Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: OYgWbRyhDzBdpxhTgDPhQIxeI+uqd3OUCjzwPlLIQgc=
Subject key identifier: 09:D8:E6:4F:3D:15:66:A6:6D:90:7D:DB:18:92:34:6D:5F:8A:D4:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 056C2091AA7D715853BA0A52F1D7E58802E16C46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Mon 16 Jun 2025 20:20:49 +0000
ROA not before: Mon 16 Jun 2025 20:20:49 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:6c:20:91:aa:7d:71:58:53:ba:0a:52:f1:d7:e5:88:02:e1:6c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:49 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=fd021b925bce4c909ea97e2401b31f344d48bd5bc72dbd28fadb88b93be4ac38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:34:95:a1:c4:8c:1a:86:b1:af:3f:a6:6d:bf:
9d:66:32:7f:c2:21:d0:b5:39:8d:9e:f7:32:32:6a:
92:75:44:47:aa:e7:aa:a7:78:6f:01:83:ad:66:6e:
b8:69:8f:18:f9:d3:7a:8f:0d:59:5a:5f:35:18:fc:
d0:41:fc:73:85:48:3a:a8:90:d6:ab:e6:d9:05:d0:
86:e0:a2:b0:e3:84:df:4c:6e:7e:80:9a:e0:4d:e8:
eb:21:ae:05:a0:4d:4b:86:47:51:2f:d7:91:e7:8f:
42:b9:7c:fb:75:dc:b1:82:c4:11:5c:2c:a5:31:38:
ef:a7:95:44:72:e9:e8:68:0b:30:c5:08:6c:a9:58:
88:98:96:6a:e2:1c:6c:5f:6e:e6:e9:d0:8a:96:d0:
a8:67:3a:9a:b3:f6:19:da:ba:32:5b:d5:ba:b1:f0:
04:e3:9d:09:9b:e7:1a:36:d3:dd:a8:e7:55:fa:0a:
57:c8:20:97:8e:e2:ce:fa:d8:c3:f8:df:61:c9:2a:
10:87:4b:7a:82:71:5a:2f:c7:a2:06:d9:26:a8:8d:
fa:15:ff:99:f0:30:96:9f:11:a9:7d:27:e2:46:3d:
95:92:33:37:ea:82:91:29:91:3f:9d:e0:f9:71:a0:
21:cb:85:5e:c5:ab:77:d3:b0:76:79:23:8f:00:93:
60:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D8:E6:4F:3D:15:66:A6:6D:90:7D:DB:18:92:34:6D:5F:8A:D4:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
7f:3d:8c:f0:48:51:1f:a1:79:c7:8b:75:d9:b0:62:52:7d:1c:
72:62:b2:14:27:2c:b9:3d:f2:9f:59:22:cf:bb:ea:93:a4:c1:
da:9f:be:f1:ea:76:86:a2:e6:f1:83:06:56:bf:dd:2e:77:19:
7e:22:cb:4e:9c:54:38:78:ad:88:d8:d1:56:a0:3a:e4:f0:91:
ea:ed:f3:a4:f2:2e:e1:2f:a2:a3:9c:32:f1:af:4d:d4:c4:ac:
55:f9:7c:c1:32:8f:2b:27:aa:c0:ab:ca:19:5b:fa:33:0a:56:
f8:d3:22:cd:85:2e:83:dc:c5:b7:e3:f5:4a:06:93:77:49:1c:
bc:8c:e7:22:ce:e1:0d:80:1c:52:a4:62:f1:97:ed:73:c1:91:
f4:4c:9e:8e:20:10:39:d3:eb:c8:1f:d6:2f:26:0e:cc:96:85:
83:52:11:35:11:0d:5b:ef:cf:46:5d:ba:3b:be:5f:76:c0:37:
79:4d:c0:7d:3f:5d:2b:41:9b:6a:83:49:43:27:91:67:80:7b:
5c:1e:7a:3b:eb:6c:bd:e6:c5:3b:b4:14:d9:2b:66:1e:22:7c:
d8:4a:d2:a0:2e:7f:7c:10:18:62:fa:bd:33:a4:8d:26:ac:88:
3d:bd:0c:7e:54:6b:a8:b6:35:9e:15:fb:82:cd:e3:15:03:02:
7c:cc:f1:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBWwgkap9cVhTugpS8dfliALhbEYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwNDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMDIxYjkyNWJjZTRjOTA5ZWE5N2UyNDAxYjMxZjM0NGQ0OGJkNWJjNzJk
YmQyOGZhZGI4OGI5M2JlNGFjMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALg0laHEjBqGsa8/pm2/nWYyf8Ih0LU5jZ73MjJqknVER6rnqqd4bwGDrWZu
uGmPGPnTeo8NWVpfNRj80EH8c4VIOqiQ1qvm2QXQhuCisOOE30xufoCa4E3o6yGu
BaBNS4ZHUS/XkeePQrl8+3XcsYLEEVwspTE476eVRHLp6GgLMMUIbKlYiJiWauIc
bF9u5unQipbQqGc6mrP2Gdq6MlvVurHwBOOdCZvnGjbT3ajnVfoKV8ggl47izvrY
w/jfYckqEIdLeoJxWi/HogbZJqiN+hX/mfAwlp8RqX0n4kY9lZIzN+qCkSmRP53g
+XGgIcuFXsWrd9OwdnkjjwCTYLUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQJ2OZP
PRVmpm2QfdsYkjRtX4rU/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAfz2M8EhRH6F5x4t12bBiUn0ccmKyFCcsuT3y
n1kiz7vqk6TB2p++8ep2hqLm8YMGVr/dLncZfiLLTpxUOHitiNjRVqA65PCR6u3z
pPIu4S+io5wy8a9N1MSsVfl8wTKPKyeqwKvKGVv6MwpW+NMizYUug9zFt+P1SgaT
d0kcvIznIs7hDYAcUqRi8Zftc8GR9EyejiAQOdPryB/WLyYOzJaFg1IRNRENW+/P
Rl26O75fdsA3eU3AfT9dK0GbaoNJQyeRZ4B7XB56O+tsvebFO7QU2StmHiJ82ErS
oC5/fBAYYvq9M6SNJqyIPb0MflRrqLY1nhX7gs3jFQMCfMzxQw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:22:49 2025 by rpki-client