Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
File: 183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa (raw, json)
Hash identifier: VWBNqqUIS53fTYJB7sQVC1eFniHpEfjSiYlCDNMxgYg=
Subject key identifier: 37:50:EA:CF:43:3E:EB:59:23:2B:BC:4D:AB:7C:A5:28:84:9F:CB:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12904A0545C9B0A3EF5D699A136AF245D903EC02
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
Signing time: Mon 16 Jun 2025 21:20:19 +0000
ROA not before: Mon 16 Jun 2025 21:20:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:90:4a:05:45:c9:b0:a3:ef:5d:69:9a:13:6a:f2:45:d9:03:ec:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=21ae27c3e1dd091a560e6302e56c72c2eed646c4b44abcbc9e4a0ae214ada8e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:85:fa:49:02:66:4c:b6:4e:ab:34:49:17:1e:
4c:3b:87:1d:6f:c4:c7:6b:d8:44:ee:3f:de:a6:16:
65:8b:89:a7:e3:89:c4:20:89:58:60:3f:9c:29:ce:
50:d1:20:dc:45:94:6e:91:d6:ce:c7:40:98:0f:f7:
63:66:bb:cf:0d:e8:12:be:b2:dd:7f:a8:aa:57:60:
7c:49:2b:ea:ae:8f:f3:b2:43:db:77:ce:af:db:b5:
a7:22:72:d4:cd:18:50:1c:59:71:54:3f:5d:d4:be:
78:87:d4:2f:25:1e:27:5c:62:c7:f6:0d:80:95:e0:
44:8f:b6:18:fc:25:d4:a8:27:fb:bf:51:b3:49:31:
9e:ce:23:d1:86:fb:da:3d:e9:86:dc:74:15:b4:5f:
3f:bb:5c:4c:40:93:88:07:4f:4f:1f:a7:33:de:26:
04:61:fe:eb:37:36:38:ac:62:15:88:6c:15:41:f9:
5b:a1:0d:a9:ba:c0:12:b6:95:ea:af:87:5f:d2:93:
23:f9:ba:83:c1:0d:25:c1:f6:ad:81:85:17:cd:e4:
f2:9b:e2:15:c5:b9:4f:0b:95:f3:ae:e9:a9:a6:d4:
1b:8b:39:d1:a7:a8:f0:9f:1f:ca:40:38:ce:70:14:
9f:dd:bd:83:a8:6a:32:90:4c:43:12:4d:17:15:23:
06:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:50:EA:CF:43:3E:EB:59:23:2B:BC:4D:AB:7C:A5:28:84:9F:CB:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:1000::/40
Signature Algorithm: sha256WithRSAEncryption
92:f0:0f:54:ee:7e:4a:d9:5b:c1:ad:7e:15:f5:51:1d:be:f8:
2b:c9:b8:40:fe:7a:bf:83:18:76:b9:4c:1b:15:25:ff:24:4f:
2d:bc:63:7c:86:f6:e1:06:5e:1a:57:ca:7d:bd:5c:a2:2f:1e:
0b:d6:6d:35:00:16:b4:e4:06:9c:a4:18:49:0f:ed:11:7e:35:
2d:d9:02:38:f3:89:28:f3:8a:6d:20:b3:e2:2d:e9:19:10:48:
b9:74:d9:a4:65:09:54:60:af:aa:34:b9:58:53:b2:03:7d:7c:
3d:51:7f:20:99:e5:f1:7f:02:71:3a:66:70:b3:d7:20:5c:82:
5e:fd:0f:1b:de:e0:40:94:98:07:f8:ee:78:c3:10:ed:00:88:
f2:1f:4d:3f:3c:d3:c7:d8:da:50:8b:b2:0c:b7:49:62:29:85:
81:3e:22:f0:00:2d:aa:aa:a1:0d:0a:63:26:4c:68:e2:a2:05:
44:bc:82:18:a2:f7:8f:f6:55:b7:19:6a:36:ab:c2:01:84:09:
7a:6c:02:63:85:5c:9a:24:5c:33:5c:5c:51:4b:99:ae:02:a3:
23:eb:22:d7:6d:33:89:fa:cb:8a:ae:e5:1d:e0:5f:73:bd:64:
5e:dc:68:0a:11:72:2c:b6:85:1e:de:36:3e:c4:5b:83:b1:40:
78:e6:6c:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEpBKBUXJsKPvXWmaE2ryRdkD7AIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxYWUyN2MzZTFkZDA5MWE1NjBlNjMwMmU1NmM3MmMyZWVkNjQ2YzRiNDRh
YmNiYzllNGEwYWUyMTRhZGE4ZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaF+kkCZky2Tqs0SRceTDuHHW/Ex2vYRO4/3qYWZYuJp+OJxCCJWGA/nCnO
UNEg3EWUbpHWzsdAmA/3Y2a7zw3oEr6y3X+oqldgfEkr6q6P87JD23fOr9u1pyJy
1M0YUBxZcVQ/XdS+eIfULyUeJ1xix/YNgJXgRI+2GPwl1Kgn+79Rs0kxns4j0Yb7
2j3phtx0FbRfP7tcTECTiAdPTx+nM94mBGH+6zc2OKxiFYhsFUH5W6ENqbrAEraV
6q+HX9KTI/m6g8ENJcH2rYGFF83k8pviFcW5TwuV867pqabUG4s50aeo8J8fykA4
znAUn929g6hqMpBMQxJNFxUjBtECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3UOrP
Qz7rWSMrvE2rfKUohJ/LlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgzZWI1ODMtM2ZiMy00YzNhLWJhZGItOWZlMGE0ZTUwZmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCS8A9U7n5K2VvBrX4V9VEdvvgrybhA/nq/gxh2
uUwbFSX/JE8tvGN8hvbhBl4aV8p9vVyiLx4L1m01ABa05AacpBhJD+0RfjUt2QI4
84ko84ptILPiLekZEEi5dNmkZQlUYK+qNLlYU7IDfXw9UX8gmeXxfwJxOmZws9cg
XIJe/Q8b3uBAlJgH+O54wxDtAIjyH00/PNPH2NpQi7IMt0liKYWBPiLwAC2qqqEN
CmMmTGjiogVEvIIYoveP9lW3GWo2q8IBhAl6bAJjhVyaJFwzXFxRS5muAqMj6yLX
bTOJ+suKruUd4F9zvWRe3GgKEXIstoUe3jY+xFuDsUB45my8
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:00:22 2025 by rpki-client