Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
File: 1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa (raw, json)
Hash identifier: 1KTLNUFeoCwOzM0V6zLrlNYfcYGt6jVC94XtzS0AArA=
Subject key identifier: 38:D8:68:E5:E8:D3:01:DB:6E:07:24:0A:F2:2D:7F:4A:0D:97:5F:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D72ECD5FE7CF2CEF47EA65B216DFF04B01FF746
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
Signing time: Mon 16 Jun 2025 20:11:33 +0000
ROA not before: Mon 16 Jun 2025 20:11:33 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:72:ec:d5:fe:7c:f2:ce:f4:7e:a6:5b:21:6d:ff:04:b0:1f:f7:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:33 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=7f6b7ffc9d8139b85ee1fa25e725022e45bf7562aa7eea9455c62a75d7766c6f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:38:de:f5:22:e6:99:bc:a4:ad:3b:4b:9a:83:
3c:21:ef:eb:fc:13:37:d0:15:82:eb:1d:33:5a:2f:
d6:a6:c2:0c:7a:b1:e4:55:60:69:48:fb:61:0f:d3:
6a:e7:fb:eb:ec:27:62:d3:b4:91:b6:79:cb:92:8c:
3f:64:51:f1:ce:03:4e:de:d6:4f:e7:ce:c9:38:a7:
76:d6:39:d0:28:eb:a5:17:cd:db:01:c5:80:83:50:
b6:5d:c5:8b:0a:8a:04:b2:fd:39:d0:08:8c:55:ab:
0a:66:b8:eb:38:ac:b8:02:c1:6b:e5:8a:ca:ee:a9:
90:13:86:0d:a0:a9:98:ad:e7:d8:8f:f3:45:a1:f5:
e8:d1:45:6b:69:5c:b2:89:f5:d4:3f:50:ad:48:3c:
ee:37:fd:50:9c:53:26:00:84:64:e9:f9:67:d3:a9:
48:ee:34:64:38:8f:6a:cb:a9:8f:43:91:64:b1:46:
58:ce:a9:6c:29:25:49:aa:13:a4:4c:73:38:20:df:
cc:55:fc:3c:d5:22:9a:93:4f:d9:1e:4b:d9:b1:86:
8f:79:61:c9:40:84:95:60:25:00:9f:75:be:d8:b4:
53:a6:6e:5d:f8:50:e1:7f:0c:61:9d:6d:89:f8:9e:
4d:9c:91:e8:f6:e3:91:e5:c3:22:a4:8f:50:d8:5f:
e7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D8:68:E5:E8:D3:01:DB:6E:07:24:0A:F2:2D:7F:4A:0D:97:5F:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a040::/48
Signature Algorithm: sha256WithRSAEncryption
a4:9e:f6:cc:ef:10:3c:b4:94:02:9d:2d:2c:cb:aa:e4:0b:49:
7c:af:75:93:d6:c2:55:27:cc:0f:0e:e5:ba:05:06:2f:78:1c:
f2:8f:3b:48:e3:2a:64:66:66:c2:6d:ab:74:33:c3:a5:74:1b:
ab:e7:24:3b:bd:b2:3d:4b:a0:da:39:89:a8:34:87:ac:dd:5d:
1f:b9:bb:d5:ca:27:51:97:13:78:2c:45:a5:70:86:42:59:f2:
d0:67:79:07:82:21:37:57:5b:61:97:7d:45:c2:67:1c:9a:87:
d7:0f:cb:b7:ae:07:ed:59:48:f6:c8:63:33:dd:98:be:a9:12:
c9:c4:c8:5b:61:b5:4d:e1:80:75:a7:5f:e2:03:b5:4f:cc:d6:
9e:00:24:ba:51:d6:12:f5:2a:b0:f3:4e:16:3a:da:a1:fa:e9:
5d:4f:2c:a8:bd:2d:66:e6:c6:69:d6:95:82:fc:23:bd:af:7a:
bc:dc:fc:8f:f3:84:98:b6:5c:ef:37:f2:51:4c:f9:70:53:a2:
73:1e:7e:7d:4a:af:94:cc:ff:d5:14:50:3d:97:68:c4:32:64:
59:ac:60:a0:a3:17:43:1e:c2:fc:64:c3:cd:30:1c:41:23:99:
62:70:0f:6f:c7:96:df:d5:12:ae:6b:ae:12:9d:ea:e5:5b:d6:
5e:bd:c1:cc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULXLs1f588s70fqZbIW3/BLAf90YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMzNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNmI3ZmZjOWQ4MTM5Yjg1ZWUxZmEyNWU3MjUwMjJlNDViZjc1NjJhYTdl
ZWE5NDU1YzYyYTc1ZDc3NjZjNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOg43vUi5pm8pK07S5qDPCHv6/wTN9AVgusdM1ov1qbCDHqx5FVgaUj7YQ/T
auf76+wnYtO0kbZ5y5KMP2RR8c4DTt7WT+fOyTindtY50CjrpRfN2wHFgINQtl3F
iwqKBLL9OdAIjFWrCma46zisuALBa+WKyu6pkBOGDaCpmK3n2I/zRaH16NFFa2lc
son11D9QrUg87jf9UJxTJgCEZOn5Z9OpSO40ZDiPasupj0ORZLFGWM6pbCklSaoT
pExzOCDfzFX8PNUimpNP2R5L2bGGj3lhyUCElWAlAJ91vti0U6ZuXfhQ4X8MYZ1t
ifieTZyR6PbjkeXDIqSPUNhf530CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ42Gjl
6NMB224HJAryLX9KDZdfOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM4MWFlODUtYTk3YS00MWM0LTk3ZjctMzMyN2NjZjBkYzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
QDANBgkqhkiG9w0BAQsFAAOCAQEApJ72zO8QPLSUAp0tLMuq5AtJfK91k9bCVSfM
Dw7lugUGL3gc8o87SOMqZGZmwm2rdDPDpXQbq+ckO72yPUug2jmJqDSHrN1dH7m7
1conUZcTeCxFpXCGQlny0Gd5B4IhN1dbYZd9RcJnHJqH1w/Lt64H7VlI9shjM92Y
vqkSycTIW2G1TeGAdadf4gO1T8zWngAkulHWEvUqsPNOFjraofrpXU8sqL0tZubG
adaVgvwjva96vNz8j/OEmLZc7zfyUUz5cFOicx5+fUqvlMz/1RRQPZdoxDJkWaxg
oKMXQx7C/GTDzTAcQSOZYnAPb8eW39USrmuuEp3q5VvWXr3BzA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:42 2025 by rpki-client