Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
File: 5387f3e7-ef20-46b2-8929-bf638dce97e1.roa (raw, json)
Hash identifier: SgcCEbn866RRVvbqB6rSvKnxxAxCN8qPmBAusd69oa8=
Subject key identifier: EE:9C:9E:9F:05:CB:CA:F5:15:D3:EE:3C:50:25:D2:76:D3:30:2E:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FEBFE0FF197286C9C9C33E35B0FAEDD7EE4072E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
Signing time: Mon 16 Jun 2025 19:50:23 +0000
ROA not before: Mon 16 Jun 2025 19:50:23 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:eb:fe:0f:f1:97:28:6c:9c:9c:33:e3:5b:0f:ae:dd:7e:e4:07:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:23 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ac2d64a62b75f284c0d73a97fe11b164aad485bc0d6ef25ed5b671bde570aae1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:88:23:c5:dd:fb:bf:62:e9:f6:8d:e3:2d:db:
c0:17:0e:65:33:08:ed:03:12:d7:f8:8c:15:11:ee:
29:97:e5:a4:c1:a9:fa:f6:4b:c8:fe:2b:11:01:72:
78:a8:c1:fe:90:55:b6:28:c0:4c:0e:70:75:db:96:
9b:11:61:bf:85:6b:a0:86:92:f0:3a:7f:18:ef:20:
e9:26:2b:8c:f5:19:39:88:bf:34:15:c9:8b:7f:5e:
34:b6:6f:ed:2c:ba:92:4d:be:e4:c6:4e:50:75:1a:
d0:81:9e:c0:63:07:5a:8b:57:f7:40:b2:db:18:83:
dc:ed:19:64:a2:b7:66:b9:c4:a9:fc:4b:78:ed:73:
bc:7c:34:7d:a2:5f:de:82:37:f5:6f:ed:30:97:62:
81:ba:37:f4:39:c3:a9:41:2b:6b:4b:13:23:02:52:
71:ea:51:48:e7:e1:ae:b8:ad:9d:e9:83:33:bd:ae:
4f:40:80:b9:de:65:b1:4e:85:4f:66:ae:bc:6b:28:
70:78:90:c6:c8:72:c8:8a:4c:59:be:3f:c4:05:45:
c4:96:61:b0:c1:32:fa:af:bd:a7:29:a8:56:b6:fa:
0f:a5:57:55:48:a4:c2:55:a9:58:70:1b:ac:65:48:
37:a3:73:05:00:c4:82:09:db:12:3d:4e:1c:d4:a9:
4a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9C:9E:9F:05:CB:CA:F5:15:D3:EE:3C:50:25:D2:76:D3:30:2E:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:fe:21:9d:3d:07:ab:8d:65:d6:f6:f7:e8:50:4a:77:9f:99:
fa:e8:f0:56:8f:55:63:9d:36:4b:2c:88:bd:d8:03:66:34:89:
31:87:01:13:28:b4:2f:43:b0:58:ec:12:9c:6a:31:0c:2a:8a:
32:e9:b5:4c:5e:60:df:68:59:c0:d0:fc:05:4b:45:42:b5:e9:
8c:79:7d:9a:de:bc:49:84:0f:f0:e6:ac:c9:9a:97:b2:30:98:
b1:0a:d5:b7:58:e9:3b:40:69:ae:0b:e0:45:8b:a0:38:2c:5f:
d4:59:32:eb:8e:14:c8:3a:1b:2e:ba:47:35:6e:67:59:c1:a5:
9d:20:85:fc:ef:ca:4e:46:ac:7d:03:05:3e:96:ae:c3:8f:0a:
0f:76:c1:07:b2:bc:bf:51:fb:05:de:32:d8:4d:cc:f3:c0:f8:
6a:2e:13:e2:2d:5f:7e:a3:17:23:2f:77:65:61:cd:28:9b:5c:
1e:d6:3a:07:c8:7a:80:d0:5b:3a:2d:6f:19:87:5a:2c:d8:42:
cd:f6:cd:80:6f:ac:7a:a6:d4:91:68:a5:db:f0:fe:96:ef:bf:
89:ed:a3:26:cb:e3:6f:17:9d:a4:6f:2e:60:06:5a:91:ab:7c:
d4:03:20:4c:aa:78:e3:d3:91:b2:93:8e:33:a8:1e:0f:10:d5:
5d:94:a4:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf+v+D/GXKGycnDPjWw+u3X7kBy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwMjNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMmQ2NGE2MmI3NWYyODRjMGQ3M2E5N2ZlMTFiMTY0YWFkNDg1YmMwZDZl
ZjI1ZWQ1YjY3MWJkZTU3MGFhZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6II8Xd+79i6faN4y3bwBcOZTMI7QMS1/iMFRHuKZflpMGp+vZLyP4rEQFy
eKjB/pBVtijATA5wdduWmxFhv4VroIaS8Dp/GO8g6SYrjPUZOYi/NBXJi39eNLZv
7Sy6kk2+5MZOUHUa0IGewGMHWotX90Cy2xiD3O0ZZKK3ZrnEqfxLeO1zvHw0faJf
3oI39W/tMJdigbo39DnDqUEra0sTIwJScepRSOfhrritnemDM72uT0CAud5lsU6F
T2auvGsocHiQxshyyIpMWb4/xAVFxJZhsMEy+q+9pymoVrb6D6VXVUikwlWpWHAb
rGVIN6NzBQDEggnbEj1OHNSpStUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTunJ6f
BcvK9RXT7jxQJdJ20zAuvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4N2YzZTctZWYyMC00NmIyLTg5MjktYmY2MzhkY2U5N2UxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBr/iGdPQerjWXW9vfoUEp3n5n66PBWj1VjnTZL
LIi92ANmNIkxhwETKLQvQ7BY7BKcajEMKooy6bVMXmDfaFnA0PwFS0VCtemMeX2a
3rxJhA/w5qzJmpeyMJixCtW3WOk7QGmuC+BFi6A4LF/UWTLrjhTIOhsuukc1bmdZ
waWdIIX878pORqx9AwU+lq7DjwoPdsEHsry/UfsF3jLYTczzwPhqLhPiLV9+oxcj
L3dlYc0om1we1joHyHqA0Fs6LW8Zh1os2ELN9s2Ab6x6ptSRaKXb8P6W77+J7aMm
y+NvF52kby5gBlqRq3zUAyBMqnjj05Gyk44zqB4PENVdlKS2
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:05:27 2025 by rpki-client