Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: wrvemIETNTsb6GwiL3yu31CUfm+Hjf8UBdbJZQAH1e8=
Subject key identifier: 2C:85:E9:6C:0E:D0:71:0A:4F:CE:61:D4:5D:7F:E1:14:95:8A:43:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C518374E92BBE42D0CD2D9360C215030A0D4F2F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Mon 16 Jun 2025 21:00:18 +0000
ROA not before: Mon 16 Jun 2025 21:00:18 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:51:83:74:e9:2b:be:42:d0:cd:2d:93:60:c2:15:03:0a:0d:4f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:00:18 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=be06190544098cac68cdc1f8aaa6d03ffd9e0672735f7b23d7e6f7b70e43a3f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:c2:98:7d:21:0b:41:b7:d8:d6:56:bd:a5:8a:
1b:ac:17:5a:98:22:93:39:5f:cf:1b:7c:d4:78:14:
a8:1c:d9:23:7f:4f:ce:c6:80:25:9d:20:ab:50:83:
ed:75:ea:39:37:6a:f7:34:b6:51:1c:65:75:09:b2:
ac:13:4e:e0:95:98:33:87:6e:e7:e7:37:a9:0a:bf:
5c:6b:89:00:f2:c1:db:0a:4e:c8:53:a9:25:8c:d2:
30:aa:3b:1e:2b:37:5d:2a:6b:22:50:31:d3:0b:f2:
24:f1:6f:6f:d4:35:0f:f8:02:b4:a3:29:81:2e:12:
92:b3:60:0c:c6:d9:2f:64:0d:4a:df:0b:69:85:49:
a5:cf:02:36:e0:0a:87:79:1e:27:c9:71:d6:f2:5f:
be:7b:b7:71:51:e3:8d:04:75:1c:c0:77:54:28:a0:
c6:3e:62:bf:01:69:01:db:f6:ab:81:f7:15:21:03:
7e:9f:53:9d:99:38:88:01:14:22:6c:05:02:d2:4e:
67:01:2d:ea:db:c9:18:15:9a:f7:25:ff:f3:5d:7f:
26:d7:ee:17:20:71:af:a5:ce:2f:74:44:d8:b8:cc:
60:1e:80:3d:92:c7:0c:77:81:11:b1:0b:3a:4a:26:
87:29:15:36:9e:7c:0e:f6:79:46:6a:41:b6:51:5b:
33:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:85:E9:6C:0E:D0:71:0A:4F:CE:61:D4:5D:7F:E1:14:95:8A:43:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
06:d6:09:b3:f8:b7:fa:03:a0:36:61:93:fc:0e:58:75:33:26:
bb:0c:4c:02:00:e8:a1:94:d1:e0:1d:6d:5d:c8:a0:5b:6c:bd:
e2:11:46:44:8a:95:6d:4e:d9:80:29:d5:da:91:fb:7e:b2:91:
f9:49:d2:69:26:9c:56:1a:89:79:2e:e2:db:c6:2e:85:e3:b8:
94:2a:8b:4e:11:f9:f7:b2:14:aa:f9:bc:86:ee:99:f1:97:7c:
68:83:ba:15:a0:c3:aa:42:ad:9b:96:5a:98:53:13:99:96:b3:
12:1e:98:78:c9:7c:37:5a:ed:e5:d1:ab:c8:d6:93:b9:c6:d1:
fd:98:2b:4a:3b:0d:5d:19:61:dc:f3:4e:75:84:a7:1a:b3:58:
06:b0:17:21:66:76:a0:da:d7:36:35:93:28:ce:52:25:95:bf:
a4:0e:43:cd:3c:d9:be:01:63:27:95:dc:d2:48:1c:14:66:d1:
3b:a9:c2:a4:01:a0:29:cf:4d:99:2c:f7:83:28:d2:9e:76:08:
1d:c4:d1:d7:96:87:24:13:e6:f2:f6:5a:9e:fd:2d:33:0d:9d:
2b:8a:84:cf:2f:ae:7f:5b:dc:e7:20:a6:06:c1:d0:e9:7c:71:
64:d6:e1:06:8b:ec:cf:2d:39:2e:ab:7f:2d:23:0b:e6:af:be:
51:60:00:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXFGDdOkrvkLQzS2TYMIVAwoNTy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAwMThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlMDYxOTA1NDQwOThjYWM2OGNkYzFmOGFhYTZkMDNmZmQ5ZTA2NzI3MzVm
N2IyM2Q3ZTZmN2I3MGU0M2EzZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPjCmH0hC0G32NZWvaWKG6wXWpgikzlfzxt81HgUqBzZI39PzsaAJZ0gq1CD
7XXqOTdq9zS2URxldQmyrBNO4JWYM4du5+c3qQq/XGuJAPLB2wpOyFOpJYzSMKo7
His3XSprIlAx0wvyJPFvb9Q1D/gCtKMpgS4SkrNgDMbZL2QNSt8LaYVJpc8CNuAK
h3keJ8lx1vJfvnu3cVHjjQR1HMB3VCigxj5ivwFpAdv2q4H3FSEDfp9TnZk4iAEU
ImwFAtJOZwEt6tvJGBWa9yX/811/JtfuFyBxr6XOL3RE2LjMYB6APZLHDHeBEbEL
OkomhykVNp58DvZ5RmpBtlFbM/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQshels
DtBxCk/OYdRdf+EUlYpDUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQAG1gmz+Lf6A6A2YZP8Dlh1Mya7DEwCAOihlNHg
HW1dyKBbbL3iEUZEipVtTtmAKdXakft+spH5SdJpJpxWGol5LuLbxi6F47iUKotO
Efn3shSq+byG7pnxl3xog7oVoMOqQq2bllqYUxOZlrMSHph4yXw3Wu3l0avI1pO5
xtH9mCtKOw1dGWHc8051hKcas1gGsBchZnag2tc2NZMozlIllb+kDkPNPNm+AWMn
ldzSSBwUZtE7qcKkAaApz02ZLPeDKNKedggdxNHXlockE+by9lqe/S0zDZ0rioTP
L65/W9znIKYGwdDpfHFk1uEGi+zPLTkuq38tIwvmr75RYABG
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:37 2025 by rpki-client