Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa
File: 57c971db-5779-4af6-9c2f-2c7cd904e742.roa (raw, json)
Hash identifier: Qo4sQa9efvS4YW40x+hRzCb+2qp3QqKf8yuv8vUTPGE=
Subject key identifier: A6:DE:48:93:91:8E:28:20:20:67:9C:A8:36:0C:C0:01:18:F1:51:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55B5272080113859DA02986FEB53C77789D46C9E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa
Signing time: Mon 16 Jun 2025 20:00:25 +0000
ROA not before: Mon 16 Jun 2025 20:00:25 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:b5:27:20:80:11:38:59:da:02:98:6f:eb:53:c7:77:89:d4:6c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:25 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0ea61d01ef32f4b0f623a636d71140a44f1485af744ebbf1e46148c8b2ef8480, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:80:ce:5c:59:30:c1:d0:09:69:d4:e3:c8:6b:
ba:86:b6:17:5d:39:72:2b:db:90:e8:ae:10:ea:bf:
40:7d:0b:1c:8e:ce:40:0c:56:c1:10:a6:88:76:1b:
c4:35:75:3b:9d:73:b7:97:77:1c:ae:92:bd:cb:05:
be:12:24:8f:93:d4:d7:22:4a:b8:39:c0:90:6e:4a:
0a:b3:8d:42:55:dd:a6:0d:ac:f9:f1:59:70:5f:80:
81:59:ec:8d:70:c8:a1:8b:1a:95:be:ff:04:65:88:
91:43:e1:fa:bc:8b:d7:5f:bd:61:92:f0:1a:19:b8:
e3:f6:1c:9e:47:97:71:f5:49:01:0e:ff:da:c4:9c:
44:46:37:26:68:6f:45:84:78:91:d4:c5:b4:76:e5:
63:45:87:32:07:5f:67:82:72:26:60:bc:8d:c8:37:
73:c6:02:cb:98:c0:6b:53:05:b9:2d:41:7d:e0:ae:
c2:40:8f:35:ca:7f:b2:56:a3:14:a7:c0:45:c9:29:
7d:fb:5f:e0:1b:b8:87:41:72:39:4b:60:a7:af:64:
0e:b5:6d:64:fe:b9:db:e4:83:da:91:2d:86:2b:8e:
2d:72:b0:dd:3a:34:fb:0a:e7:4d:5c:34:1b:d8:f1:
46:ed:26:4d:fa:30:b2:92:e8:20:10:7f:ec:bd:29:
3f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:DE:48:93:91:8E:28:20:20:67:9C:A8:36:0C:C0:01:18:F1:51:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/48
Signature Algorithm: sha256WithRSAEncryption
46:39:53:bc:b7:ec:2a:42:96:da:f8:4d:3d:c6:a5:21:db:fd:
78:c1:c8:ef:4a:33:d2:68:97:df:8e:78:89:49:94:5b:04:62:
2d:92:e1:7d:0f:64:10:f5:d4:eb:fc:65:66:fa:03:ac:80:23:
8c:cb:1c:87:09:c8:f9:08:97:50:6b:1c:5f:0b:1c:2e:87:66:
1d:f0:ee:74:7b:15:f5:1d:34:a9:ee:92:b0:d4:a5:30:aa:ee:
27:56:c9:8b:78:7a:75:5e:07:0d:c1:cf:b0:23:a0:f7:16:16:
63:c8:93:75:ab:d8:e2:b6:fa:3b:46:cf:28:90:d9:51:18:43:
d5:fa:d8:fc:36:94:94:47:89:44:53:4e:c3:80:10:1e:ad:d7:
49:a4:63:c9:44:69:1b:21:ed:a6:97:ff:66:3d:03:4a:68:4f:
be:50:c1:f4:48:8a:18:a7:df:73:83:23:39:b1:f4:7b:97:52:
f1:c1:e6:59:2f:e2:4d:12:13:28:27:69:e6:03:3a:62:05:86:
c2:40:44:93:7e:9e:ff:7e:8a:82:04:68:2f:05:02:79:1f:07:
0c:51:f6:11:fc:98:4a:f0:63:c6:84:12:6b:73:f4:88:17:92:
9c:72:39:27:fe:e0:60:76:c5:e9:33:4f:d2:5e:cd:45:95:d1:
56:27:0f:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVbUnIIAROFnaAphv61PHd4nUbJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMjVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlYTYxZDAxZWYzMmY0YjBmNjIzYTYzNmQ3MTE0MGE0NGYxNDg1YWY3NDRl
YmJmMWU0NjE0OGM4YjJlZjg0ODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWAzlxZMMHQCWnU48hruoa2F105civbkOiuEOq/QH0LHI7OQAxWwRCmiHYb
xDV1O51zt5d3HK6SvcsFvhIkj5PU1yJKuDnAkG5KCrONQlXdpg2s+fFZcF+AgVns
jXDIoYsalb7/BGWIkUPh+ryL11+9YZLwGhm44/YcnkeXcfVJAQ7/2sScREY3Jmhv
RYR4kdTFtHblY0WHMgdfZ4JyJmC8jcg3c8YCy5jAa1MFuS1BfeCuwkCPNcp/slaj
FKfARckpfftf4Bu4h0FyOUtgp69kDrVtZP652+SD2pEthiuOLXKw3To0+wrnTVw0
G9jxRu0mTfowspLoIBB/7L0pP+kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSm3kiT
kY4oICBnnKg2DMABGPFRhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdjOTcxZGItNTc3OS00YWY2LTljMmYtMmM3Y2Q5MDRlNzQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HbA
ADANBgkqhkiG9w0BAQsFAAOCAQEARjlTvLfsKkKW2vhNPcalIdv9eMHI70oz0miX
3454iUmUWwRiLZLhfQ9kEPXU6/xlZvoDrIAjjMschwnI+QiXUGscXwscLodmHfDu
dHsV9R00qe6SsNSlMKruJ1bJi3h6dV4HDcHPsCOg9xYWY8iTdavY4rb6O0bPKJDZ
URhD1frY/DaUlEeJRFNOw4AQHq3XSaRjyURpGyHtppf/Zj0DSmhPvlDB9EiKGKff
c4MjObH0e5dS8cHmWS/iTRITKCdp5gM6YgWGwkBEk36e/36KggRoLwUCeR8HDFH2
EfyYSvBjxoQSa3P0iBeSnHI5J/7gYHbF6TNP0l7NRZXRVicPjw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:10 2025 by rpki-client