Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
File: 5c829516-8640-4a9a-a2b3-cfababf09faa.roa (raw, json)
Hash identifier: 1+FbewbtoSARywdKEgS1DHv6IPDA6muGapPU+NshNaU=
Subject key identifier: 0A:08:F7:BA:DF:45:4B:33:2F:50:6A:5F:85:52:C1:CD:18:E3:EB:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54F1DF71C39C01DF37ACA5A5AC55204FB36E967F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
Signing time: Mon 16 Jun 2025 20:11:02 +0000
ROA not before: Mon 16 Jun 2025 20:11:02 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:f1:df:71:c3:9c:01:df:37:ac:a5:a5:ac:55:20:4f:b3:6e:96:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:02 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8962ca4d0cd4ba70f16c50315447f4c9de6716ae60bff0ab49b0b6cebffebe8b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:ee:cd:a3:9d:14:cf:2f:c0:95:cc:78:ec:
32:1d:32:6b:f8:8d:e4:22:71:cc:de:47:70:cc:38:
78:6a:3f:31:18:7d:a9:7e:8b:28:04:b8:f4:7c:e1:
96:f4:07:54:6f:31:cc:3c:7e:5f:9c:b3:0a:b4:61:
a6:cc:ee:e9:8c:9a:39:6a:e4:5e:ec:a1:9c:15:40:
31:8e:92:d7:3f:c5:a0:a9:59:10:26:7a:b1:a7:d8:
54:57:66:95:76:53:19:a4:46:f5:a6:10:17:05:43:
44:8b:4b:0d:1b:dc:be:ea:49:e6:03:f6:6e:0a:fa:
8b:a7:3a:c9:d9:a1:1b:98:de:d9:b3:cf:79:82:92:
38:45:3a:5d:2c:90:4f:9e:49:ae:2e:17:c9:4e:14:
f4:7e:29:ca:10:25:ee:f7:b1:9f:db:7a:e6:8b:7a:
3e:15:29:96:3b:90:8e:05:b0:a5:3f:d4:e3:16:5b:
bd:18:ea:c7:46:c0:b1:e3:17:e8:2a:92:fc:bd:41:
0d:de:de:fe:54:a8:32:6f:dd:d4:a3:83:aa:aa:a4:
58:92:04:9f:99:aa:9b:9f:29:a0:60:04:29:e2:00:
2c:32:d5:cb:78:30:a2:c2:a5:8e:6c:a5:c2:05:35:
c6:28:a1:08:89:cd:94:6d:0d:c5:f9:fc:16:8c:04:
29:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:08:F7:BA:DF:45:4B:33:2F:50:6A:5F:85:52:C1:CD:18:E3:EB:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e080::/48
Signature Algorithm: sha256WithRSAEncryption
88:dc:54:43:53:60:f9:7b:3b:56:45:a6:34:b7:68:43:43:ae:
98:b5:a3:76:e6:5a:27:80:4b:f3:21:be:3c:b4:fc:3b:68:fe:
ed:f7:ae:86:51:1a:42:4e:47:51:58:13:56:06:d3:fa:3b:aa:
db:d2:f0:8c:bd:f5:83:97:c3:62:2a:77:72:10:78:6c:5e:04:
0c:42:9c:66:a1:86:64:d3:82:92:d4:4d:e5:eb:6e:b4:a8:d1:
b1:23:04:10:31:f7:15:08:f6:bd:5c:0a:48:13:13:cb:e7:79:
ad:34:74:95:8b:86:40:ca:2e:b1:6f:77:19:6e:3e:f6:6a:81:
93:ef:26:89:47:0d:45:33:d4:e2:71:b9:fa:cf:65:0e:00:b3:
ec:3e:a0:2b:55:da:f5:f3:fb:7d:bd:da:d1:2e:08:ce:e7:61:
a7:fa:e6:2c:bd:b8:5b:26:98:0b:05:fb:53:6c:47:61:88:5f:
ca:4d:81:9d:c7:c9:1d:ef:3f:f3:e1:8b:ca:5f:ee:f4:82:2c:
57:af:ef:33:83:51:57:5c:7c:57:07:52:4b:dc:a8:b6:a0:73:
73:b2:22:74:fa:6d:14:05:4a:a1:73:87:f8:d9:d2:e7:6e:af:
4c:8a:7f:20:a5:50:e7:92:ad:ec:d3:2d:32:98:f0:a5:4b:50:
89:39:1b:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVPHfccOcAd83rKWlrFUgT7Nuln8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMDJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5NjJjYTRkMGNkNGJhNzBmMTZjNTAzMTU0NDdmNGM5ZGU2NzE2YWU2MGJm
ZjBhYjQ5YjBiNmNlYmZmZWJlOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALC87s2jnRTPL8CVzHjsMh0ya/iN5CJxzN5HcMw4eGo/MRh9qX6LKAS49Hzh
lvQHVG8xzDx+X5yzCrRhpszu6YyaOWrkXuyhnBVAMY6S1z/FoKlZECZ6safYVFdm
lXZTGaRG9aYQFwVDRItLDRvcvupJ5gP2bgr6i6c6ydmhG5je2bPPeYKSOEU6XSyQ
T55Jri4XyU4U9H4pyhAl7vexn9t65ot6PhUpljuQjgWwpT/U4xZbvRjqx0bAseMX
6CqS/L1BDd7e/lSoMm/d1KODqqqkWJIEn5mqm58poGAEKeIALDLVy3gwosKljmyl
wgU1xiihCInNlG0Nxfn8FowEKXkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQKCPe6
30VLMy9Qal+FUsHNGOPr5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4Mjk1MTYtODY0MC00YTlhLWEyYjMtY2ZhYmFiZjA5ZmFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
gDANBgkqhkiG9w0BAQsFAAOCAQEAiNxUQ1Ng+Xs7VkWmNLdoQ0OumLWjduZaJ4BL
8yG+PLT8O2j+7feuhlEaQk5HUVgTVgbT+juq29LwjL31g5fDYip3chB4bF4EDEKc
ZqGGZNOCktRN5etutKjRsSMEEDH3FQj2vVwKSBMTy+d5rTR0lYuGQMousW93GW4+
9mqBk+8miUcNRTPU4nG5+s9lDgCz7D6gK1Xa9fP7fb3a0S4Izudhp/rmLL24WyaY
CwX7U2xHYYhfyk2BncfJHe8/8+GLyl/u9IIsV6/vM4NRV1x8VwdSS9yotqBzc7Ii
dPptFAVKoXOH+NnS526vTIp/IKVQ55Kt7NMtMpjwpUtQiTkbRw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:39 2025 by rpki-client