Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa
File: 0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa (raw, json)
Hash identifier: nFerpNI2BNQXLhz62kmLt8+n++jGj2+VZ9hfSvQZg9Q=
Subject key identifier: 31:21:A5:F9:6B:6C:53:24:34:C3:46:47:D1:A6:C1:E8:E4:E3:B1:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30BACF1C19F1F6EEC6F6CA389D96F7DF439DBC3B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa
Signing time: Thu 26 Jun 2025 19:37:08 +0000
ROA not before: Thu 26 Jun 2025 19:37:08 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:20c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:ba:cf:1c:19:f1:f6:ee:c6:f6:ca:38:9d:96:f7:df:43:9d:bc:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:08 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=9170f5d17c273c6edaea8562f35b903cdfca6d1321c0628adf26577893e6aba6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:30:1b:65:2a:82:37:08:a5:9b:ed:ee:bd:3c:
0e:a4:6f:8f:41:6a:77:33:f7:7d:55:bd:db:1d:68:
04:1a:cf:5b:9d:6e:a6:ac:61:c8:70:75:86:52:0d:
a5:e3:de:61:f0:03:9f:e7:d8:3d:a7:9d:d2:af:ab:
19:19:3e:79:f0:80:0c:39:b8:5a:bd:cf:af:e3:30:
af:7e:d4:9d:e5:4d:20:78:85:f6:db:4f:61:e7:93:
95:c4:da:87:aa:92:65:11:cf:1a:8e:8a:71:b1:4c:
a6:9f:f7:96:8b:8e:29:17:6a:b2:d0:89:93:72:4f:
55:da:9e:19:40:19:d2:0c:b0:f1:f5:a4:f1:0f:63:
5f:d9:7b:bd:ba:c6:e0:19:0b:ce:ab:3a:46:c2:43:
2d:4a:2d:3f:08:1b:21:4d:e5:18:d4:02:93:36:bf:
d5:5b:2b:89:1a:e5:78:da:cd:df:ef:3c:7e:8b:22:
6c:9c:cc:ac:ba:c2:7c:92:81:6d:6d:96:d2:ba:7a:
63:9b:41:be:88:02:6c:3d:b3:4a:a8:d7:51:f2:de:
05:14:40:e4:ba:bb:88:99:37:80:37:0e:3b:0e:49:
f7:6a:2a:e4:66:fb:67:60:af:28:1c:c0:67:68:54:
9f:d9:a4:ca:dd:3e:da:85:73:df:26:a7:b5:ea:ac:
8d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:21:A5:F9:6B:6C:53:24:34:C3:46:47:D1:A6:C1:E8:E4:E3:B1:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:20c0::/46
Signature Algorithm: sha256WithRSAEncryption
91:ba:92:43:9b:8b:ab:eb:5e:c6:b9:96:ae:e8:9e:41:c8:97:
10:6e:e5:d2:c3:d2:24:f2:0d:f0:2c:0d:3b:ee:a8:e2:fd:91:
63:f9:97:d4:2c:00:c8:fa:bb:4e:9b:09:ff:29:7d:16:17:ca:
30:54:18:ba:c1:a6:e6:92:d1:79:ad:dd:59:95:dd:e6:3b:f7:
a9:98:bf:80:7c:1b:ee:46:41:f9:18:42:1a:0f:f6:02:04:9e:
33:f0:37:70:95:a5:a5:58:0d:e2:67:43:00:c9:f4:9a:40:9b:
cb:2b:50:94:81:12:be:b3:49:d4:0d:b2:19:e8:78:86:b0:73:
d2:80:6a:25:1a:b0:f2:37:bc:41:3d:a8:fc:4c:56:58:a1:5b:
96:02:cc:a5:d6:12:b3:86:f5:4a:45:2a:b9:cd:00:6d:29:ec:
21:15:85:9d:de:df:dd:42:64:47:e8:ac:77:e8:54:d0:99:49:
20:89:31:dc:09:07:28:f4:24:bd:a1:2d:eb:44:e7:77:f8:f8:
76:a1:61:e5:a8:a7:9f:38:a7:7f:56:f1:e5:42:46:ad:c4:7c:
89:bc:5b:40:55:bb:a5:7a:42:67:83:2a:f5:83:45:2d:8e:de:
24:48:89:fb:e8:6d:9a:87:7e:b8:f2:cc:85:37:d4:06:1c:4c:
36:a6:7d:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMLrPHBnx9u7G9so4nZb330OdvDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MDhaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxNzBmNWQxN2MyNzNjNmVkYWVhODU2MmYzNWI5MDNjZGZjYTZkMTMyMWMw
NjI4YWRmMjY1Nzc4OTNlNmFiYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEwG2UqgjcIpZvt7r08DqRvj0FqdzP3fVW92x1oBBrPW51upqxhyHB1hlIN
pePeYfADn+fYPaed0q+rGRk+efCADDm4Wr3Pr+Mwr37UneVNIHiF9ttPYeeTlcTa
h6qSZRHPGo6KcbFMpp/3louOKRdqstCJk3JPVdqeGUAZ0gyw8fWk8Q9jX9l7vbrG
4BkLzqs6RsJDLUotPwgbIU3lGNQCkza/1VsriRrleNrN3+88fosibJzMrLrCfJKB
bW2W0rp6Y5tBvogCbD2zSqjXUfLeBRRA5Lq7iJk3gDcOOw5J92oq5Gb7Z2CvKBzA
Z2hUn9mkyt0+2oVz3yanteqsjYsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQxIaX5
a2xTJDTDRkfRpsHo5OOxiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGRjOGY2YjktOWIyZS00NTU5LWIzZTMtYjYxYjBkNjg1ZTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
wDANBgkqhkiG9w0BAQsFAAOCAQEAkbqSQ5uLq+texrmWruieQciXEG7l0sPSJPIN
8CwNO+6o4v2RY/mX1CwAyPq7TpsJ/yl9FhfKMFQYusGm5pLRea3dWZXd5jv3qZi/
gHwb7kZB+RhCGg/2AgSeM/A3cJWlpVgN4mdDAMn0mkCbyytQlIESvrNJ1A2yGeh4
hrBz0oBqJRqw8je8QT2o/ExWWKFblgLMpdYSs4b1SkUquc0AbSnsIRWFnd7f3UJk
R+isd+hU0JlJIIkx3AkHKPQkvaEt60Tnd/j4dqFh5ainnzinf1bx5UJGrcR8ibxb
QFW7pXpCZ4Mq9YNFLY7eJEiJ++htmod+uPLMhTfUBhxMNqZ9rg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:01 2025 by rpki-client