Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
File: 1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa (raw, json)
Hash identifier: o/SjSAOfiaD8ti+ZIWgVcYwedpN9ejfDwlbuBPbvAJE=
Subject key identifier: B7:E7:B2:F0:E8:9B:C0:87:1E:F0:6B:4A:4E:FA:00:8D:57:2B:FF:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 583C9FC961EB0CA3A10E8E9A4AF6EBF573FAE711
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
Signing time: Thu 26 Jun 2025 19:38:43 +0000
ROA not before: Thu 26 Jun 2025 19:38:43 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:3c:9f:c9:61:eb:0c:a3:a1:0e:8e:9a:4a:f6:eb:f5:73:fa:e7:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:43 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=149b86f0533670a28721ee5dbc2ee6f1d181f4f361459aafb1cff1541ed6be4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:70:8b:98:35:87:dc:0a:8e:b5:b7:c4:c8:ab:
a1:03:4f:ab:74:db:72:08:1c:bf:07:f6:12:79:b0:
b9:2e:c4:62:22:a7:98:7e:29:55:3a:5e:04:9c:5e:
59:83:90:62:7e:e9:3e:14:d4:d6:a3:97:89:8f:b6:
d0:54:25:56:25:81:58:22:72:e1:6a:77:8a:4d:f7:
3d:0b:6a:fd:db:85:c8:16:98:26:d8:cb:3a:79:3b:
e6:3d:a8:9f:c0:75:a8:1b:de:45:0b:dd:df:c2:58:
39:d4:b5:17:d0:51:3d:9d:73:25:6a:0f:00:cb:ff:
64:f2:cd:a4:8d:d9:00:38:4a:9c:60:f7:34:10:6f:
61:cc:26:8c:7e:b3:9b:87:55:a8:b4:c9:e6:90:fa:
d2:34:92:dc:a0:32:cf:f5:52:07:3d:a1:74:69:aa:
b6:74:a9:36:7b:68:0f:92:87:83:8f:16:62:d9:1e:
88:3b:aa:2b:a9:d5:85:21:97:7b:94:3a:58:4f:aa:
fc:59:42:81:a6:67:20:02:4b:26:8e:f1:72:66:b6:
09:62:5e:fd:c5:c0:e1:9b:9f:a4:14:ff:a5:81:7b:
ef:8c:10:f7:bf:b9:13:59:50:0b:9f:b3:01:95:6e:
1f:db:ee:b3:5e:3b:a5:2e:ae:e4:82:75:f7:bd:b6:
9c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E7:B2:F0:E8:9B:C0:87:1E:F0:6B:4A:4E:FA:00:8D:57:2B:FF:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
9b:67:04:07:85:cd:15:48:2b:5e:46:04:d5:dd:f3:b0:2c:4c:
e8:7c:2e:c0:40:13:03:7e:c9:f3:af:6c:2d:86:90:48:c8:fb:
de:a6:2a:4a:c3:99:29:4c:b0:f4:ca:ca:c7:d1:50:a3:b3:9e:
92:be:a7:c9:55:e4:e7:c7:fc:ce:c1:31:20:7c:03:44:4f:37:
ff:c9:5a:39:6f:ca:17:35:6a:d8:d3:cf:f4:f5:9c:1e:b4:85:
94:70:6d:c3:c0:f9:ca:27:27:63:e8:b3:f4:ca:6b:55:cf:f7:
94:18:2b:5d:f1:01:a8:fe:c1:41:ad:a6:98:3d:dd:46:5a:60:
16:35:7a:63:77:66:29:2b:17:ad:d5:37:4d:61:18:da:5d:df:
2f:ec:84:07:7b:f3:77:7f:27:dd:81:9f:16:1b:c1:06:b5:8c:
71:cd:75:21:44:e5:42:18:15:ee:a4:88:f9:1e:cd:a5:f6:c6:
e3:16:1a:01:eb:2a:1c:0b:a4:3d:6f:48:75:32:7b:b2:c0:39:
c1:b9:55:6a:d3:aa:df:2d:63:56:9e:41:8a:37:44:49:57:32:
8e:df:49:ac:3e:39:63:fe:59:30:8c:9a:3d:df:78:ee:3e:f8:
c5:76:ee:7b:e6:ae:86:d2:c7:c0:7a:35:31:78:89:88:b1:bc:
11:6e:2f:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWDyfyWHrDKOhDo6aSvbr9XP65xEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NDNaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0OWI4NmYwNTMzNjcwYTI4NzIxZWU1ZGJjMmVlNmYxZDE4MWY0ZjM2MTQ1
OWFhZmIxY2ZmMTU0MWVkNmJlNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtwi5g1h9wKjrW3xMiroQNPq3Tbcggcvwf2EnmwuS7EYiKnmH4pVTpeBJxe
WYOQYn7pPhTU1qOXiY+20FQlViWBWCJy4Wp3ik33PQtq/duFyBaYJtjLOnk75j2o
n8B1qBveRQvd38JYOdS1F9BRPZ1zJWoPAMv/ZPLNpI3ZADhKnGD3NBBvYcwmjH6z
m4dVqLTJ5pD60jSS3KAyz/VSBz2hdGmqtnSpNntoD5KHg48WYtkeiDuqK6nVhSGX
e5Q6WE+q/FlCgaZnIAJLJo7xcma2CWJe/cXA4ZufpBT/pYF774wQ97+5E1lQC5+z
AZVuH9vus147pS6u5IJ19722nKsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS357Lw
6JvAhx7wa0pO+gCNVyv/8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTczMGZiMGYtYWZkMi00YTQwLWIyMTgtN2QwZGYyYjJhMWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
wDANBgkqhkiG9w0BAQsFAAOCAQEAm2cEB4XNFUgrXkYE1d3zsCxM6HwuwEATA37J
869sLYaQSMj73qYqSsOZKUyw9MrKx9FQo7Oekr6nyVXk58f8zsExIHwDRE83/8la
OW/KFzVq2NPP9PWcHrSFlHBtw8D5yicnY+iz9MprVc/3lBgrXfEBqP7BQa2mmD3d
RlpgFjV6Y3dmKSsXrdU3TWEY2l3fL+yEB3vzd38n3YGfFhvBBrWMcc11IUTlQhgV
7qSI+R7NpfbG4xYaAesqHAukPW9IdTJ7ssA5wblVatOq3y1jVp5BijdESVcyjt9J
rD45Y/5ZMIyaPd947j74xXbue+auhtLHwHo1MXiJiLG8EW4vSg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:22 2025 by rpki-client