Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
File: 42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa (raw, json)
Hash identifier: hHhlIEAnY+ZjQcDptw6oM+JrTpeYqjrag8L/PdPkp64=
Subject key identifier: 93:68:1A:15:B7:7A:10:9F:10:E8:A5:29:1A:52:33:E5:CC:C5:C5:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44AAA67CB5A4A07570629ABF6A63E2A25C2FB771
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
Signing time: Mon 16 Jun 2025 19:50:58 +0000
ROA not before: Mon 16 Jun 2025 19:50:58 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:aa:a6:7c:b5:a4:a0:75:70:62:9a:bf:6a:63:e2:a2:5c:2f:b7:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:58 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9a270f57e1de9341c095442041990d99d40465efbf8f08ce678b7a23bc662f6a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:16:d1:9c:cd:23:34:4e:e4:5e:98:82:2d:97:
8e:b5:9d:14:a8:0f:97:b6:ad:26:44:5d:b8:6c:0f:
87:66:69:42:02:37:6c:5d:10:30:4c:18:3f:39:c4:
29:dc:d1:1f:fc:a7:5d:c1:44:dc:c8:2f:57:c1:f3:
02:0e:48:6d:ac:97:e7:14:f1:ad:77:a8:41:c3:77:
68:a0:bf:cd:91:4c:30:37:90:d2:51:c1:40:e0:eb:
e6:95:fc:43:9c:a0:23:1c:a9:f7:d9:ff:8f:a1:c8:
ae:72:dc:53:d3:f3:2c:5f:61:a6:3a:8a:95:a7:fc:
35:7e:1b:59:96:b6:21:5c:8f:3f:05:b2:ba:78:bc:
c4:61:3d:3c:f3:44:3a:1c:cf:12:a7:bf:f4:53:eb:
be:47:d2:cf:ba:23:10:a8:47:68:6e:c5:a6:32:df:
08:bf:fb:ab:be:93:b5:ca:d9:af:d4:39:79:cc:d5:
58:9c:df:05:6e:d2:8d:a2:1e:0e:6e:d1:96:34:6a:
e5:2d:8f:50:a0:e8:a6:80:88:30:1b:57:3f:a7:18:
89:30:1d:0f:3d:c4:f8:73:c1:8d:e7:4e:c6:6c:5f:
e0:1c:44:af:12:c2:92:62:16:eb:bd:0d:17:f2:40:
9d:0d:b8:35:ca:8f:16:aa:f7:62:c5:e0:61:10:a5:
14:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:68:1A:15:B7:7A:10:9F:10:E8:A5:29:1A:52:33:E5:CC:C5:C5:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8090::/48
Signature Algorithm: sha256WithRSAEncryption
53:f9:27:b6:b8:8f:3b:8a:85:b6:64:c6:98:0e:e3:3f:5a:3d:
64:df:12:94:f3:6e:7d:fb:f8:62:d5:2f:c5:47:fb:b4:10:1d:
d1:b9:23:84:77:80:72:a2:ca:30:4e:0e:7c:ef:2d:74:70:9c:
e1:22:e6:47:d6:a3:bc:8d:f9:53:4f:17:0f:1b:aa:84:0c:72:
07:8d:22:9f:73:a8:c9:92:eb:d5:2f:b2:e5:14:33:c8:ce:2b:
27:f7:6c:bc:1b:db:24:c4:c4:ac:9e:d3:07:7b:e5:04:54:9e:
70:c1:b8:e2:27:6d:4c:5d:89:6e:53:a6:0f:e4:b1:ab:33:63:
0c:51:b2:5e:14:ed:45:4f:c3:1b:4e:99:6e:53:c6:34:41:03:
a1:19:5c:05:9c:4c:ac:8f:e7:c7:73:4e:c0:bd:66:54:5c:cf:
88:5b:f4:d5:fd:b9:73:0f:74:26:6a:14:73:c4:20:e0:08:55:
83:c6:ae:f6:5c:83:d1:8b:86:84:8c:c9:cd:ae:ac:04:ec:85:
1e:d9:54:41:6a:01:28:cc:25:76:93:95:d5:75:00:e0:51:c3:
5d:94:4a:1b:af:e3:c9:2a:e8:dd:09:78:63:42:70:6a:06:87:
7c:1c:11:7c:05:c9:df:de:f1:a3:0b:60:57:bd:ef:ea:93:10:
07:89:2b:55
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURKqmfLWkoHVwYpq/amPiolwvt3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwNThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMjcwZjU3ZTFkZTkzNDFjMDk1NDQyMDQxOTkwZDk5ZDQwNDY1ZWZiZjhm
MDhjZTY3OGI3YTIzYmM2NjJmNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4W0ZzNIzRO5F6Ygi2XjrWdFKgPl7atJkRduGwPh2ZpQgI3bF0QMEwYPznE
KdzRH/ynXcFE3MgvV8HzAg5IbayX5xTxrXeoQcN3aKC/zZFMMDeQ0lHBQODr5pX8
Q5ygIxyp99n/j6HIrnLcU9PzLF9hpjqKlaf8NX4bWZa2IVyPPwWyuni8xGE9PPNE
OhzPEqe/9FPrvkfSz7ojEKhHaG7FpjLfCL/7q76TtcrZr9Q5eczVWJzfBW7SjaIe
Dm7RljRq5S2PUKDopoCIMBtXP6cYiTAdDz3E+HPBjedOxmxf4BxErxLCkmIW670N
F/JAnQ24NcqPFqr3YsXgYRClFNsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSTaBoV
t3oQnxDopSkaUjPlzMXFJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJlZjdkODktYjliZi00NjBmLWI5MDYtNzQ0M2Q5NmY0YTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
kDANBgkqhkiG9w0BAQsFAAOCAQEAU/kntriPO4qFtmTGmA7jP1o9ZN8SlPNuffv4
YtUvxUf7tBAd0bkjhHeAcqLKME4OfO8tdHCc4SLmR9ajvI35U08XDxuqhAxyB40i
n3OoyZLr1S+y5RQzyM4rJ/dsvBvbJMTErJ7TB3vlBFSecMG44idtTF2JblOmD+Sx
qzNjDFGyXhTtRU/DG06ZblPGNEEDoRlcBZxMrI/nx3NOwL1mVFzPiFv01f25cw90
JmoUc8Qg4AhVg8au9lyD0YuGhIzJza6sBOyFHtlUQWoBKMwldpOV1XUA4FHDXZRK
G6/jySro3Ql4Y0JwagaHfBwRfAXJ397xowtgV73v6pMQB4krVQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:08 2025 by rpki-client