Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
File: 2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa (raw, json)
Hash identifier: OK622o1E08AvpVmYULAlVrQ78mGpo6CaqzFWOafv1qU=
Subject key identifier: 5F:BA:8C:EA:98:AF:CA:9B:0C:F4:0C:44:52:B7:F0:C7:96:DA:D9:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65E8A9D2D8032E3C889674BA8D137A5B36AC58E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
Signing time: Mon 16 Jun 2025 20:00:16 +0000
ROA not before: Mon 16 Jun 2025 20:00:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:e8:a9:d2:d8:03:2e:3c:88:96:74:ba:8d:13:7a:5b:36:ac:58:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=5a56a4b4df4aba01fc40a417f082f238dd762821ba0286da18f379aaeb153d79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:57:86:b8:84:e3:cf:ed:d8:90:3d:bf:4a:99:
0a:2c:93:4b:04:8c:3c:ad:ad:03:74:c4:28:4b:37:
3f:7a:eb:7c:2d:b0:3f:de:ea:84:b8:94:e7:ff:0f:
b2:44:34:06:13:1f:6a:1a:52:ab:95:5e:76:9a:97:
c1:42:ed:95:bd:14:6c:1c:66:1f:eb:e8:da:99:57:
00:3c:53:ea:a4:fe:9a:65:fd:97:51:79:70:2c:19:
f8:48:d6:e7:f0:a4:8a:b2:7e:e1:86:9a:a9:67:72:
3b:8a:87:26:12:e4:4d:df:ce:13:a7:03:6e:40:9b:
0b:07:8f:be:3c:52:30:be:e5:2a:14:db:8a:b5:90:
78:1c:13:4c:85:a5:0c:57:32:1d:61:1e:7f:e9:31:
f2:58:29:0f:53:11:ab:1f:91:27:01:8f:36:83:1d:
2b:ce:ae:32:95:28:2f:db:79:8f:bf:02:48:10:bb:
60:74:79:39:eb:48:3b:62:99:c5:6e:4f:27:74:78:
0b:d0:f3:6e:b2:f6:22:d4:fe:a8:61:02:11:b4:e5:
91:98:31:f1:c8:cc:04:36:92:67:47:88:c4:74:21:
5c:97:23:59:8e:2f:89:9e:06:21:bd:f5:57:85:ba:
44:5d:f5:ff:78:1d:af:e2:4c:3c:42:91:6f:6c:b9:
9c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BA:8C:EA:98:AF:CA:9B:0C:F4:0C:44:52:B7:F0:C7:96:DA:D9:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1080::/48
Signature Algorithm: sha256WithRSAEncryption
ca:32:0a:1d:0a:d3:20:91:34:4b:fc:9f:ea:29:7f:9b:cb:bd:
a2:ec:a1:df:2f:f2:10:c1:6b:04:98:73:30:1f:0f:bf:cf:99:
88:1c:be:92:b0:89:0b:38:fc:16:57:96:2e:b4:b7:c5:a5:9b:
4a:10:01:24:02:fe:2d:d4:84:2e:b2:2d:42:04:fc:e7:9c:3c:
83:15:4e:57:ee:0c:42:0e:36:0d:ca:c8:ca:5e:46:73:be:e2:
17:50:75:d1:55:f8:59:53:eb:54:9b:21:40:ef:c1:f4:7a:0e:
8e:ea:bb:e5:9b:9c:78:89:ed:f2:02:bc:65:ea:fe:21:53:c7:
11:25:a4:b2:58:61:c5:23:b2:08:e6:2d:45:f9:02:1e:38:d1:
ac:3d:66:d5:f1:31:10:fc:ec:e6:ec:ca:20:d7:47:39:d3:4f:
fa:85:84:6a:83:1f:44:05:78:3f:e8:9a:2a:af:ce:6d:66:20:
81:9f:55:fd:08:07:45:a6:a2:78:7d:01:23:60:40:17:5e:c9:
fd:a9:b1:d2:67:36:39:86:0e:ed:69:26:09:04:a7:b0:18:62:
5e:29:e7:6a:b1:93:d1:c1:c6:94:f9:fc:8d:04:0b:0f:9b:26:
2e:81:d0:93:00:c8:41:ab:a2:92:99:31:cd:3c:89:f5:0b:ec:
08:da:d3:5d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZeip0tgDLjyIlnS6jRN6WzasWOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhNTZhNGI0ZGY0YWJhMDFmYzQwYTQxN2YwODJmMjM4ZGQ3NjI4MjFiYTAy
ODZkYTE4ZjM3OWFhZWIxNTNkNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpXhriE48/t2JA9v0qZCiyTSwSMPK2tA3TEKEs3P3rrfC2wP97qhLiU5/8P
skQ0BhMfahpSq5VedpqXwULtlb0UbBxmH+vo2plXADxT6qT+mmX9l1F5cCwZ+EjW
5/CkirJ+4YaaqWdyO4qHJhLkTd/OE6cDbkCbCwePvjxSML7lKhTbirWQeBwTTIWl
DFcyHWEef+kx8lgpD1MRqx+RJwGPNoMdK86uMpUoL9t5j78CSBC7YHR5OetIO2KZ
xW5PJ3R4C9DzbrL2ItT+qGECEbTlkZgx8cjMBDaSZ0eIxHQhXJcjWY4viZ4GIb31
V4W6RF31/3gdr+JMPEKRb2y5nPkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRfuozq
mK/Kmwz0DERSt/DHltrZOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmE5M2JkYzItODIzYy00MTZhLWFjNDAtNmY2YzgyM2JjZWY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAyjIKHQrTIJE0S/yf6il/m8u9ouyh3y/yEMFr
BJhzMB8Pv8+ZiBy+krCJCzj8FleWLrS3xaWbShABJAL+LdSELrItQgT855w8gxVO
V+4MQg42DcrIyl5Gc77iF1B10VX4WVPrVJshQO/B9HoOjuq75ZuceInt8gK8Zer+
IVPHESWkslhhxSOyCOYtRfkCHjjRrD1m1fExEPzs5uzKINdHOdNP+oWEaoMfRAV4
P+iaKq/ObWYggZ9V/QgHRaaieH0BI2BAF17J/amx0mc2OYYO7WkmCQSnsBhiXinn
arGT0cHGlPn8jQQLD5smLoHQkwDIQauikpkxzTyJ9QvsCNrTXQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:24 2025 by rpki-client