Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
File: 19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa (raw, json)
Hash identifier: 7/lLNvGTs9Hit3XgInN+rdaXuYVIihyBt3Q/Be2T/04=
Subject key identifier: 74:EB:77:B6:F4:4C:DA:27:B7:BF:3C:A6:53:77:45:E9:32:B9:AC:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10680FFCED6FE92A101927C0E379B9717CCCFF90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
Signing time: Mon 16 Jun 2025 19:51:45 +0000
ROA not before: Mon 16 Jun 2025 19:51:45 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:68:0f:fc:ed:6f:e9:2a:10:19:27:c0:e3:79:b9:71:7c:cc:ff:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:45 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=845a45360edfdea6558d4c7bc42592dc5e6305ad59fb4acf6dcf3d9821d6316f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f9:e2:de:62:03:42:c5:7a:90:96:c4:88:94:
08:c3:bd:04:5e:35:99:aa:0f:ad:99:46:f9:53:35:
aa:f3:84:8c:8d:2d:c7:13:1a:4b:39:f4:3f:0f:28:
5e:c7:ba:9d:60:83:f0:f3:73:e4:ea:9b:ba:38:76:
50:ac:6c:f5:3f:b2:73:2b:85:51:28:c2:b6:a3:ea:
34:48:9a:58:f2:5b:2a:0e:c0:ee:2f:71:8e:b6:62:
6d:0a:d5:9e:0a:53:40:6d:2a:9c:5b:70:31:69:0c:
31:2b:fd:d0:46:37:9f:d5:20:85:3c:32:67:b5:eb:
77:67:47:06:b4:ec:25:b1:4d:b2:d5:48:72:44:99:
25:4d:a5:52:a3:87:7d:ff:e9:db:36:69:12:fc:2b:
c7:b2:ab:2e:16:91:35:00:54:90:24:25:f6:81:f0:
47:2b:08:35:ee:27:08:f8:6e:16:7c:7c:da:96:f5:
01:ef:e5:4c:65:9b:2a:be:15:33:7f:4b:b1:fc:4a:
38:3c:e4:fd:78:f3:2a:28:b0:8b:04:53:6a:a2:e9:
b0:69:90:90:08:fb:00:48:d5:ae:56:b0:71:67:ac:
dd:8f:54:9c:91:2b:68:6a:81:c0:ea:27:1b:ba:63:
4e:db:3a:3c:63:89:aa:bd:8c:13:8d:a4:52:ee:57:
a4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EB:77:B6:F4:4C:DA:27:B7:BF:3C:A6:53:77:45:E9:32:B9:AC:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5080::/48
Signature Algorithm: sha256WithRSAEncryption
12:d4:14:43:4d:96:2f:d2:ed:6d:34:5c:50:ca:21:3a:28:8f:
e2:d8:fb:43:b4:b2:60:52:d6:88:fe:cd:40:cc:5e:66:26:ae:
2e:8e:57:7a:c5:21:54:6f:cf:a3:4c:cb:07:19:b8:31:84:32:
02:91:31:c1:26:0b:6f:e4:5d:39:d4:50:7c:2e:56:55:f8:9b:
89:a1:81:0c:1e:25:0d:96:e6:79:06:5f:0d:70:48:ad:bb:bb:
39:8e:3a:ed:57:34:d3:5c:30:dd:19:24:2c:97:3d:af:14:56:
27:7f:6c:af:78:c1:9d:73:1e:61:a2:08:65:1a:bc:8d:bf:5c:
20:2f:cb:0d:24:2f:7c:ed:bb:cb:94:4d:1b:6d:25:88:bd:c4:
04:6b:27:5d:5b:52:5e:12:cb:53:ad:93:b2:63:06:51:16:3d:
d1:e5:0f:8c:06:8c:5d:6e:c2:cf:ef:b9:f8:1c:7b:28:12:0d:
9f:5b:53:a5:6b:c7:59:f4:d3:f3:9e:91:6e:a3:38:81:6e:a2:
c4:b7:b1:f1:d0:a6:33:8a:e8:1e:83:a1:72:27:21:8a:a3:e9:
7d:dc:ff:72:bd:6f:de:09:ab:0c:69:d5:8f:35:75:3b:5c:89:
b9:f6:af:03:a5:f4:83:53:80:00:93:81:0a:4a:83:70:a7:0b:
34:87:96:f1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEGgP/O1v6SoQGSfA43m5cXzM/5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxNDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0NWE0NTM2MGVkZmRlYTY1NThkNGM3YmM0MjU5MmRjNWU2MzA1YWQ1OWZi
NGFjZjZkY2YzZDk4MjFkNjMxNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMv54t5iA0LFepCWxIiUCMO9BF41maoPrZlG+VM1qvOEjI0txxMaSzn0Pw8o
Xse6nWCD8PNz5Oqbujh2UKxs9T+ycyuFUSjCtqPqNEiaWPJbKg7A7i9xjrZibQrV
ngpTQG0qnFtwMWkMMSv90EY3n9UghTwyZ7Xrd2dHBrTsJbFNstVIckSZJU2lUqOH
ff/p2zZpEvwrx7KrLhaRNQBUkCQl9oHwRysINe4nCPhuFnx82pb1Ae/lTGWbKr4V
M39LsfxKODzk/XjzKiiwiwRTaqLpsGmQkAj7AEjVrlawcWes3Y9UnJEraGqBwOon
G7pjTts6PGOJqr2ME42kUu5XpBECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR063e2
9EzaJ7e/PKZTd0XpMrmsOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjdkOWYtM2NjOS00YWM0LTlhZmItMzk5ZjY2YmVlNjBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAEtQUQ02WL9LtbTRcUMohOiiP4tj7Q7SyYFLW
iP7NQMxeZiauLo5XesUhVG/Po0zLBxm4MYQyApExwSYLb+RdOdRQfC5WVfibiaGB
DB4lDZbmeQZfDXBIrbu7OY467Vc001ww3RkkLJc9rxRWJ39sr3jBnXMeYaIIZRq8
jb9cIC/LDSQvfO27y5RNG20liL3EBGsnXVtSXhLLU62TsmMGURY90eUPjAaMXW7C
z++5+Bx7KBINn1tTpWvHWfTT856RbqM4gW6ixLex8dCmM4roHoOhcichiqPpfdz/
cr1v3gmrDGnVjzV1O1yJufavA6X0g1OAAJOBCkqDcKcLNIeW8Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:04 2025 by rpki-client