Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
File: 0cadec3e-a35e-4321-b172-825de7a521d7.roa (raw, json)
Hash identifier: 8Z5uLqNI42JfT+MmeGzBRkWw1KIN1/j1vF1Rk7gJxHU=
Subject key identifier: 36:6C:1A:22:68:C8:02:B0:03:1F:AE:C4:CB:3E:93:CA:E2:79:31:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53254112F30AFF6EC9B83F2A85C36EC7A349C5F0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
Signing time: Mon 16 Jun 2025 19:51:01 +0000
ROA not before: Mon 16 Jun 2025 19:51:01 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:25:41:12:f3:0a:ff:6e:c9:b8:3f:2a:85:c3:6e:c7:a3:49:c5:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:01 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c4007df6d74a9424a8aee7b86f86f4e9377f374dcf3599c377ea55416289519b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f9:bc:fc:b5:42:31:05:47:ca:b0:be:06:2c:
51:d4:90:46:40:cd:bb:37:46:1d:b9:c7:21:c9:67:
34:81:42:f2:10:4a:81:d8:22:3d:6c:5a:00:e6:aa:
47:2b:d4:8d:7c:76:81:ca:87:e4:3b:d1:cf:f1:e7:
76:c0:c6:ce:73:07:14:8e:79:b9:01:d8:65:ef:9e:
de:1d:f2:68:c3:dc:f3:a8:1d:7a:45:fa:5e:28:63:
75:39:ef:1e:7e:4d:11:2d:0f:09:e9:fd:1d:f8:7c:
e5:92:17:33:b8:7e:2a:b5:a3:2d:6c:5e:4a:90:5f:
59:6c:c4:30:de:7e:7e:b0:da:f0:14:cc:d6:70:de:
4c:2f:3d:94:3d:4c:1d:8a:dd:4b:1d:d1:40:1b:cf:
e7:f9:0e:a2:e0:fb:15:0f:68:98:7b:89:d8:c7:cd:
83:94:2b:a5:38:be:9c:f2:4e:62:c9:9c:5a:43:16:
3d:63:14:e5:97:60:f5:f8:ba:25:9d:7d:5a:5d:64:
92:28:9c:f8:c1:aa:57:f2:9d:e8:87:60:67:31:01:
4c:1d:b5:1a:cc:3b:bf:94:07:4f:53:8a:b1:75:a9:
9e:ba:0d:a5:8d:38:6f:80:00:63:f8:0a:0b:9d:76:
0e:c9:97:02:f6:b9:9a:b6:55:dd:27:20:da:88:e9:
33:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:6C:1A:22:68:C8:02:B0:03:1F:AE:C4:CB:3E:93:CA:E2:79:31:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
94:ce:0c:1e:0f:c1:d5:7e:e5:64:46:85:ed:12:26:9f:7b:72:
a6:0e:54:f9:92:86:92:8b:fb:8e:13:88:8e:24:81:a6:83:f5:
2d:5c:e1:11:d8:3d:99:74:24:8d:bc:3d:d2:90:57:d1:97:8b:
7d:6c:48:e9:d0:da:0a:cb:60:74:e9:f5:58:75:c2:e6:9d:0c:
ee:2d:c5:60:fb:79:22:6f:c1:1d:fb:64:58:dd:9a:d4:7a:db:
a0:7d:0b:8c:e9:a7:59:4c:01:b9:0c:46:d8:cb:99:37:a3:6c:
de:be:2c:1f:aa:17:b8:46:3d:5f:76:bc:63:7d:a0:bb:50:2a:
62:86:2e:77:c5:9d:58:6c:d8:74:f6:97:9c:ef:0a:7b:98:35:
1a:1b:16:0e:c1:94:25:2c:cc:45:d3:31:2d:86:51:25:3e:aa:
98:de:59:80:9a:18:e5:c6:c2:4d:e8:fb:39:6b:07:31:6a:a0:
d1:f4:0d:d1:ab:d2:f6:08:78:9e:98:31:73:1a:40:7c:00:1d:
4a:05:89:d4:3e:a4:23:6e:78:0d:ed:cb:89:d2:1b:f3:28:dc:
d9:3b:44:c7:55:3f:4d:e0:e6:01:34:38:ef:d2:db:31:95:73:
59:f8:cc:56:c0:2e:ed:d1:ca:ec:90:18:e8:63:49:cd:bf:d1:
1e:14:70:8a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUyVBEvMK/27JuD8qhcNux6NJxfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxMDFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0MDA3ZGY2ZDc0YTk0MjRhOGFlZTdiODZmODZmNGU5Mzc3ZjM3NGRjZjM1
OTljMzc3ZWE1NTQxNjI4OTUxOWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMn5vPy1QjEFR8qwvgYsUdSQRkDNuzdGHbnHIclnNIFC8hBKgdgiPWxaAOaq
RyvUjXx2gcqH5DvRz/HndsDGznMHFI55uQHYZe+e3h3yaMPc86gdekX6XihjdTnv
Hn5NES0PCen9Hfh85ZIXM7h+KrWjLWxeSpBfWWzEMN5+frDa8BTM1nDeTC89lD1M
HYrdSx3RQBvP5/kOouD7FQ9omHuJ2MfNg5QrpTi+nPJOYsmcWkMWPWMU5Zdg9fi6
JZ19Wl1kkiic+MGqV/Kd6IdgZzEBTB21Gsw7v5QHT1OKsXWpnroNpY04b4AAY/gK
C512DsmXAva5mrZV3Scg2ojpM9cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ2bBoi
aMgCsAMfrsTLPpPK4nkxlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhZGVjM2UtYTM1ZS00MzIxLWIxNzItODI1ZGU3YTUyMWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAlM4MHg/B1X7lZEaF7RImn3typg5U+ZKGkov7
jhOIjiSBpoP1LVzhEdg9mXQkjbw90pBX0ZeLfWxI6dDaCstgdOn1WHXC5p0M7i3F
YPt5Im/BHftkWN2a1HrboH0LjOmnWUwBuQxG2MuZN6Ns3r4sH6oXuEY9X3a8Y32g
u1AqYoYud8WdWGzYdPaXnO8Ke5g1GhsWDsGUJSzMRdMxLYZRJT6qmN5ZgJoY5cbC
Tej7OWsHMWqg0fQN0avS9gh4npgxcxpAfAAdSgWJ1D6kI254De3LidIb8yjc2TtE
x1U/TeDmATQ479LbMZVzWfjMVsAu7dHK7JAY6GNJzb/RHhRwig==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:27 2025 by rpki-client