Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
File: 14c60b75-8947-47da-9c6d-7045cbbbea55.roa (raw, json)
Hash identifier: tUX6m45Nm0SvPQNSCYbRQ+2m5dIW2yrAH96qcfVCHIw=
Subject key identifier: 66:A2:1D:8F:23:E0:ED:22:79:4F:1F:72:51:E5:B6:38:D7:BD:9E:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33E316D88DF1DF7F1841E3BBB14D1B2307F8A93C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
Signing time: Tue 17 Jun 2025 00:41:11 +0000
ROA not before: Tue 17 Jun 2025 00:41:11 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:e3:16:d8:8d:f1:df:7f:18:41:e3:bb:b1:4d:1b:23:07:f8:a9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:11 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=08b97cc672c8fb63eea3f79261cf24871d050106191aedf9fbc639f1ca86ff01, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c1:87:c7:e5:69:2c:08:a4:b7:57:00:d6:9b:
02:e0:42:e7:45:67:62:85:e7:90:d9:08:b7:25:a7:
74:38:5d:41:81:18:21:a8:89:e8:fe:2e:c5:92:6e:
0a:eb:6d:5a:40:4e:94:20:82:11:b4:6c:36:ab:22:
32:0f:d4:8a:33:53:8c:e3:a7:7c:9d:e6:e3:ba:05:
69:da:65:98:92:d1:c0:60:71:ce:ec:49:79:b8:f1:
db:27:4a:57:4c:cd:e8:6a:40:8d:f1:77:fa:eb:72:
b8:b0:40:de:ae:da:83:7d:7e:5e:52:9f:59:2b:11:
eb:57:ea:f4:a7:d9:fa:78:2b:bb:b5:47:2c:95:57:
af:e0:35:30:72:1c:45:ff:78:f2:ae:76:0f:d8:90:
c5:40:bc:c7:a9:7f:23:87:24:0c:7e:82:f3:a7:a1:
77:e2:6b:75:cb:60:93:9d:f8:7c:8e:05:89:06:ff:
ac:2f:81:d1:1f:ba:42:98:ed:f4:7e:ed:c3:63:2d:
f9:af:17:78:1b:58:c1:0a:34:fa:49:dc:c1:66:39:
72:38:a9:22:ab:82:09:5b:6c:38:36:9c:1f:55:e7:
41:9b:8a:8d:3b:b7:1a:5c:37:a2:61:4f:7b:96:6a:
07:fc:84:05:ff:35:35:9d:db:9a:f8:9d:32:8d:72:
0a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A2:1D:8F:23:E0:ED:22:79:4F:1F:72:51:E5:B6:38:D7:BD:9E:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
48:0f:75:ec:49:9f:61:39:c4:86:26:7d:78:62:13:24:39:10:
c1:4d:e5:0c:6a:1c:f6:dd:3c:82:7c:b8:ee:bf:3e:3a:95:f0:
31:79:f3:20:43:a4:29:94:de:59:d8:98:99:1b:00:e9:c0:c0:
fa:9c:e3:ae:26:7a:b4:67:93:9c:52:05:bd:eb:eb:f8:40:34:
4c:74:a7:22:f2:3e:68:7b:a4:0f:da:e4:c1:d2:94:52:a6:06:
5d:0b:40:00:34:81:1f:f1:d7:08:6a:7a:27:77:56:81:0d:71:
3b:38:eb:de:b3:e2:72:ad:f5:48:83:98:fb:c7:7e:54:34:b9:
18:38:ee:91:df:b1:ff:10:24:75:99:5e:39:9a:35:95:02:01:
25:2f:81:e8:9e:8b:66:bc:ae:31:ab:41:78:95:59:d2:c3:f3:
cd:23:a6:38:48:57:20:ff:8e:be:be:00:ba:d5:15:f6:f3:fb:
ec:1c:48:ac:5e:f7:50:2a:50:c0:c2:2b:e8:b9:7a:a9:db:a3:
6f:c8:68:02:f5:0d:23:38:53:fe:7f:f9:e9:8d:1d:84:98:0e:
89:20:fe:5a:e0:4e:8f:e1:15:fe:46:33:48:62:1d:20:1c:81:
18:f2:f2:4f:99:dd:ba:71:30:0c:f6:fe:42:b4:9c:53:9a:aa:
37:98:8a:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM+MW2I3x338YQeO7sU0bIwf4qTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMTFaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4Yjk3Y2M2NzJjOGZiNjNlZWEzZjc5MjYxY2YyNDg3MWQwNTAxMDYxOTFh
ZWRmOWZiYzYzOWYxY2E4NmZmMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDBh8flaSwIpLdXANabAuBC50VnYoXnkNkItyWndDhdQYEYIaiJ6P4uxZJu
CuttWkBOlCCCEbRsNqsiMg/UijNTjOOnfJ3m47oFadplmJLRwGBxzuxJebjx2ydK
V0zN6GpAjfF3+utyuLBA3q7ag31+XlKfWSsR61fq9KfZ+ngru7VHLJVXr+A1MHIc
Rf948q52D9iQxUC8x6l/I4ckDH6C86ehd+Jrdctgk534fI4FiQb/rC+B0R+6Qpjt
9H7tw2Mt+a8XeBtYwQo0+kncwWY5cjipIquCCVtsODacH1XnQZuKjTu3Glw3omFP
e5ZqB/yEBf81NZ3bmvidMo1yCpMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRmoh2P
I+DtInlPH3JR5bY4172eUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRjNjBiNzUtODk0Ny00N2RhLTljNmQtNzA0NWNiYmJlYTU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBID3XsSZ9hOcSGJn14YhMkORDBTeUMahz23TyC
fLjuvz46lfAxefMgQ6QplN5Z2JiZGwDpwMD6nOOuJnq0Z5OcUgW96+v4QDRMdKci
8j5oe6QP2uTB0pRSpgZdC0AANIEf8dcIanond1aBDXE7OOves+JyrfVIg5j7x35U
NLkYOO6R37H/ECR1mV45mjWVAgElL4HonotmvK4xq0F4lVnSw/PNI6Y4SFcg/46+
vgC61RX28/vsHEisXvdQKlDAwivouXqp26NvyGgC9Q0jOFP+f/npjR2EmA6JIP5a
4E6P4RX+RjNIYh0gHIEY8vJPmd26cTAM9v5CtJxTmqo3mIp6
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:47 2025 by rpki-client