Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
File: 5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa (raw, json)
Hash identifier: 11rw3AMYH5sf2BTZMcRcHQ2YRQntwvQN4KCoGmEoX1I=
Subject key identifier: 5F:3B:01:C5:28:5F:94:17:A2:CF:06:35:9F:03:68:81:83:93:0F:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1974EA98EF202334F9AB83EF7DA9635C0B4493B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
Signing time: Mon 16 Jun 2025 21:20:53 +0000
ROA not before: Mon 16 Jun 2025 21:20:53 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:74:ea:98:ef:20:23:34:f9:ab:83:ef:7d:a9:63:5c:0b:44:93:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:53 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=366896fbb6d22fccfa1290f5990ab54b24870fad70344ee31978bdce480d35f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:96:c3:52:f4:bb:14:a9:4b:c8:28:47:e9:4f:
70:fe:ad:70:46:9d:47:0f:f2:5b:db:bb:70:f0:b2:
2a:9c:5b:5b:9c:23:3d:a3:ba:ee:33:66:94:37:dd:
8a:fb:49:d7:f6:69:32:e2:cf:d8:d8:78:0f:ec:88:
21:b8:33:5c:66:52:4e:1a:eb:8c:0e:41:44:d8:ed:
bc:fa:e7:cd:87:d6:e3:d3:54:40:7e:cd:59:d8:86:
b7:99:46:f2:c5:7a:d3:9c:f8:64:b8:50:b9:59:1b:
93:59:4b:22:3b:2f:a8:2b:5a:62:23:6f:29:99:1f:
bb:ea:34:b2:0f:09:f6:de:29:b3:eb:fc:14:42:d0:
a6:4c:47:b6:d5:bb:33:02:0f:ed:85:2b:fe:27:f9:
d7:16:85:34:60:ee:36:bb:85:86:23:31:8d:63:df:
62:6f:ec:25:09:f3:7c:46:25:80:d9:6d:03:7a:b5:
b9:6b:4c:8a:af:29:d1:d5:64:e5:b2:33:27:48:c5:
be:f3:7c:cb:44:74:1f:cd:24:26:ab:ae:ad:5b:d2:
73:c7:6c:3c:82:b1:3c:cc:bd:1a:31:65:67:6b:03:
4a:87:22:4e:1d:d3:bf:12:fd:58:b4:a3:96:4c:dc:
66:49:a7:fd:0b:39:ef:c7:d8:1e:df:4e:5e:04:25:
8c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3B:01:C5:28:5F:94:17:A2:CF:06:35:9F:03:68:81:83:93:0F:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8000::/40
Signature Algorithm: sha256WithRSAEncryption
2b:27:4b:eb:9e:d9:ce:f6:07:cb:4b:ef:cc:51:c4:25:a1:a2:
c5:c5:f7:a0:67:1e:26:a1:f6:1f:cf:29:fc:2b:88:40:ae:86:
04:74:59:90:d5:ab:6e:8d:a4:d1:e7:6a:40:13:85:68:91:c6:
47:d4:31:46:e7:de:c5:fe:48:04:b6:8b:45:dc:0d:d1:f1:ba:
bf:7a:a9:9a:6c:e9:d8:23:8a:03:de:75:4f:58:7d:db:3a:32:
5f:13:0c:62:97:ca:91:96:13:c7:a7:d3:a9:be:81:ef:db:2f:
db:31:2d:cb:be:aa:f6:59:62:3b:c1:e5:ff:d6:68:d8:b9:92:
52:74:9e:fa:6c:20:82:38:17:c6:94:48:d3:fa:21:1e:42:58:
98:f3:3c:fc:a5:f4:5c:fc:32:e5:46:0d:35:e4:7e:98:cf:94:
2a:04:f4:72:25:48:2d:01:c6:ea:a9:95:be:c0:f3:17:23:7f:
91:9b:4e:22:8b:b4:25:23:13:19:05:22:38:c5:80:00:fa:a5:
2b:89:0f:48:66:af:1f:79:de:fb:58:10:90:28:07:d7:24:61:
fb:d6:13:fb:56:d0:01:0e:fc:e2:e5:d8:43:fc:8a:27:01:43:
af:aa:a6:c2:d7:6d:4f:1f:11:47:ec:d3:58:8f:9c:b0:5f:8b:
7a:55:38:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGXTqmO8gIzT5q4PvfaljXAtEk7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwNTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2Njg5NmZiYjZkMjJmY2NmYTEyOTBmNTk5MGFiNTRiMjQ4NzBmYWQ3MDM0
NGVlMzE5NzhiZGNlNDgwZDM1ZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyWw1L0uxSpS8goR+lPcP6tcEadRw/yW9u7cPCyKpxbW5wjPaO67jNmlDfd
ivtJ1/ZpMuLP2Nh4D+yIIbgzXGZSThrrjA5BRNjtvPrnzYfW49NUQH7NWdiGt5lG
8sV605z4ZLhQuVkbk1lLIjsvqCtaYiNvKZkfu+o0sg8J9t4ps+v8FELQpkxHttW7
MwIP7YUr/if51xaFNGDuNruFhiMxjWPfYm/sJQnzfEYlgNltA3q1uWtMiq8p0dVk
5bIzJ0jFvvN8y0R0H80kJquurVvSc8dsPIKxPMy9GjFlZ2sDSociTh3TvxL9WLSj
lkzcZkmn/Qs578fYHt9OXgQljD0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfOwHF
KF+UF6LPBjWfA2iBg5MP7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYzMDU0YjgtNTRlZS00YjhiLWFmYzgtNTMxZjI0ZDU5ZmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSA
MA0GCSqGSIb3DQEBCwUAA4IBAQArJ0vrntnO9gfLS+/MUcQloaLFxfegZx4mofYf
zyn8K4hAroYEdFmQ1atujaTR52pAE4VokcZH1DFG597F/kgEtotF3A3R8bq/eqma
bOnYI4oD3nVPWH3bOjJfEwxil8qRlhPHp9OpvoHv2y/bMS3Lvqr2WWI7weX/1mjY
uZJSdJ76bCCCOBfGlEjT+iEeQliY8zz8pfRc/DLlRg015H6Yz5QqBPRyJUgtAcbq
qZW+wPMXI3+Rm04ii7QlIxMZBSI4xYAA+qUriQ9IZq8fed77WBCQKAfXJGH71hP7
VtABDvzi5dhD/IonAUOvqqbC121PHxFH7NNYj5ywX4t6VThr
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:17 2025 by rpki-client