Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
File: 35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa (raw, json)
Hash identifier: T1i+80bL68KulfTavsvOqNWmltXPOZbWULnMssqeNgs=
Subject key identifier: ED:88:B5:79:F8:57:F9:E9:8D:08:F8:35:1F:31:B6:9E:20:0F:04:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 153CCA424060CB686ABA4C903C55E31DFF526509
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
Signing time: Mon 16 Jun 2025 19:51:45 +0000
ROA not before: Mon 16 Jun 2025 19:51:45 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:3c:ca:42:40:60:cb:68:6a:ba:4c:90:3c:55:e3:1d:ff:52:65:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:45 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ca9ab73a55dce53888dcc6210a74e4aab0f9966c168244a108700d5ea96a8448, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:66:87:51:6f:47:9b:45:dd:f1:78:76:34:e8:
30:6b:95:00:9e:6d:a7:f1:9a:3a:f9:dd:38:63:23:
e9:fd:18:89:38:d9:3d:64:a6:12:82:6b:9f:d2:99:
59:99:b1:cb:6e:ea:2c:3a:09:18:ae:4f:04:15:0b:
b4:37:b0:16:58:cd:8b:e0:ce:b3:9b:f2:66:d3:7c:
f9:b5:1c:eb:ac:f5:dd:e1:ec:af:fd:6c:09:cc:48:
25:02:ea:c4:5d:9c:15:cc:d5:fa:9b:fd:22:19:89:
e6:fe:f0:be:f9:8c:89:9c:36:5f:fd:74:40:d2:12:
82:1a:3f:00:b0:e1:a9:71:30:ad:be:8c:8c:c2:f8:
ef:42:32:e3:15:24:4b:84:83:0f:ce:2b:b4:3d:01:
99:ea:83:2a:10:e0:ad:9f:6b:72:8d:cd:a0:f2:03:
f6:1d:af:87:ad:b2:14:35:03:57:27:99:9d:f5:8d:
06:b9:39:38:70:bb:ef:77:81:78:7c:26:e2:1d:cf:
33:23:e2:c5:34:b8:7e:9d:f4:1e:80:f3:c1:3b:09:
be:f9:b5:30:0a:9f:90:45:5a:05:b8:1d:70:b1:f1:
7f:e3:cd:31:d7:0e:14:66:6d:e4:45:51:a0:3a:42:
f8:a0:41:88:c6:4a:4e:5a:d2:17:ad:df:df:0b:61:
51:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:88:B5:79:F8:57:F9:E9:8D:08:F8:35:1F:31:B6:9E:20:0F:04:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
4f:42:20:de:61:f7:c2:75:f6:b2:17:b3:de:7c:45:39:3b:75:
1e:79:9e:50:06:5c:a5:07:fe:9a:2c:ec:be:f7:50:d9:50:cd:
2c:6c:7f:97:0a:bd:69:9a:76:ea:6b:24:0e:18:6f:6e:c2:b2:
67:f0:6c:58:38:1a:4c:9d:c9:af:3e:f6:79:41:9e:7f:96:02:
e8:7e:0c:37:86:3b:ee:24:1e:07:16:5d:f5:f4:ed:55:a1:a2:
25:33:8d:41:bb:10:e0:12:c0:cb:25:4e:c1:f8:7e:97:81:d1:
4f:53:cb:f0:26:df:b5:7b:f1:34:55:55:09:b7:a2:2e:40:cb:
0a:b9:a0:5c:58:4c:bb:57:fe:61:20:5f:0a:df:76:ac:29:9e:
2c:4f:e1:b1:b9:18:1e:75:a2:fc:26:5b:23:3e:be:e5:9d:77:
ba:43:7a:e5:cb:30:90:13:29:8d:64:1c:0a:36:f6:55:18:19:
39:0f:ea:4d:f7:93:c2:71:8f:f9:af:b9:8c:24:23:62:27:2a:
f4:cf:58:24:a4:c6:11:84:5f:e3:c9:26:e8:9f:7d:17:a5:6c:
41:40:39:27:ac:39:f6:2c:07:4c:b9:d6:0a:41:42:79:ff:56:
6d:bf:e8:22:f7:33:ad:c8:e3:ea:cf:ba:36:15:57:de:8f:8d:
80:3f:9e:f2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFTzKQkBgy2hqukyQPFXjHf9SZQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxNDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhOWFiNzNhNTVkY2U1Mzg4OGRjYzYyMTBhNzRlNGFhYjBmOTk2NmMxNjgy
NDRhMTA4NzAwZDVlYTk2YTg0NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRmh1FvR5tF3fF4djToMGuVAJ5tp/GaOvndOGMj6f0YiTjZPWSmEoJrn9KZ
WZmxy27qLDoJGK5PBBULtDewFljNi+DOs5vyZtN8+bUc66z13eHsr/1sCcxIJQLq
xF2cFczV+pv9IhmJ5v7wvvmMiZw2X/10QNISgho/ALDhqXEwrb6MjML470Iy4xUk
S4SDD84rtD0BmeqDKhDgrZ9rco3NoPID9h2vh62yFDUDVyeZnfWNBrk5OHC773eB
eHwm4h3PMyPixTS4fp30HoDzwTsJvvm1MAqfkEVaBbgdcLHxf+PNMdcOFGZt5EVR
oDpC+KBBiMZKTlrSF63f3wthUQsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTtiLV5
+Ff56Y0I+DUfMbaeIA8E3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhZTBhYTEtYmI0Zi00OGQzLTk5MjYtMWU1ODUyZDU0YzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
oDANBgkqhkiG9w0BAQsFAAOCAQEAT0Ig3mH3wnX2shez3nxFOTt1HnmeUAZcpQf+
mizsvvdQ2VDNLGx/lwq9aZp26mskDhhvbsKyZ/BsWDgaTJ3Jrz72eUGef5YC6H4M
N4Y77iQeBxZd9fTtVaGiJTONQbsQ4BLAyyVOwfh+l4HRT1PL8CbftXvxNFVVCbei
LkDLCrmgXFhMu1f+YSBfCt92rCmeLE/hsbkYHnWi/CZbIz6+5Z13ukN65cswkBMp
jWQcCjb2VRgZOQ/qTfeTwnGP+a+5jCQjYicq9M9YJKTGEYRf48km6J99F6VsQUA5
J6w59iwHTLnWCkFCef9Wbb/oIvczrcjj6s+6NhVX3o+NgD+e8g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:48 2025 by rpki-client