Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
File: 51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa (raw, json)
Hash identifier: S87VyQBCjqGV1TkAZBjpjn/RjU/AGE96PVErVCHGyQA=
Subject key identifier: 8A:97:CD:6E:5C:F1:77:84:93:77:F8:AF:25:CB:C3:FA:2C:13:B5:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CE10DE55944196CCA7FCF928B4431FD2BA67AD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
Signing time: Mon 16 Jun 2025 20:11:06 +0000
ROA not before: Mon 16 Jun 2025 20:11:06 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:e1:0d:e5:59:44:19:6c:ca:7f:cf:92:8b:44:31:fd:2b:a6:7a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:06 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8ea386633998db2134d70baa06158ffea0f729a41c3b48868afe502e4e9df40d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:36:3e:cc:69:52:5d:ae:a8:f0:54:a6:55:86:
46:ce:56:06:1d:e7:b6:de:e8:1b:49:b5:39:62:bd:
f8:de:b0:f7:47:79:f1:9e:de:af:65:80:db:9b:cd:
93:60:cb:3d:24:fc:6a:44:61:9f:47:0f:3e:95:39:
fc:44:44:13:7e:40:e2:d1:3a:dd:01:84:36:ea:70:
e2:89:a6:96:e7:7a:ef:be:da:c4:ca:07:1a:a7:be:
f4:29:b2:90:93:a3:98:13:ad:8b:45:16:b1:62:0e:
db:a0:49:09:01:fb:95:26:88:53:57:62:61:ad:18:
a8:57:73:66:fd:24:d4:1f:ae:a4:54:59:45:68:be:
fb:64:9e:d1:7a:35:96:b0:0e:19:36:23:31:29:80:
83:8b:c7:04:25:d2:79:e3:f4:1b:ea:a8:53:e3:4c:
57:e2:53:ad:6f:b6:28:ef:b5:53:c3:f7:b1:9f:18:
83:f3:93:01:f3:50:78:5d:78:04:d1:dd:2b:66:59:
ba:b4:61:ca:b4:d2:55:8d:f7:f9:dc:71:6a:be:41:
0f:0c:a2:00:22:be:fb:d4:98:73:05:6f:3c:8d:6a:
11:77:ab:de:32:35:b3:72:17:38:76:fd:e2:eb:80:
f8:b5:a3:c6:34:67:75:f2:cd:b8:c3:50:7c:01:c1:
30:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:97:CD:6E:5C:F1:77:84:93:77:F8:AF:25:CB:C3:FA:2C:13:B5:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
37:37:59:82:24:c5:c8:0c:72:4b:61:4d:15:c9:14:e3:00:16:
1d:7e:14:9c:87:86:e8:b6:85:f9:a9:f0:0c:0b:7d:8e:27:50:
9e:a4:cf:66:65:a9:30:3a:4b:de:c2:49:d6:89:2f:a1:59:6e:
52:01:63:1c:d4:41:61:c1:e7:75:8c:b9:21:2e:ae:59:95:6d:
b6:d7:32:ce:c9:5e:10:13:2f:f6:65:ae:50:a9:03:29:60:97:
61:dc:8d:c4:35:a0:13:e4:ba:fd:7a:99:56:12:19:5a:9a:0c:
b1:ad:c5:07:3b:f4:71:10:f0:04:22:a5:4c:66:8a:7b:0b:5e:
d2:8c:c2:48:7f:6d:5e:40:d3:0f:82:2a:a9:35:7c:89:c3:35:
76:b8:a6:43:ea:ab:6b:ed:60:31:d4:de:2f:b5:41:a4:11:4a:
27:ad:1a:84:cb:09:79:9a:a2:05:93:93:89:6e:b5:0f:65:1b:
a9:a6:16:8b:01:a4:d1:f9:68:36:93:42:95:f4:12:90:4f:c6:
e2:fe:e7:10:32:50:4b:2b:e0:2c:65:30:d1:06:74:52:bd:7b:
66:96:aa:ea:d9:91:9f:00:0a:a5:5d:e7:a3:45:a9:d8:ee:45:
e9:98:8f:96:c7:74:0f:b7:ad:6d:87:3a:d7:7e:3b:ca:28:c6:
50:7b:51:8e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHOEN5VlEGWzKf8+Si0Qx/SumetQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlYTM4NjYzMzk5OGRiMjEzNGQ3MGJhYTA2MTU4ZmZlYTBmNzI5YTQxYzNi
NDg4NjhhZmU1MDJlNGU5ZGY0MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK82PsxpUl2uqPBUplWGRs5WBh3ntt7oG0m1OWK9+N6w90d58Z7er2WA25vN
k2DLPST8akRhn0cPPpU5/EREE35A4tE63QGENupw4ommlud6777axMoHGqe+9Cmy
kJOjmBOti0UWsWIO26BJCQH7lSaIU1diYa0YqFdzZv0k1B+upFRZRWi++2Se0Xo1
lrAOGTYjMSmAg4vHBCXSeeP0G+qoU+NMV+JTrW+2KO+1U8P3sZ8Yg/OTAfNQeF14
BNHdK2ZZurRhyrTSVY33+dxxar5BDwyiACK++9SYcwVvPI1qEXer3jI1s3IXOHb9
4uuA+LWjxjRndfLNuMNQfAHBMHECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSKl81u
XPF3hJN3+K8ly8P6LBO1NjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTFhMWVhNzEtNzVhZi00YmM3LThjMDUtMWIyZTNhNTYyNzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
0DANBgkqhkiG9w0BAQsFAAOCAQEANzdZgiTFyAxyS2FNFckU4wAWHX4UnIeG6LaF
+anwDAt9jidQnqTPZmWpMDpL3sJJ1okvoVluUgFjHNRBYcHndYy5IS6uWZVtttcy
zsleEBMv9mWuUKkDKWCXYdyNxDWgE+S6/XqZVhIZWpoMsa3FBzv0cRDwBCKlTGaK
ewte0ozCSH9tXkDTD4IqqTV8icM1drimQ+qra+1gMdTeL7VBpBFKJ60ahMsJeZqi
BZOTiW61D2UbqaYWiwGk0floNpNClfQSkE/G4v7nEDJQSyvgLGUw0QZ0Ur17Zpaq
6tmRnwAKpV3no0Wp2O5F6ZiPlsd0D7etbYc61347yijGUHtRjg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:08 2025 by rpki-client