Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa
File: 5f28c807-572d-4641-be39-53109963f4c3.roa (raw, json)
Hash identifier: mQdjWU+BR9QA1v0xQzf+c7BrqYD9T9iHoErsNtB84Hc=
Subject key identifier: D3:03:FD:77:28:1B:4B:5F:5B:E2:A1:10:BF:E5:AE:C1:CD:7A:AE:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 462D2954AF50139D80FDBC21BF82DDC7D7900BEF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa
Signing time: Mon 16 Jun 2025 21:01:26 +0000
ROA not before: Mon 16 Jun 2025 21:01:26 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:2d:29:54:af:50:13:9d:80:fd:bc:21:bf:82:dd:c7:d7:90:0b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:01:26 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=6afbcde3cdc31d86b65ea1cb6a3a44f8a221d60d1df228fba0f80b6021a1891c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e1:87:32:62:b1:65:2d:53:f1:91:f1:2e:a2:
ab:2f:22:66:86:46:2c:38:9d:f5:37:c5:60:08:bc:
cd:a4:3e:3d:8a:f9:27:cb:d5:21:60:ec:1e:ab:65:
92:60:72:36:d7:75:cb:f1:f1:89:12:29:10:ee:5e:
c6:97:21:64:47:ec:40:75:fd:3c:ee:dd:75:c5:0a:
e8:ed:01:38:4d:2d:46:ba:4f:1d:ef:5c:9c:fb:18:
9f:d9:a1:78:3f:d5:9b:3d:de:02:4f:9d:88:cf:b8:
5b:2a:6b:33:c7:f4:9a:a8:47:3b:90:5e:0d:4d:3e:
ca:eb:56:ef:e5:98:69:06:e8:d6:72:bf:b9:b3:ea:
9e:28:eb:27:3d:d2:92:89:8e:6b:fc:5e:78:1b:ee:
e7:82:d9:4c:84:ec:00:8a:09:fa:02:52:12:cc:0d:
fd:13:ee:83:27:12:46:dc:27:21:35:9e:8a:be:dc:
c6:1b:25:bb:b7:15:56:d0:59:d6:64:60:ed:a3:2a:
73:92:90:6f:4c:84:1d:30:03:5c:26:74:5d:85:31:
0d:11:83:75:18:0e:4e:03:39:57:41:d6:f0:e2:5b:
36:bd:10:22:a1:93:1c:d6:9c:32:2a:84:26:73:42:
33:63:09:80:ed:f6:77:5d:07:86:c1:28:93:d3:14:
3b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:03:FD:77:28:1B:4B:5F:5B:E2:A1:10:BF:E5:AE:C1:CD:7A:AE:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:a000::/40
Signature Algorithm: sha256WithRSAEncryption
39:4f:f7:f3:44:18:38:23:8b:22:2e:5d:6e:b7:c9:d3:3d:40:
55:b1:68:db:05:25:a9:9b:c0:b8:32:a6:e7:6d:75:0b:ac:18:
ce:6e:c5:5d:bb:2e:e4:18:bd:59:22:f3:43:3b:21:74:03:d3:
45:69:f2:aa:f5:3f:20:07:50:1d:77:9c:97:3c:bb:dc:56:b1:
0a:27:b7:c6:75:58:0e:4c:8a:8f:12:2c:07:3e:34:fa:01:53:
0f:6b:c8:0e:4d:13:2c:e8:82:d1:b3:81:2b:6e:80:80:ef:c8:
86:76:c7:33:2b:22:e7:81:21:ec:0a:72:43:d1:5c:f1:87:b0:
bf:36:7a:96:53:94:49:65:a4:27:ce:fb:5a:60:ee:7c:2e:8a:
83:c6:63:9b:ae:d9:88:c9:ba:f2:ab:e9:be:a0:27:46:16:0f:
11:a7:87:4b:fd:f5:7e:d9:3a:5d:31:0d:84:bb:25:34:fc:f6:
b9:da:47:32:98:aa:75:14:5c:c5:7a:ab:02:fe:33:e6:40:d1:
3c:8a:d2:0a:44:91:b6:f8:63:ff:a9:98:6d:b6:96:65:f0:b2:
c7:d1:cc:5b:e9:e7:7a:64:d4:c4:fb:58:61:69:31:89:b8:51:
92:ae:32:6c:45:77:5b:53:c8:00:ff:fe:54:70:7c:cb:aa:a7:
18:bc:95:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURi0pVK9QE52A/bwhv4Ldx9eQC+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAxMjZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZmJjZGUzY2RjMzFkODZiNjVlYTFjYjZhM2E0NGY4YTIyMWQ2MGQxZGYy
MjhmYmEwZjgwYjYwMjFhMTg5MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrhhzJisWUtU/GR8S6iqy8iZoZGLDid9TfFYAi8zaQ+PYr5J8vVIWDsHqtl
kmByNtd1y/HxiRIpEO5expchZEfsQHX9PO7ddcUK6O0BOE0tRrpPHe9cnPsYn9mh
eD/Vmz3eAk+diM+4WyprM8f0mqhHO5BeDU0+yutW7+WYaQbo1nK/ubPqnijrJz3S
komOa/xeeBvu54LZTITsAIoJ+gJSEswN/RPugycSRtwnITWeir7cxhslu7cVVtBZ
1mRg7aMqc5KQb0yEHTADXCZ0XYUxDRGDdRgOTgM5V0HW8OJbNr0QIqGTHNacMiqE
JnNCM2MJgO32d10HhsEok9MUO+0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTA/13
KBtLX1vioRC/5a7BzXquZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYyOGM4MDctNTcyZC00NjQxLWJlMzktNTMxMDk5NjNmNGMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dag
MA0GCSqGSIb3DQEBCwUAA4IBAQA5T/fzRBg4I4siLl1ut8nTPUBVsWjbBSWpm8C4
MqbnbXULrBjObsVduy7kGL1ZIvNDOyF0A9NFafKq9T8gB1Add5yXPLvcVrEKJ7fG
dVgOTIqPEiwHPjT6AVMPa8gOTRMs6ILRs4ErboCA78iGdsczKyLngSHsCnJD0Vzx
h7C/NnqWU5RJZaQnzvtaYO58LoqDxmObrtmIybryq+m+oCdGFg8Rp4dL/fV+2Tpd
MQ2EuyU0/Pa52kcymKp1FFzFeqsC/jPmQNE8itIKRJG2+GP/qZhttpZl8LLH0cxb
6ed6ZNTE+1hhaTGJuFGSrjJsRXdbU8gA//5UcHzLqqcYvJVI
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:15 2025 by rpki-client