Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
File: 1af8ee5d-0148-4672-a9da-a1980cfe4768.roa (raw, json)
Hash identifier: KQYgOHf0bfN9wlRObs4qLb2nV5ePCjeyWfTNjRAzf20=
Subject key identifier: 03:03:4F:8A:1C:EA:94:C8:73:D7:AE:A7:CC:8A:DC:65:A1:DD:79:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F82B0D41F617DF855809D3E3105A974DEE8C759
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
Signing time: Mon 16 Jun 2025 20:11:08 +0000
ROA not before: Mon 16 Jun 2025 20:11:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:82:b0:d4:1f:61:7d:f8:55:80:9d:3e:31:05:a9:74:de:e8:c7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=582c8f2675cff82f5baeda45851ed2c106724bff8a64c82d622d8e8a5405c084, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bc:b3:c9:ce:d8:dc:0d:64:ac:cb:d1:5f:78:
79:40:27:2f:e3:66:05:30:0f:e2:9f:33:21:ca:ff:
80:38:3f:67:03:36:b0:80:ab:29:36:94:d6:07:36:
0b:6e:8a:bd:0e:0c:88:1f:15:cb:62:ec:8e:05:61:
bd:a5:c2:2c:c4:71:40:6a:1c:a7:cf:be:54:bf:17:
18:8c:6c:33:02:25:2e:4c:70:a3:5a:40:d3:04:51:
97:97:49:01:77:36:bc:da:d4:89:53:da:fc:0a:08:
be:fa:42:b7:0e:dc:f1:cf:24:ed:26:84:58:dd:1d:
15:70:68:31:3c:5a:89:9e:d5:c3:bb:60:af:ac:e0:
c6:3e:5b:33:13:76:4a:68:0a:b5:4a:88:07:d8:fc:
f5:08:08:eb:32:79:15:a8:c3:5d:82:d6:98:6e:0f:
77:1e:d5:ef:39:0f:ab:22:d4:60:48:8b:f9:78:a1:
41:b1:b7:e1:1c:3a:45:41:38:96:b5:10:9c:d9:47:
e8:35:be:13:04:0b:82:53:d4:f8:fa:56:3b:93:95:
63:af:ef:47:50:69:56:cf:b9:ed:c0:37:d2:9d:a7:
38:a0:e4:27:35:29:30:5b:41:90:fa:5d:9c:b7:fa:
78:15:fd:32:3e:25:71:8c:6c:ef:ea:62:75:55:c0:
5c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:03:4F:8A:1C:EA:94:C8:73:D7:AE:A7:CC:8A:DC:65:A1:DD:79:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8080::/48
Signature Algorithm: sha256WithRSAEncryption
74:5f:0b:48:71:71:f7:e6:fd:f7:00:ac:69:bb:6a:b1:6a:3a:
1c:07:3d:06:32:b1:bc:cd:92:06:cb:9e:8f:00:6b:d9:50:89:
0e:ca:b8:90:5c:cf:94:9b:c8:57:b7:36:fc:f4:b5:d3:49:8a:
58:7e:d7:0e:0e:22:25:b5:99:87:a8:e3:a5:ba:a5:15:e6:b9:
91:22:d4:19:cc:ae:91:2f:3d:9e:cc:2e:76:99:c6:c1:18:19:
e8:6f:c0:b1:5b:6c:a4:d5:32:6f:4c:6f:33:27:46:79:7f:17:
56:d7:40:1d:42:3c:2e:b4:51:07:86:6f:b1:67:2f:b1:10:45:
d4:c4:60:f5:fb:4c:5e:2e:9f:a5:3e:48:6c:61:73:5a:12:51:
0c:70:31:ff:05:d2:d0:3b:31:17:99:de:1c:2d:9f:eb:9f:68:
1d:1e:7c:04:4b:ba:d0:cf:4d:35:9b:09:8e:65:99:5b:16:a9:
ce:62:9f:e7:89:29:b3:27:60:bf:21:a5:4e:72:c6:6b:2d:65:
b0:8b:c3:d9:02:ba:eb:a6:20:61:b2:09:fb:71:06:41:8c:ca:
ab:89:39:d6:75:18:13:cc:b9:29:68:ad:41:2c:7a:50:fc:7b:
6e:ba:f8:56:0a:4b:18:15:05:1f:45:08:1d:25:fd:5b:eb:f7:
0d:c6:10:ea
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf4Kw1B9hffhVgJ0+MQWpdN7ox1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4MmM4ZjI2NzVjZmY4MmY1YmFlZGE0NTg1MWVkMmMxMDY3MjRiZmY4YTY0
YzgyZDYyMmQ4ZThhNTQwNWMwODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN68s8nO2NwNZKzL0V94eUAnL+NmBTAP4p8zIcr/gDg/ZwM2sICrKTaU1gc2
C26KvQ4MiB8Vy2LsjgVhvaXCLMRxQGocp8++VL8XGIxsMwIlLkxwo1pA0wRRl5dJ
AXc2vNrUiVPa/AoIvvpCtw7c8c8k7SaEWN0dFXBoMTxaiZ7Vw7tgr6zgxj5bMxN2
SmgKtUqIB9j89QgI6zJ5FajDXYLWmG4Pdx7V7zkPqyLUYEiL+XihQbG34Rw6RUE4
lrUQnNlH6DW+EwQLglPU+PpWO5OVY6/vR1BpVs+57cA30p2nOKDkJzUpMFtBkPpd
nLf6eBX9Mj4lcYxs7+pidVXAXLkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQDA0+K
HOqUyHPXrqfMitxlod155zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFmOGVlNWQtMDE0OC00NjcyLWE5ZGEtYTE5ODBjZmU0NzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
gDANBgkqhkiG9w0BAQsFAAOCAQEAdF8LSHFx9+b99wCsabtqsWo6HAc9BjKxvM2S
BsuejwBr2VCJDsq4kFzPlJvIV7c2/PS100mKWH7XDg4iJbWZh6jjpbqlFea5kSLU
GcyukS89nswudpnGwRgZ6G/AsVtspNUyb0xvMydGeX8XVtdAHUI8LrRRB4ZvsWcv
sRBF1MRg9ftMXi6fpT5IbGFzWhJRDHAx/wXS0DsxF5neHC2f659oHR58BEu60M9N
NZsJjmWZWxapzmKf54kpsydgvyGlTnLGay1lsIvD2QK666YgYbIJ+3EGQYzKq4k5
1nUYE8y5KWitQSx6UPx7brr4VgpLGBUFH0UIHSX9W+v3DcYQ6g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:31 2025 by rpki-client