Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
File: 191b6a6c-2595-4848-a6b3-22a230649f67.roa (raw, json)
Hash identifier: LiWniWsk6GCDUikTyEtpC7040H7K/29x8R9gI6K7ngs=
Subject key identifier: 66:E4:AD:31:78:8B:EF:25:01:A1:47:06:31:11:EA:DA:12:51:1D:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AE28134D4773ECCC9B2FEBCF4C1CD2D93B22985
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
Signing time: Mon 16 Jun 2025 20:50:12 +0000
ROA not before: Mon 16 Jun 2025 20:50:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:e2:81:34:d4:77:3e:cc:c9:b2:fe:bc:f4:c1:cd:2d:93:b2:29:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:50:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2cfb485e127774934316763503852e29f92da37a4a2d318bb444689fa26674cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:7a:81:90:a1:c7:29:22:c6:76:10:77:bc:
4b:31:a3:cd:7d:d8:92:63:2a:ea:64:44:ed:9d:64:
09:85:50:e3:d3:62:b8:46:0d:b0:dd:a2:9c:e4:3e:
a6:ab:55:f3:7b:af:67:fe:03:ea:1c:bd:74:bf:c6:
b7:8d:2c:6c:d8:91:42:12:21:0c:24:10:31:0e:72:
87:1c:78:25:06:bb:11:13:50:ce:5f:e4:95:87:ef:
80:9d:17:30:28:80:87:74:b1:98:ed:65:e8:1b:69:
5c:75:d2:0f:17:5b:a3:2c:58:44:17:1b:bc:58:6e:
ef:4c:b2:a3:3d:5b:8f:fb:ad:be:5f:81:5f:36:71:
f5:5a:8a:8f:41:ec:ce:3b:26:8b:38:d4:e1:3a:84:
4e:75:8c:b6:75:ef:e8:0e:4f:8e:08:a0:51:c6:c3:
43:64:63:94:e6:92:b1:d5:c2:5e:96:5d:fb:17:10:
62:81:87:f6:a1:35:64:2c:2e:24:4e:c0:31:fd:37:
7d:bf:e6:51:b2:8b:e7:8c:f5:57:47:01:7b:e0:fc:
6c:30:6b:03:2a:92:ac:e9:c9:d7:0d:79:4e:80:29:
02:bd:fd:b4:aa:f7:ea:82:9b:aa:ef:05:f2:6c:85:
77:dd:13:95:d9:d1:2f:22:a0:17:9e:9e:43:5d:da:
91:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E4:AD:31:78:8B:EF:25:01:A1:47:06:31:11:EA:DA:12:51:1D:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:5040::/46
Signature Algorithm: sha256WithRSAEncryption
b0:ff:67:c8:de:cd:35:7a:1f:80:cf:5c:3e:be:41:df:d9:29:
5b:77:b8:de:24:f3:48:79:ae:b6:f3:21:dc:fc:ea:57:f0:cc:
c3:ee:f3:d9:68:ef:a7:b4:9d:6a:0d:b9:f2:84:4f:02:61:c3:
04:b5:4a:71:f5:1d:80:89:03:32:94:2e:8b:2b:fa:15:fd:53:
7c:32:1f:97:8d:c0:07:ea:e7:d4:be:3b:87:42:02:e4:43:d9:
33:3a:6f:5a:89:cf:5b:57:e6:38:49:40:40:ba:16:9c:f8:3e:
bf:b1:f5:00:3c:f5:d5:ad:0b:25:b7:81:1b:87:f0:af:7d:7a:
70:59:4b:31:70:37:87:4a:23:8d:56:0c:d1:5e:7c:f8:6e:cd:
22:28:15:56:aa:1d:e1:62:0b:cb:32:fe:32:ee:88:6d:fe:d2:
34:97:eb:7b:02:cf:eb:0a:4c:7d:83:c8:a0:a5:03:d1:09:0c:
19:74:01:eb:d3:c0:8d:c9:01:c4:9e:23:a1:b2:71:9d:1d:b8:
86:8e:66:74:fa:2d:0e:aa:73:e7:4d:1c:f0:48:02:46:b6:cb:
3a:96:64:1d:06:f6:9f:57:39:8e:09:e3:f6:e3:30:3e:6a:ef:
78:7e:f6:19:e5:f1:6b:5d:4e:7b:de:74:8a:2a:ec:b7:bd:08:
3f:2b:2d:f5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOuKBNNR3PszJsv689MHNLZOyKYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUwMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjZmI0ODVlMTI3Nzc0OTM0MzE2NzYzNTAzODUyZTI5ZjkyZGEzN2E0YTJk
MzE4YmI0NDQ2ODlmYTI2Njc0Y2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALX+eoGQoccpIsZ2EHe8SzGjzX3YkmMq6mRE7Z1kCYVQ49NiuEYNsN2inOQ+
pqtV83uvZ/4D6hy9dL/Gt40sbNiRQhIhDCQQMQ5yhxx4JQa7ERNQzl/klYfvgJ0X
MCiAh3SxmO1l6BtpXHXSDxdboyxYRBcbvFhu70yyoz1bj/utvl+BXzZx9VqKj0Hs
zjsmizjU4TqETnWMtnXv6A5PjgigUcbDQ2RjlOaSsdXCXpZd+xcQYoGH9qE1ZCwu
JE7AMf03fb/mUbKL54z1V0cBe+D8bDBrAyqSrOnJ1w15ToApAr39tKr36oKbqu8F
8myFd90TldnRLyKgF56eQ13akWMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRm5K0x
eIvvJQGhRwYxEeraElEd/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkxYjZhNmMtMjU5NS00ODQ4LWE2YjMtMjJhMjMwNjQ5ZjY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAsP9nyN7NNXofgM9cPr5B39kpW3e43iTzSHmu
tvMh3PzqV/DMw+7z2Wjvp7Sdag258oRPAmHDBLVKcfUdgIkDMpQuiyv6Ff1TfDIf
l43AB+rn1L47h0IC5EPZMzpvWonPW1fmOElAQLoWnPg+v7H1ADz11a0LJbeBG4fw
r316cFlLMXA3h0ojjVYM0V58+G7NIigVVqod4WILyzL+Mu6Ibf7SNJfrewLP6wpM
fYPIoKUD0QkMGXQB69PAjckBxJ4jobJxnR24ho5mdPotDqpz500c8EgCRrbLOpZk
HQb2n1c5jgnj9uMwPmrveH72GeXxa11Oe950iirst70IPyst9Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:41 2025 by rpki-client