Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json)
Hash identifier: zSTpTnnxwjf7FAenvXGhYpABAtwgSjT1gGr/kXtPqA8=
Subject key identifier: A0:48:F5:68:A6:66:07:6E:F3:66:92:04:3D:BD:0D:9E:DA:99:4C:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14617C6A5667F8AE7443A3474C6C6932F8F1CA1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
Signing time: Mon 16 Jun 2025 20:01:12 +0000
ROA not before: Mon 16 Jun 2025 20:01:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:61:7c:6a:56:67:f8:ae:74:43:a3:47:4c:6c:69:32:f8:f1:ca:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:01:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=7b85208be51feb0ee8569f9035716fe5b8bd599fa7f9c9c7b3a7fd10b068f483, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:59:6a:bb:4c:02:b8:88:37:05:a1:97:fb:69:
0b:aa:bd:80:34:29:bc:87:4f:ac:b4:44:ed:fb:33:
b6:7e:bf:e1:51:40:f7:10:76:82:8c:4f:63:49:b2:
0d:5f:d7:3d:a9:e8:a8:ca:32:6d:37:cb:7f:30:0d:
52:28:23:49:7b:db:ed:87:aa:3a:1c:2d:ba:28:81:
3f:59:89:36:39:dc:2b:d0:0e:46:9f:4c:a3:bc:f9:
a3:f5:a7:78:a4:7a:bc:92:b9:89:47:41:60:e1:0e:
73:e4:a2:d7:58:5e:67:8b:2c:1e:c2:e6:d0:1b:f7:
2c:f3:29:71:a5:96:47:48:0b:95:70:4d:bb:92:56:
28:9d:b9:59:bf:ee:fb:fe:0b:b0:3e:b3:b5:28:7d:
cc:04:28:1f:b8:15:25:0f:81:ea:07:1f:52:91:c0:
ce:17:3b:6d:d0:49:83:f5:8c:6a:8f:43:07:4d:bb:
73:36:85:e6:50:aa:7b:1e:65:ae:43:1e:c7:ec:88:
fa:79:66:31:f7:fe:d5:e0:43:ec:2b:4b:92:74:21:
51:b9:d1:f4:62:02:db:6f:12:1b:4c:7f:1d:39:e3:
d3:07:83:b3:b5:2e:f0:01:2b:f2:cc:6f:48:ec:2e:
5d:dd:8d:45:12:88:65:3d:39:08:dc:92:a8:e9:e5:
a8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:48:F5:68:A6:66:07:6E:F3:66:92:04:3D:BD:0D:9E:DA:99:4C:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
38:fd:e3:90:3e:ba:fa:a9:c5:c5:0e:df:c2:ef:9b:16:e1:83:
30:bc:92:36:99:c5:6d:b4:ab:16:39:d5:fb:b8:04:01:05:2b:
a2:50:27:0c:e4:d8:2b:01:87:0c:24:3c:b3:90:0a:c6:18:88:
e2:39:c7:da:8b:7d:91:35:87:a4:6c:71:27:94:89:09:f3:7a:
03:26:91:b4:15:73:3f:7d:25:ad:39:9a:df:8f:65:a6:51:0e:
19:ad:5b:f9:ea:ca:bc:31:10:fa:5e:9f:63:fc:39:23:12:6c:
20:9b:31:1f:26:dd:98:49:ed:dd:d6:49:66:38:4d:96:79:9a:
93:12:8a:4c:91:dc:68:dd:b8:e8:61:c7:23:31:99:f1:c5:a8:
fb:4f:c9:1d:06:5c:a1:d1:71:02:52:61:c5:1c:44:a2:fb:02:
33:b5:dc:bb:c4:70:9f:1e:bd:de:2d:01:cd:54:93:f4:7d:f9:
2b:3e:e5:22:f3:df:cf:6e:aa:72:e8:89:86:6e:57:1a:f5:2f:
1f:ae:0e:d8:9a:67:9f:56:fc:9d:65:41:2f:da:96:c4:d4:ea:
71:df:9b:43:d0:0e:28:9d:92:4e:0c:65:c3:0b:72:9e:37:27:
bd:23:0e:f2:1b:2a:4c:69:b5:8b:96:d8:7f:eb:8f:6a:d4:6f:
55:0f:a3:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFGF8alZn+K50Q6NHTGxpMvjxyhwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAxMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiODUyMDhiZTUxZmViMGVlODU2OWY5MDM1NzE2ZmU1YjhiZDU5OWZhN2Y5
YzljN2IzYTdmZDEwYjA2OGY0ODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOlZartMAriINwWhl/tpC6q9gDQpvIdPrLRE7fsztn6/4VFA9xB2goxPY0my
DV/XPanoqMoybTfLfzANUigjSXvb7YeqOhwtuiiBP1mJNjncK9AORp9Mo7z5o/Wn
eKR6vJK5iUdBYOEOc+Si11heZ4ssHsLm0Bv3LPMpcaWWR0gLlXBNu5JWKJ25Wb/u
+/4LsD6ztSh9zAQoH7gVJQ+B6gcfUpHAzhc7bdBJg/WMao9DB027czaF5lCqex5l
rkMex+yI+nlmMff+1eBD7CtLknQhUbnR9GIC228SG0x/HTnj0weDs7Uu8AEr8sxv
SOwuXd2NRRKIZT05CNySqOnlqOMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgSPVo
pmYHbvNmkgQ9vQ2e2plM0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQA4/eOQPrr6qcXFDt/C75sW4YMwvJI2mcVttKsW
OdX7uAQBBSuiUCcM5NgrAYcMJDyzkArGGIjiOcfai32RNYekbHEnlIkJ83oDJpG0
FXM/fSWtOZrfj2WmUQ4ZrVv56sq8MRD6Xp9j/DkjEmwgmzEfJt2YSe3d1klmOE2W
eZqTEopMkdxo3bjoYccjMZnxxaj7T8kdBlyh0XECUmHFHESi+wIztdy7xHCfHr3e
LQHNVJP0ffkrPuUi89/Pbqpy6ImGblca9S8frg7YmmefVvydZUEv2pbE1Opx35tD
0A4onZJODGXDC3KeNye9Iw7yGypMabWLlth/649q1G9VD6OL
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:28:55 2025 by rpki-client