd:49:a7:8d:
50:0b:bd:96:d7:21:b4:19:16:cb:eb:de:7e:a5:1f:48:04:85:
7a:a7:52:07:05:61:37:39:61:a5:4c:0f:e4:6a:2e:41:48:f0:
73:64:3c:9e:2c:78:c7:f6:18:06:77:17:9f:09:1c:1e:72:b9:
26:94:1c:fd:fc:d6:19:c4:5e:f1:b4:ed:20:d7:2c:58:36:bd:
1f:be:40:49:82:66:23:9f:36:d4:d3:21:73:6e:c7:c3:8e:99:
57:67:56:2f:41:85:4b:07:42:1c:93:db:ad:97:58:a4:24:c1:
eb:e3:a4:ca:cd:e3:a1:a0:1d:d0:bd:83:a9:87:20:23:9f:4f:
3d:76:14:e9:c5:c5:46:4c:71:11:97:78:68:75:19:c9:5a:95:
5c:66:e9:fc:6a:d4:03:e6:ac:85:41:ce:82:09:bf:4c:3c:19:
e6:45:5f:01:24:9f:cc:81:27:51:a7:ae:ee:0f:05:e6:e1:37:
e9:1b:64:9f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFIAB76gtX/abfj/oQTU8P9XhUjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxMDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NDE4MzNkZTAwMDUwMjAzNzg5YTIyNzFjZjBiZjM3MDk5YTI1MjhkMTg3
MmZkYTc4YzViNTc3Y2IwZjY0OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQzrDhpxuyoIHHio6q7DlspBkEEmEzAdlYeCMwU/Jo+hgP2gvZfveEYg/AP
wPZI1VjSqtNGZJfDnXZGKCz4hctS5WG03Y0Mt1ONeo96Edi1yT8qxNiWOp2oiuoz
WxkHcxbeRSzgPprV+ta2iRupOMZpA1BYCQmvqu0OJ5l0V3QhWrwIbxXrjga+QhM0
iycA4ykkpPNRkmLpKvSjYTK8/13NiMAMdfILzIr+7q+CCme0oA+Kq6cM5ZaVYc+8
5l08iAJ7KVkxytwqCT/KvWJqTn4kdr9dlTJmAdPFslyysvS6quKMDpp9oB+TtOOB
GLzRJKUKEgQykQgVO2l5FYh+H4UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ/CFUI
s36JXrKn43+sAawR74yJUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyZTMwOWUtZTlkNC00NTQ2LTg5NjktMmQ3YjRiOWQ1MTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAjWDZWAAAxu0Slj8jyfkvmdaOukFLt0yVcrOZ
WLaHf0E5PXL4QZewGaAyaekt3jaywwA9o5gvqopsgKTWX5Yca5Ny2F79SaeNUAu9
ltchtBkWy+vefqUfSASFeqdSBwVhNzlhpUwP5GouQUjwc2Q8nix4x/YYBncXnwkc
HnK5JpQc/fzWGcRe8bTtINcsWDa9H75ASYJmI5821NMhc27Hw46ZV2dWL0GFSwdC
HJPbrZdYpCTB6+Okys3joaAd0L2DqYcgI59PPXYU6cXFRkxxEZd4aHUZyVqVXGbp
/GrUA+ashUHOggm/TDwZ5kVfASSfzIEnUaeu7g8F5uE36Rtknw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:50 2025 by rpki-client