Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
File: 5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa (raw, json)
Hash identifier: K+uCPV6VRt5dckv3+BS7raWv9fNlgRMih418YdNIGZg=
Subject key identifier: 56:6F:29:51:07:41:2B:1A:84:41:2B:53:AA:83:72:60:5A:6A:AD:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D4487FB4999D06B540B12321629BE6040B8AFC1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
Signing time: Mon 16 Jun 2025 19:51:10 +0000
ROA not before: Mon 16 Jun 2025 19:51:10 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:44:87:fb:49:99:d0:6b:54:0b:12:32:16:29:be:60:40:b8:af:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:10 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=547ee1619b0b1200621efd1c2b3b0cf7bc7a989bc572ce5fc833f99eb499e997, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b2:3e:73:6a:d2:eb:86:86:28:85:71:8a:54:
f7:0b:d3:ac:10:4f:f8:3a:24:df:5e:f4:14:5d:dd:
fd:cb:32:96:cf:31:c5:35:78:7c:65:b5:e2:4e:58:
b4:6b:50:cb:52:e1:f5:52:9f:31:6c:84:eb:13:11:
fe:da:b2:c4:93:23:d2:fa:96:cb:f3:0d:e3:46:13:
bc:5f:90:18:df:12:72:a4:41:42:20:91:8e:77:21:
ab:0c:bf:71:97:ef:fb:e6:c9:c6:74:29:9b:24:3b:
45:72:7f:6c:d2:08:ac:10:69:c6:90:48:90:37:15:
f1:66:a6:30:40:70:d7:ad:63:92:40:44:86:0c:78:
76:5b:8c:52:49:91:4e:59:3d:c4:5d:26:4c:56:25:
1a:e9:fd:4b:16:ee:81:cb:0e:32:2f:23:98:b8:4b:
3c:1f:f1:3c:4d:3e:2f:c4:92:c8:66:53:2c:e1:e3:
2d:ce:a3:a2:30:67:a6:d1:31:48:6e:de:c9:b2:9a:
c1:68:01:08:cf:c2:a8:9b:ad:72:ff:92:98:e2:f2:
be:aa:6c:3e:23:9b:4d:3a:fb:e1:53:6e:89:98:19:
41:4d:14:dd:28:6d:13:d3:f2:96:72:50:4d:c5:5d:
44:da:57:c7:78:90:02:96:3d:99:17:12:ed:eb:fc:
1a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:6F:29:51:07:41:2B:1A:84:41:2B:53:AA:83:72:60:5A:6A:AD:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d1fff98-4415-4cd0-b2cc-26f61a8cae7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
ac:a3:db:c7:49:96:1d:77:97:7f:52:05:c2:d1:79:d8:fc:b0:
11:59:26:96:f4:1a:22:7b:85:96:b3:3e:85:9a:68:28:16:28:
db:09:83:43:8e:d8:22:18:9c:af:0f:03:f8:3b:05:2b:60:97:
22:61:e5:6b:c6:e5:ed:b6:b0:f5:70:f7:5e:23:54:57:3f:f9:
ca:69:c1:89:e4:f8:d4:2f:7f:4a:f6:ab:04:dd:d0:3f:59:f2:
7e:c9:eb:f9:5a:6d:21:57:5d:26:d7:76:b1:9c:88:7d:40:02:
ed:22:a2:ad:c2:8d:f5:f9:10:88:88:aa:27:4e:f2:2f:f9:29:
af:90:4f:65:5b:f2:e9:a0:4a:50:ba:d7:de:db:37:31:80:40:
11:a7:22:7b:da:5a:21:d4:09:cf:ad:a1:6e:b8:3c:40:9f:b0:
5a:11:37:47:6c:d7:2b:31:4e:6d:b0:4b:d4:d5:20:3e:5a:d2:
c9:63:48:7e:1f:1c:75:be:2b:be:b5:d3:79:0f:47:2f:f5:f9:
41:d4:f4:4e:3b:9e:19:0b:9f:7f:c2:7a:be:27:9d:73:ed:c3:
36:b6:6b:80:07:b9:78:24:5d:b5:df:43:d2:00:55:e7:a4:97:
e5:47:9e:63:12:95:0e:b7:67:39:2b:40:ed:9a:a2:40:be:15:
f4:b1:67:40
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbUSH+0mZ0GtUCxIyFim+YEC4r8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxMTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0N2VlMTYxOWIwYjEyMDA2MjFlZmQxYzJiM2IwY2Y3YmM3YTk4OWJjNTcy
Y2U1ZmM4MzNmOTllYjQ5OWU5OTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuyPnNq0uuGhiiFcYpU9wvTrBBP+Dok3170FF3d/csyls8xxTV4fGW14k5Y
tGtQy1Lh9VKfMWyE6xMR/tqyxJMj0vqWy/MN40YTvF+QGN8ScqRBQiCRjnchqwy/
cZfv++bJxnQpmyQ7RXJ/bNIIrBBpxpBIkDcV8WamMEBw161jkkBEhgx4dluMUkmR
Tlk9xF0mTFYlGun9SxbugcsOMi8jmLhLPB/xPE0+L8SSyGZTLOHjLc6jojBnptEx
SG7eybKawWgBCM/CqJutcv+SmOLyvqpsPiObTTr74VNuiZgZQU0U3ShtE9PylnJQ
TcVdRNpXx3iQApY9mRcS7ev8GkkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRWbylR
B0ErGoRBK1Oqg3JgWmqtRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQxZmZmOTgtNDQxNS00Y2QwLWIyY2MtMjZmNjFhOGNhZTdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
sDANBgkqhkiG9w0BAQsFAAOCAQEArKPbx0mWHXeXf1IFwtF52PywEVkmlvQaInuF
lrM+hZpoKBYo2wmDQ47YIhicrw8D+DsFK2CXImHla8bl7baw9XD3XiNUVz/5ymnB
ieT41C9/SvarBN3QP1nyfsnr+VptIVddJtd2sZyIfUAC7SKircKN9fkQiIiqJ07y
L/kpr5BPZVvy6aBKULrX3ts3MYBAEacie9paIdQJz62hbrg8QJ+wWhE3R2zXKzFO
bbBL1NUgPlrSyWNIfh8cdb4rvrXTeQ9HL/X5QdT0TjueGQuff8J6viedc+3DNrZr
gAe5eCRdtd9D0gBV56SX5UeeYxKVDrdnOStA7ZqiQL4V9LFnQA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:59 2025 by rpki-client