Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
File: 0d8c280f-edb2-45fb-9207-8226dc900bb1.roa (raw, json)
Hash identifier: hILnxNXy0n7QtmPgBC/nIITlapp6/Y7nG2bebV5IO3k=
Subject key identifier: 9C:AE:E4:71:EB:D4:57:20:B9:6D:5E:0D:BB:A7:18:CB:A3:09:01:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DB1A66C651CB0CFFD95C85DB0FD40B4527ACDEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
Signing time: Mon 16 Jun 2025 19:50:22 +0000
ROA not before: Mon 16 Jun 2025 19:50:22 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:b1:a6:6c:65:1c:b0:cf:fd:95:c8:5d:b0:fd:40:b4:52:7a:cd:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:22 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9ca767ae1d4c5de9dc4da552d8b93363a36ead77e2fd19c37be14dd56f2d01a9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:77:d8:05:c1:9a:1a:74:8c:cb:6b:ff:f7:2d:
2d:06:bc:29:52:c0:39:ff:ea:b3:33:d5:ba:47:e2:
dc:41:7e:55:35:1e:18:98:c7:b2:46:76:e6:c0:59:
e3:38:92:f0:9c:31:3e:8d:b2:2c:74:64:f1:0c:75:
07:83:1e:1a:ce:3b:ae:27:78:49:d9:8b:ac:5a:97:
bc:58:78:dd:92:7b:c4:1f:06:5a:84:13:76:ba:fc:
d7:d4:d9:d9:d9:c9:79:1d:3d:99:a6:e7:5b:e6:a2:
68:5d:32:fe:dc:5a:51:4f:95:f1:7f:f2:06:ea:69:
9d:d6:f5:26:8a:b6:1b:6b:aa:a4:df:50:ad:8c:ca:
0c:2f:b2:e7:f3:6c:a1:84:5e:8e:af:84:ef:9a:d7:
19:62:74:08:e9:8e:5c:6d:86:a0:9b:1e:e6:33:f8:
8c:a8:ea:b1:b7:33:0f:e2:45:85:81:11:49:48:78:
77:d3:4c:92:85:d7:5f:1e:5f:77:a9:5a:67:a9:e7:
c5:f9:53:3f:83:9e:da:5f:c8:7d:50:3b:18:32:43:
26:c5:31:3c:43:dd:87:9f:68:f5:30:10:d6:cf:c2:
33:55:f4:ac:2e:a0:0e:ec:0c:8a:5e:99:ae:27:d4:
f9:aa:69:9f:ee:e3:b5:a1:98:1e:60:70:be:cc:81:
aa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:AE:E4:71:EB:D4:57:20:B9:6D:5E:0D:BB:A7:18:CB:A3:09:01:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5080::/48
Signature Algorithm: sha256WithRSAEncryption
2c:0a:db:12:6e:d6:13:76:20:cc:f8:20:19:4a:79:4a:cd:93:
d3:62:b7:b0:4a:a3:59:7c:9f:b7:e5:8e:f4:16:de:bd:58:09:
dd:ad:dc:cf:20:a2:41:f8:e8:c3:55:62:0d:ea:fa:da:88:ec:
e2:b2:02:60:d9:a0:e6:90:d1:fa:40:17:2b:80:e8:d3:84:20:
6f:91:2c:ea:96:00:47:5e:39:2b:8d:11:c8:2c:5a:c2:8f:70:
9a:82:95:35:77:b0:af:de:78:b5:f8:87:16:40:4c:e8:78:2c:
64:c7:63:da:25:e4:d5:b3:96:e1:2e:c9:fa:37:95:d1:f0:ef:
f7:5d:59:13:f3:b4:57:46:2c:c7:cf:a1:c3:1d:00:1c:04:5b:
23:da:b4:f1:e7:67:d3:2b:4d:d0:6d:2f:9c:a4:e2:b8:e0:62:
13:10:4a:07:9a:53:a4:c7:c8:f0:32:fa:c2:01:4e:a0:93:33:
9d:67:a3:34:84:1d:be:5e:14:c4:e7:16:70:fa:37:d3:11:34:
7e:c5:2e:cc:fb:46:b8:63:c8:57:5f:5c:08:f5:ba:45:57:b8:
00:e8:a7:d4:14:1e:73:c0:d4:95:6e:9a:8c:b4:cd:55:00:fc:
61:5e:e0:9e:a0:35:36:5b:dd:6a:85:b8:19:b0:4f:bb:f1:55:
42:d6:8f:ba
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHbGmbGUcsM/9lchdsP1AtFJ6zeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwMjJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDljYTc2N2FlMWQ0YzVkZTlkYzRkYTU1MmQ4YjkzMzYzYTM2ZWFkNzdlMmZk
MTljMzdiZTE0ZGQ1NmYyZDAxYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJh32AXBmhp0jMtr//ctLQa8KVLAOf/qszPVukfi3EF+VTUeGJjHskZ25sBZ
4ziS8JwxPo2yLHRk8Qx1B4MeGs47rid4SdmLrFqXvFh43ZJ7xB8GWoQTdrr819TZ
2dnJeR09mabnW+aiaF0y/txaUU+V8X/yBuppndb1Joq2G2uqpN9QrYzKDC+y5/Ns
oYRejq+E75rXGWJ0COmOXG2GoJse5jP4jKjqsbczD+JFhYERSUh4d9NMkoXXXx5f
d6laZ6nnxflTP4Oe2l/IfVA7GDJDJsUxPEPdh59o9TAQ1s/CM1X0rC6gDuwMil6Z
rifU+appn+7jtaGYHmBwvsyBqq8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBScruRx
69RXILltXg27pxjLowkBCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGQ4YzI4MGYtZWRiMi00NWZiLTkyMDctODIyNmRjOTAwYmIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
gDANBgkqhkiG9w0BAQsFAAOCAQEALArbEm7WE3YgzPggGUp5Ss2T02K3sEqjWXyf
t+WO9BbevVgJ3a3czyCiQfjow1ViDer62ojs4rICYNmg5pDR+kAXK4Do04Qgb5Es
6pYAR145K40RyCxawo9wmoKVNXewr954tfiHFkBM6HgsZMdj2iXk1bOW4S7J+jeV
0fDv911ZE/O0V0Ysx8+hwx0AHARbI9q08edn0ytN0G0vnKTiuOBiExBKB5pTpMfI
8DL6wgFOoJMznWejNIQdvl4UxOcWcPo30xE0fsUuzPtGuGPIV19cCPW6RVe4AOin
1BQec8DUlW6ajLTNVQD8YV7gnqA1NlvdaoW4GbBPu/FVQtaPug==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:08 2025 by rpki-client