Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa
File: 486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa (raw, json)
Hash identifier: snldyM/Pb5gcmjeuk9isHhYye2ZflafRNfmoTrnncN4=
Subject key identifier: 5A:3B:22:04:90:F5:0E:A7:C2:10:D6:26:F1:C9:22:07:9A:52:90:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CC63B6E4AAEB91AF8E5A0755BE68E00DEFEDF1A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa
Signing time: Thu 26 Jun 2025 19:37:16 +0000
ROA not before: Thu 26 Jun 2025 19:37:16 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:6080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:c6:3b:6e:4a:ae:b9:1a:f8:e5:a0:75:5b:e6:8e:00:de:fe:df:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:16 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=019196e1da5ac399fafee255790f0473e8653e1878f7ea975b59b6145e005d90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2c:33:28:0b:cd:00:86:b6:bb:b4:70:c0:76:
f3:1a:d3:82:be:d3:f0:dc:4e:4f:19:4a:32:32:15:
9c:63:fd:11:e6:35:88:28:c4:5f:5e:be:09:ec:4f:
49:16:71:0e:46:47:46:6a:4c:35:11:ab:ea:98:4c:
50:ed:88:87:fe:fb:c5:4f:86:ea:49:47:46:d0:80:
ae:4b:39:81:95:3f:16:8e:51:b5:5b:ed:d3:59:e0:
3a:80:4c:eb:b9:f3:8e:ce:72:bd:0f:68:c9:c3:93:
7d:0f:d0:32:e5:39:12:69:1e:5d:b5:34:d3:be:c2:
61:21:91:ff:d0:1f:81:7f:7f:05:91:a7:b8:02:6f:
f6:57:a9:ea:d2:f2:39:b6:3e:e5:ec:53:06:01:1e:
72:97:d5:bb:02:7f:56:da:98:bb:42:8d:27:0e:55:
c3:c0:00:fc:c3:c3:b0:a7:ed:c3:05:7d:fd:6d:8a:
e3:ad:11:57:a3:a9:8c:64:b1:44:9f:e4:9d:a7:4b:
07:0f:1d:7c:33:fc:88:af:9d:50:27:1c:dc:41:db:
fb:5d:90:61:7f:8e:5a:ce:6e:c3:c9:d4:7c:86:bd:
1a:df:8f:cb:f5:33:05:0e:a3:c9:64:4f:c8:cd:db:
cf:44:7a:9b:a8:c2:d3:90:ae:4d:2a:f2:b9:6c:0a:
e2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3B:22:04:90:F5:0E:A7:C2:10:D6:26:F1:C9:22:07:9A:52:90:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:6080::/46
Signature Algorithm: sha256WithRSAEncryption
03:11:ea:03:5f:59:01:64:90:91:2a:13:ff:c6:47:f7:76:0e:
51:ee:f9:21:a4:dc:2e:a7:b2:7a:a4:f9:e1:71:2f:14:1f:bf:
fd:d7:31:e0:56:df:40:96:33:35:28:22:24:09:8c:ce:3d:05:
fb:8b:3c:95:da:db:84:7a:d5:c0:f0:cc:c4:0b:f6:85:dc:9a:
ca:52:2d:e6:d0:4c:5d:aa:a8:10:f2:e7:12:dc:69:88:a2:6e:
b3:cf:bb:02:63:d3:d9:8d:cb:0c:e3:54:f3:28:09:24:12:4d:
9f:b9:92:65:d5:94:b5:87:57:40:96:1f:02:9a:f1:d4:05:62:
bb:63:af:9a:c4:5b:b0:7a:fc:69:29:2d:a6:ce:15:3e:76:b2:
4a:88:13:e2:50:9d:b8:f0:4a:da:0d:4f:ef:47:9b:21:ca:54:
6c:4e:86:b0:b9:1c:51:c1:a4:19:9d:46:db:11:77:ad:26:29:
6a:64:ef:fb:08:40:4b:b0:f8:bb:79:0b:01:3b:0f:39:9e:54:
68:80:7d:9b:bb:c0:5e:b2:2c:07:d0:5f:eb:1f:af:47:ea:2c:
b4:76:62:73:10:9b:7d:4e:b8:97:d2:40:18:fb:05:6b:98:9e:
e2:94:8b:e2:6f:a0:d5:e5:d4:42:ca:01:41:73:97:ac:c3:9c:
c4:7b:1d:1a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXMY7bkquuRr45aB1W+aOAN7+3xowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MTZaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxOTE5NmUxZGE1YWMzOTlmYWZlZTI1NTc5MGYwNDczZTg2NTNlMTg3OGY3
ZWE5NzViNTliNjE0NWUwMDVkOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgsMygLzQCGtru0cMB28xrTgr7T8NxOTxlKMjIVnGP9EeY1iCjEX16+CexP
SRZxDkZHRmpMNRGr6phMUO2Ih/77xU+G6klHRtCArks5gZU/Fo5RtVvt01ngOoBM
67nzjs5yvQ9oycOTfQ/QMuU5EmkeXbU0077CYSGR/9AfgX9/BZGnuAJv9lep6tLy
ObY+5exTBgEecpfVuwJ/VtqYu0KNJw5Vw8AA/MPDsKftwwV9/W2K460RV6OpjGSx
RJ/knadLBw8dfDP8iK+dUCcc3EHb+12QYX+OWs5uw8nUfIa9Gt+Py/UzBQ6jyWRP
yM3bz0R6m6jC05CuTSryuWwK4o8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRaOyIE
kPUOp8IQ1ibxySIHmlKQ9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDg2YTlkMWUtYmM0NS00NjdhLTlkYjItMWE3ZTVlOTA2OGYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNg
gDANBgkqhkiG9w0BAQsFAAOCAQEAAxHqA19ZAWSQkSoT/8ZH93YOUe75IaTcLqey
eqT54XEvFB+//dcx4FbfQJYzNSgiJAmMzj0F+4s8ldrbhHrVwPDMxAv2hdyaylIt
5tBMXaqoEPLnEtxpiKJus8+7AmPT2Y3LDONU8ygJJBJNn7mSZdWUtYdXQJYfAprx
1AViu2OvmsRbsHr8aSktps4VPnaySogT4lCduPBK2g1P70ebIcpUbE6GsLkcUcGk
GZ1G2xF3rSYpamTv+whAS7D4u3kLATsPOZ5UaIB9m7vAXrIsB9Bf6x+vR+ostHZi
cxCbfU64l9JAGPsFa5ie4pSL4m+g1eXUQsoBQXOXrMOcxHsdGg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:28 2025 by rpki-client