Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa
File: 12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa (raw, json)
Hash identifier: oULcLh1mDVokDHNjIi8Z2jePjPIRHbYnRpghsminmwY=
Subject key identifier: 30:82:42:6C:62:8F:14:1C:83:3F:BA:C4:15:06:4A:D4:69:B1:E0:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0347B0DD7AB89EE377F64723BC53F9716E75679E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa
Signing time: Mon 16 Jun 2025 19:40:02 +0000
ROA not before: Mon 16 Jun 2025 19:40:02 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:47:b0:dd:7a:b8:9e:e3:77:f6:47:23:bc:53:f9:71:6e:75:67:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:02 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=123fee45c1ddaecb54e8345d9c2ca399afb18ee10745ec623bf7d0172976fdbd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:10:0a:09:19:0c:ff:60:2c:ef:d6:c9:04:03:
af:bf:70:97:70:bd:0b:37:dd:e2:69:54:3c:fe:5f:
8b:07:cf:52:1e:f7:d2:06:60:68:77:ee:51:0d:ea:
4a:28:ef:f6:53:1b:71:ac:4f:99:60:38:11:cf:e5:
52:e8:4c:30:f0:36:99:a4:b0:77:ff:59:fb:84:ee:
99:b8:ee:48:41:44:43:7a:09:ad:04:c6:1f:7d:cc:
85:f0:6a:a8:76:88:6a:4d:6b:5d:4c:25:4d:91:22:
36:bc:a4:92:14:92:fa:8a:eb:71:98:8d:29:9f:4f:
b4:c6:f1:1a:2d:33:6d:22:40:37:70:ad:fb:46:f4:
7b:ba:10:f3:ee:e7:33:86:ad:05:77:e7:be:b9:be:
60:c9:10:bc:a4:f9:fc:b8:c1:21:bd:ab:fc:c8:8d:
93:ae:66:0a:cb:de:80:8d:d0:bf:52:2b:14:48:9d:
13:cd:1a:dd:40:97:45:e0:da:c4:ed:fb:4a:3e:df:
6b:b6:ab:c2:a5:3d:a7:ab:d3:3f:9b:f9:d2:25:19:
cb:0e:b6:5a:03:be:15:58:1f:8a:36:74:e9:ba:7d:
8d:57:7e:39:2f:08:aa:42:ad:0f:22:e1:df:e1:55:
b2:93:96:33:49:e3:bc:a1:84:75:02:55:e1:35:0a:
b2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:82:42:6C:62:8F:14:1C:83:3F:BA:C4:15:06:4A:D4:69:B1:E0:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
62:66:2c:22:2b:1f:a1:c9:37:08:76:37:04:ad:3f:5f:3c:06:
78:4b:87:75:3f:70:71:c9:94:64:8b:6f:aa:6a:2a:33:64:8d:
54:c7:1c:a1:5a:5a:34:10:0c:0d:3f:9b:1c:b9:63:83:1c:57:
55:1c:ed:a3:6f:0f:2f:6b:5e:e1:33:d8:d2:98:da:6f:bc:b2:
d8:cd:aa:c9:ab:58:f0:d8:ad:e3:53:fe:ef:0a:2f:c4:4a:fa:
c2:5b:5d:d9:1b:11:19:a2:24:80:90:c3:0a:71:78:5d:c1:69:
2b:61:33:1c:24:a2:ac:0a:a8:f6:48:21:fa:e8:a6:53:26:0f:
77:8b:1f:79:ce:19:ca:d5:93:d3:21:63:35:e2:a3:b2:8a:17:
e6:89:94:55:d3:6d:8a:92:a9:91:f1:8d:93:a4:6a:a6:89:db:
93:00:0f:e8:f8:df:f0:79:00:b4:49:c0:65:69:b8:b4:8f:4a:
5e:7b:99:f1:26:63:58:8b:4f:c9:03:c7:67:62:bb:77:bc:c9:
06:58:ec:fe:32:61:bc:06:61:ce:1b:ee:c6:49:f9:da:ec:dc:
69:24:e7:4f:5d:d3:4a:97:dd:c9:b9:d7:fb:7a:f7:0c:3a:76:
75:3e:f4:8f:b8:8f:8b:53:1b:f1:e9:68:70:2e:31:93:13:1b:
a3:5e:3e:65
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUA0ew3Xq4nuN39kcjvFP5cW51Z54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwMDJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyM2ZlZTQ1YzFkZGFlY2I1NGU4MzQ1ZDljMmNhMzk5YWZiMThlZTEwNzQ1
ZWM2MjNiZjdkMDE3Mjk3NmZkYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgQCgkZDP9gLO/WyQQDr79wl3C9Czfd4mlUPP5fiwfPUh730gZgaHfuUQ3q
Sijv9lMbcaxPmWA4Ec/lUuhMMPA2maSwd/9Z+4TumbjuSEFEQ3oJrQTGH33MhfBq
qHaIak1rXUwlTZEiNrykkhSS+orrcZiNKZ9PtMbxGi0zbSJAN3Ct+0b0e7oQ8+7n
M4atBXfnvrm+YMkQvKT5/LjBIb2r/MiNk65mCsvegI3Qv1IrFEidE80a3UCXReDa
xO37Sj7fa7arwqU9p6vTP5v50iUZyw62WgO+FVgfijZ06bp9jVd+OS8IqkKtDyLh
3+FVspOWM0njvKGEdQJV4TUKsvMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQwgkJs
Yo8UHIM/usQVBkrUabHgLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTJmYTAwOTQtMzcyMS00YTYxLWE3MmYtOGNkZWZmNWU1ZjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
sDANBgkqhkiG9w0BAQsFAAOCAQEAYmYsIisfock3CHY3BK0/XzwGeEuHdT9wccmU
ZItvqmoqM2SNVMccoVpaNBAMDT+bHLljgxxXVRzto28PL2te4TPY0pjab7yy2M2q
yatY8Nit41P+7wovxEr6wltd2RsRGaIkgJDDCnF4XcFpK2EzHCSirAqo9kgh+uim
UyYPd4sfec4ZytWT0yFjNeKjsooX5omUVdNtipKpkfGNk6RqponbkwAP6Pjf8HkA
tEnAZWm4tI9KXnuZ8SZjWItPyQPHZ2K7d7zJBljs/jJhvAZhzhvuxkn52uzcaSTn
T13TSpfdybnX+3r3DDp2dT70j7iPi1Mb8elocC4xkxMbo14+ZQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:22:44 2025 by rpki-client