Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
File: 5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa (raw, json)
Hash identifier: ayIqK1JW0SJpS9V4nY98CUoWpUzhRdw+40d5ckhTfRg=
Subject key identifier: 6E:A7:57:2B:56:D2:EB:22:24:7F:C0:F9:8F:3D:B3:0D:EE:EF:32:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 239A194C4F9C3485B094022BF97C7C7313AC6607
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
Signing time: Mon 16 Jun 2025 21:21:23 +0000
ROA not before: Mon 16 Jun 2025 21:21:23 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:9a:19:4c:4f:9c:34:85:b0:94:02:2b:f9:7c:7c:73:13:ac:66:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:23 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c8b5bbc170444107cb20834261157313ed20e26fa5e6f8ec39ad632a02a8633a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:95:4a:d4:11:d3:0a:d3:1c:97:77:8a:4d:4b:
75:5c:fc:8a:9e:d2:b3:6b:f2:8a:e7:8c:e5:d1:e8:
cb:c9:eb:86:15:d0:16:6a:81:fd:e0:fd:20:b0:88:
0f:51:57:21:63:c9:0c:bc:f5:92:d2:64:4c:02:9b:
1d:bc:53:71:c0:82:a6:bf:5f:d4:42:f6:52:b7:66:
b1:b5:75:97:f2:89:ac:1c:cb:d9:0c:55:a0:62:72:
aa:82:0f:f0:7a:a0:ad:55:77:30:00:c0:58:67:a3:
1f:2d:bd:d7:be:08:76:a1:1c:82:ee:8d:ff:b1:d0:
89:c5:f2:26:f9:d7:39:d4:95:b1:52:ca:77:9b:cc:
4c:0b:e9:9c:99:0e:0a:6e:11:e4:ec:75:44:04:c5:
26:5d:c8:05:6c:f9:9c:f8:33:8c:84:46:02:29:90:
1a:6d:14:fa:42:cb:29:c3:4b:db:fb:a8:c3:7d:d5:
57:99:f6:36:b7:51:4a:49:23:9d:3d:4f:04:0a:08:
27:58:c2:d9:67:3e:f6:b3:22:48:24:a7:74:9f:2f:
6b:78:0a:af:6a:58:73:21:e3:f6:b4:10:5b:c1:45:
ba:f7:a2:a7:7c:9f:b8:58:59:fa:fb:e1:28:1c:aa:
3a:1a:a0:06:bd:05:02:42:6c:ba:fe:10:e1:41:fb:
14:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A7:57:2B:56:D2:EB:22:24:7F:C0:F9:8F:3D:B3:0D:EE:EF:32:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:cb:13:a9:97:5e:8b:77:80:86:9d:1a:72:ff:1c:13:1a:a3:
b0:ea:c5:94:f8:d7:76:a6:b3:37:40:5e:59:67:9a:e4:6d:3b:
86:7b:ee:63:67:68:68:9f:0b:95:d6:45:c0:e6:14:a9:77:c2:
bb:e5:03:9e:1f:05:75:a6:c8:7e:a9:62:4f:b1:a0:a6:2f:05:
39:9c:3b:6d:8b:02:fc:54:46:7a:90:e0:75:1a:b0:d5:33:f6:
10:5b:57:0b:ae:47:a6:c9:b3:c7:8f:a0:0b:cb:26:ae:22:eb:
cd:c7:f1:c8:b2:8a:20:35:26:4d:ef:67:6d:d0:ac:cc:1b:57:
d4:3e:e3:7f:63:88:a7:c7:79:6c:8a:b5:31:8c:78:54:7a:dd:
1b:e8:4a:32:b8:1c:bb:6f:c8:67:b0:67:d5:24:61:ab:e8:81:
11:94:e1:93:52:55:cf:bc:19:3a:3e:f2:16:67:67:b6:9a:5d:
6d:ce:ff:05:af:af:0c:b7:03:d3:b1:5a:ea:b2:5d:f6:67:b3:
43:fc:c3:40:3b:3d:80:3e:6e:86:0c:dc:68:d4:42:2e:72:4d:
90:d1:34:a5:c6:16:91:44:20:27:32:23:62:d0:61:07:fe:46:
b0:ac:c3:67:91:29:e3:5a:2c:35:1a:40:3e:52:b2:90:9a:db:
0b:5a:06:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI5oZTE+cNIWwlAIr+Xx8cxOsZgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMjNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4YjViYmMxNzA0NDQxMDdjYjIwODM0MjYxMTU3MzEzZWQyMGUyNmZhNWU2
ZjhlYzM5YWQ2MzJhMDJhODYzM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmVStQR0wrTHJd3ik1LdVz8ip7Ss2vyiueM5dHoy8nrhhXQFmqB/eD9ILCI
D1FXIWPJDLz1ktJkTAKbHbxTccCCpr9f1EL2UrdmsbV1l/KJrBzL2QxVoGJyqoIP
8HqgrVV3MADAWGejHy29174IdqEcgu6N/7HQicXyJvnXOdSVsVLKd5vMTAvpnJkO
Cm4R5Ox1RATFJl3IBWz5nPgzjIRGAimQGm0U+kLLKcNL2/uow33VV5n2NrdRSkkj
nT1PBAoIJ1jC2Wc+9rMiSCSndJ8va3gKr2pYcyHj9rQQW8FFuveip3yfuFhZ+vvh
KByqOhqgBr0FAkJsuv4Q4UH7FJ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRup1cr
VtLrIiR/wPmPPbMN7u8ydTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQ4ZTgzMWUtNGQ2MS00NDliLWE1MzItYTFkZDlkNzQzYWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hog
MA0GCSqGSIb3DQEBCwUAA4IBAQCoyxOpl16Ld4CGnRpy/xwTGqOw6sWU+Nd2prM3
QF5ZZ5rkbTuGe+5jZ2honwuV1kXA5hSpd8K75QOeHwV1psh+qWJPsaCmLwU5nDtt
iwL8VEZ6kOB1GrDVM/YQW1cLrkemybPHj6ALyyauIuvNx/HIsoogNSZN72dt0KzM
G1fUPuN/Y4inx3lsirUxjHhUet0b6EoyuBy7b8hnsGfVJGGr6IERlOGTUlXPvBk6
PvIWZ2e2ml1tzv8Fr68MtwPTsVrqsl32Z7ND/MNAOz2APm6GDNxo1EIuck2Q0TSl
xhaRRCAnMiNi0GEH/kawrMNnkSnjWiw1GkA+UrKQmtsLWgZy
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:38 2025 by rpki-client