Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c6c4dd9-ed90-498e-88a4-f116875a7de2.roa
File: 3c6c4dd9-ed90-498e-88a4-f116875a7de2.roa (raw, json)
Hash identifier: XSuFRvuCfNDSHQV+NsarUjN7v1M+3uF6qGOBLhY7UOc=
Subject key identifier: CE:C3:7B:3F:BE:39:DC:37:10:07:49:A1:58:AA:30:60:3E:CF:CA:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48C0E82646B3D05F749967BE6032F8D034811674
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c6c4dd9-ed90-498e-88a4-f116875a7de2.roa
Signing time: Mon 16 Jun 2025 20:41:34 +0000
ROA not before: Mon 16 Jun 2025 20:41:34 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:c0:e8:26:46:b3:d0:5f:74:99:67:be:60:32:f8:d0:34:81:16:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:41:34 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b7e9b2443e109cbebdf0ea0906533d8326bc7c5ec3873301f82ac94902c1b8f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:83:52:5a:4d:04:ac:87:c2:66:fc:23:b9:41:
67:ae:a3:b0:d4:66:c0:7e:1a:d5:90:9b:5d:8e:4d:
70:13:73:12:62:fe:e5:ca:1b:f7:8d:1e:b2:96:4b:
02:04:f6:b1:8d:ec:59:46:fe:1a:db:39:bf:09:88:
d2:cf:3e:41:9e:2a:78:e8:14:e2:02:58:7b:12:1f:
b6:bc:47:5a:29:4d:fd:0a:0f:35:2b:1b:ed:2e:44:
c4:c2:52:27:f7:5e:85:48:32:7c:0b:d6:15:3a:41:
5b:2f:04:de:e7:60:ad:fb:4c:88:68:fc:d7:a7:ba:
ac:46:de:d7:6b:77:e1:91:97:78:99:e4:b7:37:81:
bf:a6:d9:4a:28:38:47:3f:10:88:e8:3c:a2:0d:3d:
b4:cb:d1:56:6b:27:53:d3:c2:63:53:9e:ff:9c:26:
b2:56:3b:2f:42:6c:8a:d0:8f:a8:a2:45:11:42:3a:
ba:c2:1e:b0:52:32:cd:91:71:3f:f2:1f:5e:22:a1:
fd:10:d4:23:0b:ca:ec:e2:cf:31:e2:30:6a:c6:25:
a9:82:c4:96:17:8d:40:72:56:29:af:07:04:74:61:
12:7b:f0:7a:10:26:57:f7:fa:33:9a:16:e9:9c:13:
16:11:db:30:ce:2f:fc:e9:78:c6:88:ec:d5:4a:fb:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C3:7B:3F:BE:39:DC:37:10:07:49:A1:58:AA:30:60:3E:CF:CA:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c6c4dd9-ed90-498e-88a4-f116875a7de2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:6040::/46
Signature Algorithm: sha256WithRSAEncryption
b8:4e:34:ec:25:c5:1f:6b:91:00:37:0b:6f:10:ad:e3:97:83:
f1:21:95:a8:3a:a2:af:29:72:72:35:f2:74:3d:d1:2b:ac:d9:
a6:fb:4b:db:13:8d:19:96:89:8b:a3:e4:a9:76:25:59:1d:4a:
da:66:37:14:04:2d:14:a8:56:c8:6f:e1:90:66:00:59:f2:5e:
52:d7:20:ba:16:f9:0b:8b:da:ab:fa:ce:18:b1:60:7f:78:7a:
fe:cb:8f:0e:16:19:6e:5b:04:59:f0:f5:fb:25:47:3d:bd:b0:
f2:56:7b:c2:e2:54:d7:62:a8:d4:2c:81:ba:02:79:83:03:f7:
ef:fc:1d:78:15:d4:82:2f:0b:4f:75:58:f7:1d:ea:ed:7e:e6:
83:56:96:64:3f:a9:ad:31:86:e9:75:75:88:e2:6d:ed:0a:6e:
8b:02:65:14:8b:4f:15:9f:a1:e8:a7:27:3b:eb:46:c0:13:1f:
77:88:b7:b1:d8:71:3e:c4:8a:5b:16:de:ba:9e:dd:7c:4e:a4:
4f:b3:f1:d8:de:27:b2:d7:d1:0b:3c:4e:22:7f:17:73:7f:3e:
76:15:13:9e:be:12:e6:47:86:b0:4b:25:75:43:4f:13:ca:52:
1f:95:2e:b2:e2:aa:a6:59:96:3d:af:01:9e:42:43:51:2c:40:
59:f8:26:e5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSMDoJkaz0F90mWe+YDL40DSBFnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQxMzRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3ZTliMjQ0M2UxMDljYmViZGYwZWEwOTA2NTMzZDgzMjZiYzdjNWVjMzg3
MzMwMWY4MmFjOTQ5MDJjMWI4ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6DUlpNBKyHwmb8I7lBZ66jsNRmwH4a1ZCbXY5NcBNzEmL+5cob940espZL
AgT2sY3sWUb+Gts5vwmI0s8+QZ4qeOgU4gJYexIftrxHWilN/QoPNSsb7S5ExMJS
J/dehUgyfAvWFTpBWy8E3udgrftMiGj816e6rEbe12t34ZGXeJnktzeBv6bZSig4
Rz8QiOg8og09tMvRVmsnU9PCY1Oe/5wmslY7L0JsitCPqKJFEUI6usIesFIyzZFx
P/IfXiKh/RDUIwvK7OLPMeIwasYlqYLElheNQHJWKa8HBHRhEnvwehAmV/f6M5oW
6ZwTFhHbMM4v/Ol4xojs1Ur7ckMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTOw3s/
vjncNxAHSaFYqjBgPs/KXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M2YzRkZDktZWQ5MC00OThlLTg4YTQtZjExNjg3NWE3ZGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVg
QDANBgkqhkiG9w0BAQsFAAOCAQEAuE407CXFH2uRADcLbxCt45eD8SGVqDqiryly
cjXydD3RK6zZpvtL2xONGZaJi6PkqXYlWR1K2mY3FAQtFKhWyG/hkGYAWfJeUtcg
uhb5C4vaq/rOGLFgf3h6/suPDhYZblsEWfD1+yVHPb2w8lZ7wuJU12Ko1CyBugJ5
gwP37/wdeBXUgi8LT3VY9x3q7X7mg1aWZD+prTGG6XV1iOJt7QpuiwJlFItPFZ+h
6KcnO+tGwBMfd4i3sdhxPsSKWxbeup7dfE6kT7Px2N4nstfRCzxOIn8Xc38+dhUT
nr4S5keGsEsldUNPE8pSH5UusuKqplmWPa8BnkJDUSxAWfgm5Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:22:39 2025 by rpki-client