Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
File: 1a961f3a-fb71-4357-a4fc-28c4024b0441.roa (raw, json)
Hash identifier: FKwR3/gofsykH1Oz8IMVBDQ51SuhCIHsaF6GuFJL/RQ=
Subject key identifier: FC:F9:91:D6:DE:EC:CC:7F:B6:21:52:65:80:00:C4:33:42:D9:13:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BB8FBAA21D2E77B0FA67931A7467364C5E2DCB3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
Signing time: Wed 25 Jun 2025 00:50:04 +0000
ROA not before: Wed 25 Jun 2025 00:50:04 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:b8:fb:aa:21:d2:e7:7b:0f:a6:79:31:a7:46:73:64:c5:e2:dc:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 25 00:50:04 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=1d31a8a715ef92b899b4c5f25b06e7b3df6c4ff7b197cec5ab343b6ca64aaac2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:32:e8:28:69:5a:14:54:8d:ac:b7:2c:9d:8c:
81:ec:b1:9b:97:9a:05:25:ed:b6:c2:a2:0e:f4:e4:
d9:e2:46:58:48:8b:0c:52:2b:73:73:6f:67:48:19:
1d:35:69:ed:fd:37:f1:11:06:b5:3d:53:58:ab:84:
75:8e:ff:f4:43:43:93:3c:ea:87:c6:f7:89:de:4e:
18:f1:1c:ab:9e:0a:47:51:92:b3:10:42:ed:ce:c2:
70:54:80:36:13:f4:8d:8d:51:9b:40:ea:f6:20:91:
9a:e8:4c:3b:18:04:ed:e9:b0:1c:df:96:a2:c6:bb:
c0:da:3f:58:d2:91:c2:7f:b9:c0:33:d2:1b:b6:0a:
95:fa:e5:0f:7e:75:c5:02:59:ab:ad:6a:df:7c:3e:
48:93:31:be:e2:08:58:f9:a3:f5:62:c7:0f:e2:41:
11:cf:ca:a1:71:22:4b:f8:1d:01:91:b1:c0:1a:f9:
36:e5:c3:1b:9f:96:35:54:40:34:5b:52:a4:94:6e:
b1:ec:a2:4c:f7:47:d7:b0:ee:68:ff:10:6e:27:99:
df:40:51:ac:20:09:69:13:e0:46:51:f6:05:db:0a:
27:ed:21:72:1b:fe:5e:dc:a0:c8:21:0a:77:35:b0:
ab:13:62:05:19:ee:84:ba:d1:48:67:e4:96:20:4a:
d4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F9:91:D6:DE:EC:CC:7F:B6:21:52:65:80:00:C4:33:42:D9:13:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
ae:48:ae:2b:f2:0b:bf:6a:98:fd:e3:9d:64:32:3c:24:63:11:
7d:df:85:64:8d:50:5c:a4:ae:93:fe:a7:a6:fd:e8:fe:23:99:
6f:a0:4d:1d:5b:1b:6f:90:51:38:77:6a:da:29:5c:6f:e5:a3:
83:b8:38:16:dd:65:7e:78:42:2e:82:b6:41:09:c3:d6:79:35:
42:4b:5c:26:ca:04:a4:6f:62:c8:72:8b:d5:08:b8:c4:80:b8:
03:81:f7:34:b8:f8:b5:12:e0:73:b2:99:04:12:8f:03:ff:59:
f8:1b:b6:ec:51:81:a5:f6:af:c5:2b:65:a6:80:e1:49:74:e6:
48:34:e3:63:75:47:7c:6d:2b:5a:8b:ab:86:56:b1:27:02:92:
86:1c:3b:e7:eb:33:b4:3b:28:30:32:59:93:66:63:e7:fe:f5:
a8:28:01:8c:c4:ac:e0:cc:62:c6:6c:56:24:99:2c:6d:79:c1:
ea:b8:08:fa:57:db:b0:f2:80:c1:dc:ad:5a:5c:88:88:44:0f:
9e:fd:c1:ba:76:21:96:19:6e:e4:ea:05:b8:0e:24:92:a9:c6:
4f:91:dc:f3:12:72:d5:63:a8:17:e9:23:14:a6:10:07:97:2c:
d5:6c:a1:69:1e:a7:f1:74:60:61:4a:d3:81:43:f7:a0:4f:2a:
35:3a:cb:1e
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUa7j7qiHS53sPpnkxp0ZzZMXi3LMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjUwMDUwMDRaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMzFhOGE3MTVlZjkyYjg5OWI0YzVmMjViMDZlN2IzZGY2YzRmZjdiMTk3
Y2VjNWFiMzQzYjZjYTY0YWFhYzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsy6ChpWhRUjay3LJ2Mgeyxm5eaBSXttsKiDvTk2eJGWEiLDFIrc3NvZ0gZ
HTVp7f038REGtT1TWKuEdY7/9ENDkzzqh8b3id5OGPEcq54KR1GSsxBC7c7CcFSA
NhP0jY1Rm0Dq9iCRmuhMOxgE7emwHN+Wosa7wNo/WNKRwn+5wDPSG7YKlfrlD351
xQJZq61q33w+SJMxvuIIWPmj9WLHD+JBEc/KoXEiS/gdAZGxwBr5NuXDG5+WNVRA
NFtSpJRuseyiTPdH17DuaP8QbieZ30BRrCAJaRPgRlH2BdsKJ+0hchv+XtygyCEK
dzWwqxNiBRnuhLrRSGfkliBK1CcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT8+ZHW
3uzMf7YhUmWAAMQzQtkT2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE5NjFmM2EtZmI3MS00MzU3LWE0ZmMtMjhjNDAyNGIwNDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBAK5IrivyC79qmP3jnWQyPCRjEX3fhWSNUFykrpP+
p6b96P4jmW+gTR1bG2+QUTh3atopXG/lo4O4OBbdZX54Qi6CtkEJw9Z5NUJLXCbK
BKRvYshyi9UIuMSAuAOB9zS4+LUS4HOymQQSjwP/WfgbtuxRgaX2r8UrZaaA4Ul0
5kg042N1R3xtK1qLq4ZWsScCkoYcO+frM7Q7KDAyWZNmY+f+9agoAYzErODMYsZs
ViSZLG15weq4CPpX27DygMHcrVpciIhED579wbp2IZYZbuTqBbgOJJKpxk+R3PMS
ctVjqBfpIxSmEAeXLNVsoWkep/F0YGFK04FD96BPKjU6yx4=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:50 2025 by rpki-client