Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
File: 613f885a-7f25-486b-9eff-fdd6b2c05b65.roa (raw, json)
Hash identifier: FYC35cKJBHFd37EaCJL/LiqvZCGfL/ECdX5uvkAqwBA=
Subject key identifier: 32:E2:68:3E:FC:F8:1F:59:56:A6:DE:BB:0E:E3:80:55:E7:71:C2:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50089F37DB2649E02CDA858086E537D31EAE8345
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
Signing time: Mon 16 Jun 2025 20:20:08 +0000
ROA not before: Mon 16 Jun 2025 20:20:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:08:9f:37:db:26:49:e0:2c:da:85:80:86:e5:37:d3:1e:ae:83:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d79482e7a210d7304c0397d7b50f18255d8f3690bb0c750725ae860e1d9f3ac0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7c:24:c5:00:80:8a:fb:de:85:25:ab:79:bc:
19:d2:59:5b:53:28:ce:1b:6b:40:2c:8c:1c:c7:db:
a2:67:0e:4b:ee:b9:21:d6:c6:bf:d5:8a:ae:34:f2:
f0:9c:16:49:d1:df:72:5e:ae:ba:51:35:02:e6:92:
b9:34:67:a4:ce:4d:b8:95:3c:e3:90:1b:f8:b0:0b:
6a:03:04:f3:88:cc:9b:82:06:71:67:7f:53:72:fc:
49:43:2a:1c:ce:cf:03:c7:71:34:d8:a4:bf:e4:5f:
ae:9c:bc:68:97:14:ab:0b:81:ac:d6:de:e7:9f:11:
50:a7:00:ff:e4:b6:6a:1a:49:cd:9b:ed:47:33:f5:
1b:d8:59:88:ae:31:8c:93:d9:05:15:c3:6d:57:d8:
87:5c:c4:bd:f6:5d:5b:4b:51:96:33:63:44:6a:85:
c2:5c:d8:3e:d9:16:ba:6f:1f:a1:90:fd:f9:d8:44:
8f:aa:2e:35:38:ec:41:38:d8:a2:c8:57:5d:2d:62:
66:d1:5c:6e:85:73:3c:87:5b:d1:a0:52:5c:28:5c:
8f:11:01:ed:4c:3f:f5:55:3b:4d:eb:5e:ee:4a:f3:
3f:03:ca:ab:a7:05:1d:71:b9:2f:4f:e6:3d:07:55:
02:5f:50:ed:a7:4d:01:f5:75:04:9b:aa:f6:5d:ce:
ab:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E2:68:3E:FC:F8:1F:59:56:A6:DE:BB:0E:E3:80:55:E7:71:C2:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4080::/48
Signature Algorithm: sha256WithRSAEncryption
93:76:ff:28:56:63:c8:59:2b:4d:1a:e6:85:df:be:0a:cf:40:
57:6e:7a:70:fa:74:14:e0:69:90:8d:93:e5:c4:af:b3:99:66:
87:b6:55:cb:ad:44:cb:59:a4:4f:d1:cc:aa:49:47:4e:d0:f7:
0c:dd:b4:6c:64:3d:f1:ff:90:bd:8c:1d:f1:2f:26:e2:5d:ab:
01:5b:63:21:e0:4c:1a:17:53:ab:d0:d5:21:a7:25:73:d8:fc:
13:c8:c2:f7:f1:7b:70:45:52:b1:9a:75:06:b0:4a:78:da:dc:
3d:0a:e4:fd:10:5c:60:63:88:1f:c1:87:92:cc:93:88:0e:aa:
30:72:e5:21:a4:35:1a:9c:e6:bb:01:ca:20:18:ca:d6:52:0c:
76:c7:a1:19:58:72:e5:6f:9b:22:c2:ab:6c:c6:b8:6b:8d:d4:
5a:5d:a7:f6:da:01:e6:66:a4:a8:55:ae:4a:69:b5:61:b9:31:
36:ca:a0:66:c0:75:8c:24:3e:63:55:cf:f9:37:ea:4c:27:f2:
e7:a4:0f:1a:f6:5a:83:db:98:08:3d:a9:c7:ab:96:8d:f0:9e:
76:a8:32:62:42:b8:4e:ee:76:ea:bc:d3:eb:65:6c:35:0c:46:
18:5b:49:b8:85:ad:b4:3e:09:d4:7f:41:6a:f4:f2:ed:7b:25:
29:7a:73:8c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUAifN9smSeAs2oWAhuU30x6ug0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3OTQ4MmU3YTIxMGQ3MzA0YzAzOTdkN2I1MGYxODI1NWQ4ZjM2OTBiYjBj
NzUwNzI1YWU4NjBlMWQ5ZjNhYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKF8JMUAgIr73oUlq3m8GdJZW1MozhtrQCyMHMfbomcOS+65IdbGv9WKrjTy
8JwWSdHfcl6uulE1AuaSuTRnpM5NuJU845Ab+LALagME84jMm4IGcWd/U3L8SUMq
HM7PA8dxNNikv+Rfrpy8aJcUqwuBrNbe558RUKcA/+S2ahpJzZvtRzP1G9hZiK4x
jJPZBRXDbVfYh1zEvfZdW0tRljNjRGqFwlzYPtkWum8foZD9+dhEj6ouNTjsQTjY
oshXXS1iZtFcboVzPIdb0aBSXChcjxEB7Uw/9VU7Tete7krzPwPKq6cFHXG5L0/m
PQdVAl9Q7adNAfV1BJuq9l3Oq70CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQy4mg+
/PgfWVam3rsO44BV53HCiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjEzZjg4NWEtN2YyNS00ODZiLTllZmYtZmRkNmIyYzA1YjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
gDANBgkqhkiG9w0BAQsFAAOCAQEAk3b/KFZjyFkrTRrmhd++Cs9AV256cPp0FOBp
kI2T5cSvs5lmh7ZVy61Ey1mkT9HMqklHTtD3DN20bGQ98f+QvYwd8S8m4l2rAVtj
IeBMGhdTq9DVIaclc9j8E8jC9/F7cEVSsZp1BrBKeNrcPQrk/RBcYGOIH8GHksyT
iA6qMHLlIaQ1GpzmuwHKIBjK1lIMdsehGVhy5W+bIsKrbMa4a43UWl2n9toB5mak
qFWuSmm1YbkxNsqgZsB1jCQ+Y1XP+TfqTCfy56QPGvZag9uYCD2px6uWjfCedqgy
YkK4Tu526rzT62VsNQxGGFtJuIWttD4J1H9BavTy7XslKXpzjA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:08:50 2025 by rpki-client