Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
File: 1ec007f6-6684-43b6-8751-2e5b258a98b3.roa (raw, json)
Hash identifier: HizhV98OVoaTGIL22DdRhp8cM+ZgsC2RzUipetUcGd4=
Subject key identifier: D1:B1:10:FD:05:63:9D:0C:D0:5F:53:00:96:3E:3E:5D:BA:D3:5B:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E3D514B0B6CAAD04B08E1E3DD387A4E5A54AC93
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
Signing time: Mon 16 Jun 2025 21:00:19 +0000
ROA not before: Mon 16 Jun 2025 21:00:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:3d:51:4b:0b:6c:aa:d0:4b:08:e1:e3:dd:38:7a:4e:5a:54:ac:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:00:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ffd22904a811e050a95b54dc9d8858c24051287b17e1aa8260fe1ac7f097cfc0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:57:9d:2a:2d:3a:eb:da:79:32:8d:23:5a:b9:
ba:58:df:98:a6:20:1c:7a:7f:33:23:b8:a9:0f:47:
0a:a7:bc:9a:34:c5:b7:a6:47:25:9a:0c:8a:e3:4a:
a6:94:72:bb:bd:a6:a7:10:d6:d6:3b:4e:0e:e0:ac:
e4:ce:37:2d:99:03:04:f9:7f:10:33:bc:b2:41:3e:
d1:c6:a0:64:6c:13:6d:34:ae:7e:85:e3:dc:2a:69:
b9:80:bd:d1:cf:19:34:34:b7:4a:9a:57:4b:31:2e:
d1:cf:37:db:43:18:85:9b:ff:b2:de:f1:37:06:15:
bc:64:bc:4d:8b:67:fc:25:be:98:2c:d4:c2:10:5c:
09:c1:eb:6b:bb:9d:a9:dc:87:56:3c:18:a4:8c:69:
8f:72:0c:63:d3:a2:ac:0b:86:8e:29:ff:b9:b1:db:
1c:3d:8b:a7:af:c4:44:5c:2c:45:aa:e1:36:ed:57:
95:f4:5b:3b:34:24:83:0d:7a:2f:3d:a1:05:be:27:
f0:d4:fd:06:40:5b:06:f1:18:5a:19:d6:a9:14:dc:
06:b6:54:a6:19:46:63:cf:5f:c1:5e:c9:38:71:6e:
63:84:79:3d:cf:f0:22:eb:a5:5b:87:7a:5c:60:8e:
b7:14:d4:5b:45:ee:7e:02:e5:1b:b0:4a:2c:7d:bf:
47:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B1:10:FD:05:63:9D:0C:D0:5F:53:00:96:3E:3E:5D:BA:D3:5B:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:2000::/40
Signature Algorithm: sha256WithRSAEncryption
55:35:74:1c:47:58:b7:5a:11:cb:11:7d:4c:3c:30:e9:21:f2:
58:f6:67:92:4e:1f:03:3f:66:99:12:70:aa:07:4e:a4:77:04:
1a:c4:0d:83:07:68:b6:1b:7f:1e:e9:df:14:02:fa:fb:b5:fc:
21:ae:9e:62:76:f3:db:48:b9:aa:de:fb:1c:c7:e7:14:07:79:
e8:e5:f8:cc:78:fa:15:9e:11:bd:11:4b:b9:5e:75:f1:b0:29:
87:ac:8e:d9:d5:a7:47:ae:0b:c9:e1:62:62:00:6e:19:ad:e8:
be:96:14:38:b2:a2:14:be:c3:0f:ff:f2:6b:5b:49:88:b4:28:
e3:8b:ae:c8:66:39:fd:16:a7:b4:65:20:8d:b0:f6:f0:f1:99:
ec:ed:e2:d5:cd:a8:85:fc:66:6e:89:8f:17:3c:9f:1b:95:3a:
59:b8:f3:44:1d:6c:6f:4e:09:e2:d1:68:2a:c2:fd:f0:66:e6:
b7:23:f6:31:73:12:1b:71:13:e9:36:8a:21:9f:89:ef:45:67:
1f:63:bc:82:d5:bd:b4:17:bc:8a:d0:96:56:50:7d:e9:95:e7:
1b:11:f8:9d:4a:a9:b5:61:f2:5f:93:9b:08:34:54:05:ac:9a:
60:ed:77:66:d5:8b:c0:49:56:14:54:0a:3b:62:78:8f:db:76:
e6:11:e8:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXj1RSwtsqtBLCOHj3Th6TlpUrJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmZDIyOTA0YTgxMWUwNTBhOTViNTRkYzlkODg1OGMyNDA1MTI4N2IxN2Ux
YWE4MjYwZmUxYWM3ZjA5N2NmYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdXnSotOuvaeTKNI1q5uljfmKYgHHp/MyO4qQ9HCqe8mjTFt6ZHJZoMiuNK
ppRyu72mpxDW1jtODuCs5M43LZkDBPl/EDO8skE+0cagZGwTbTSufoXj3CppuYC9
0c8ZNDS3SppXSzEu0c8320MYhZv/st7xNwYVvGS8TYtn/CW+mCzUwhBcCcHra7ud
qdyHVjwYpIxpj3IMY9OirAuGjin/ubHbHD2Lp6/ERFwsRarhNu1XlfRbOzQkgw16
Lz2hBb4n8NT9BkBbBvEYWhnWqRTcBrZUphlGY89fwV7JOHFuY4R5Pc/wIuulW4d6
XGCOtxTUW0XufgLlG7BKLH2/R4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRsRD9
BWOdDNBfUwCWPj5dutNbTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjMDA3ZjYtNjY4NC00M2I2LTg3NTEtMmU1YjI1OGE5OGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQg
MA0GCSqGSIb3DQEBCwUAA4IBAQBVNXQcR1i3WhHLEX1MPDDpIfJY9meSTh8DP2aZ
EnCqB06kdwQaxA2DB2i2G38e6d8UAvr7tfwhrp5idvPbSLmq3vscx+cUB3no5fjM
ePoVnhG9EUu5XnXxsCmHrI7Z1adHrgvJ4WJiAG4Zrei+lhQ4sqIUvsMP//JrW0mI
tCjji67IZjn9Fqe0ZSCNsPbw8Zns7eLVzaiF/GZuiY8XPJ8blTpZuPNEHWxvTgni
0Wgqwv3wZua3I/YxcxIbcRPpNoohn4nvRWcfY7yC1b20F7yK0JZWUH3plecbEfid
Sqm1YfJfk5sINFQFrJpg7Xdm1YvASVYUVAo7YniP23bmEegh
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:56 2025 by rpki-client