Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47b4bd5c-c9b0-4a11-b3ca-d1275fd15ca9.roa
File: 47b4bd5c-c9b0-4a11-b3ca-d1275fd15ca9.roa (raw, json)
Hash identifier: DPt3/EhqPMavq76/ED0Q/qA6xsBYem6r3noFmf87N4g=
Subject key identifier: 2E:22:0F:AD:4F:13:28:3D:7D:2B:AD:75:4B:5A:02:A2:F6:8F:1B:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EC822ACE57045A4E43E3483384DCA5B0938B2EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47b4bd5c-c9b0-4a11-b3ca-d1275fd15ca9.roa
Signing time: Mon 16 Jun 2025 20:51:03 +0000
ROA not before: Mon 16 Jun 2025 20:51:03 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:40c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:c8:22:ac:e5:70:45:a4:e4:3e:34:83:38:4d:ca:5b:09:38:b2:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:51:03 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1d33435bcb1311f7383d3809d4d3c851677a4db48b0502a0cfb5d48e0636c6b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1a:aa:d5:f0:47:45:bb:22:53:66:7a:60:25:
9c:1f:f3:ea:2e:f5:96:d7:ae:d8:ea:9c:83:0d:ba:
fd:1a:a4:a8:b0:5b:6a:d7:74:fd:89:1c:fe:d5:8e:
25:c1:78:33:c9:5c:ae:af:5f:ce:9f:4e:b9:c4:69:
32:fe:66:d6:51:3c:c6:2e:88:c5:7a:84:06:b4:32:
29:7e:69:90:fc:9c:0e:4d:57:7e:2a:88:3d:f4:3a:
bf:6e:69:39:f4:cc:dd:6b:e9:4b:e8:d8:56:f1:c2:
f0:af:6a:7a:14:23:7c:de:86:f8:6f:d9:9f:6d:9f:
58:ae:1c:a5:fc:d9:76:fc:97:a1:ef:50:0f:6b:83:
fa:33:61:ec:37:9d:95:60:24:2e:ac:3b:bb:79:b8:
91:06:7d:b2:dd:03:49:3c:bb:66:73:3b:00:3a:a7:
9c:76:92:61:3b:e4:b6:e3:08:25:a4:d2:84:ca:eb:
d7:78:cc:57:4a:04:03:b4:73:29:6d:d4:ff:08:ce:
8b:dd:cd:06:85:52:96:b0:a0:7e:2c:96:fe:b2:32:
44:59:ed:24:77:ea:d9:5a:4f:00:5d:02:aa:f4:63:
bd:3c:a6:f6:60:74:70:55:aa:2d:6c:99:ed:6f:62:
bf:be:3a:9e:f0:57:b2:ee:50:34:69:0e:fb:ca:f9:
14:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:22:0F:AD:4F:13:28:3D:7D:2B:AD:75:4B:5A:02:A2:F6:8F:1B:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/47b4bd5c-c9b0-4a11-b3ca-d1275fd15ca9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:40c0::/46
Signature Algorithm: sha256WithRSAEncryption
7a:75:04:91:1d:70:50:a5:c5:2e:55:e7:b4:c4:f8:61:69:cc:
eb:3c:8a:bb:51:a5:db:3f:cd:fb:05:f4:4f:db:a5:c4:dc:87:
ff:eb:e1:6d:ec:6b:6f:fd:9e:0c:96:1b:2f:f6:1e:a0:36:81:
03:7c:5f:f2:a0:ae:de:90:b6:6a:31:d6:1a:58:18:32:eb:1b:
90:00:70:4a:c9:49:20:86:3c:c5:db:97:85:12:91:57:6d:dc:
fb:43:6e:fd:64:e6:44:31:ad:01:21:50:11:de:61:eb:1a:99:
0e:99:8b:e1:e9:7d:b1:f8:73:4d:2d:8d:4c:57:c9:f6:91:78:
c2:ae:11:c2:a1:38:5b:47:7b:21:dd:1b:8b:09:b2:58:01:ef:
8c:f8:44:7c:6c:a2:9d:0b:5b:50:68:2d:a6:df:f1:49:a8:77:
55:49:a8:c0:42:bd:7d:f5:4d:6e:1b:bb:f8:d7:d8:93:ea:88:
ce:17:ef:16:fd:5a:94:7a:17:d4:6f:f7:3f:0b:29:10:82:88:
fe:75:fc:75:41:2e:cb:ae:07:c9:bd:04:f4:fb:20:b3:e5:c3:
91:67:48:d5:e3:eb:31:39:a7:bf:79:00:6c:04:f6:77:ea:01:
f1:1f:e4:03:1a:16:dc:de:ba:cb:12:58:75:22:11:2e:c2:df:
c6:63:1c:79
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXsgirOVwRaTkPjSDOE3KWwk4suswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUxMDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMzM0MzViY2IxMzExZjczODNkMzgwOWQ0ZDNjODUxNjc3YTRkYjQ4YjA1
MDJhMGNmYjVkNDhlMDYzNmM2YjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUaqtXwR0W7IlNmemAlnB/z6i71lteu2Oqcgw26/RqkqLBbatd0/Ykc/tWO
JcF4M8lcrq9fzp9OucRpMv5m1lE8xi6IxXqEBrQyKX5pkPycDk1XfiqIPfQ6v25p
OfTM3WvpS+jYVvHC8K9qehQjfN6G+G/Zn22fWK4cpfzZdvyXoe9QD2uD+jNh7Ded
lWAkLqw7u3m4kQZ9st0DSTy7ZnM7ADqnnHaSYTvktuMIJaTShMrr13jMV0oEA7Rz
KW3U/wjOi93NBoVSlrCgfiyW/rIyRFntJHfq2VpPAF0CqvRjvTym9mB0cFWqLWyZ
7W9iv746nvBXsu5QNGkO+8r5FHsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQuIg+t
TxMoPX0rrXVLWgKi9o8bijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDdiNGJkNWMtYzliMC00YTExLWIzY2EtZDEyNzVmZDE1Y2E5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVA
wDANBgkqhkiG9w0BAQsFAAOCAQEAenUEkR1wUKXFLlXntMT4YWnM6zyKu1Gl2z/N
+wX0T9ulxNyH/+vhbexrb/2eDJYbL/YeoDaBA3xf8qCu3pC2ajHWGlgYMusbkABw
SslJIIY8xduXhRKRV23c+0Nu/WTmRDGtASFQEd5h6xqZDpmL4el9sfhzTS2NTFfJ
9pF4wq4RwqE4W0d7Id0biwmyWAHvjPhEfGyinQtbUGgtpt/xSah3VUmowEK9ffVN
bhu7+NfYk+qIzhfvFv1alHoX1G/3PwspEIKI/nX8dUEuy64Hyb0E9Psgs+XDkWdI
1ePrMTmnv3kAbAT2d+oB8R/kAxoW3N66yxJYdSIRLsLfxmMceQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:34 2025 by rpki-client