Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/61a0530d-8d0b-4fd7-8bef-6b8c99c3df33.roa
File: 61a0530d-8d0b-4fd7-8bef-6b8c99c3df33.roa (raw, json)
Hash identifier: cXQ17Xv5jbCCZRw0nedIUt7WaBrVwn1OSAHpoN5fLok=
Subject key identifier: 97:47:54:6B:93:86:F1:47:18:AB:33:31:F1:08:9E:94:26:60:69:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 509FA6152BE9B46296768FB9B8DB29670E857332
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/61a0530d-8d0b-4fd7-8bef-6b8c99c3df33.roa
Signing time: Mon 16 Jun 2025 21:20:38 +0000
ROA not before: Mon 16 Jun 2025 21:20:38 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:9f:a6:15:2b:e9:b4:62:96:76:8f:b9:b8:db:29:67:0e:85:73:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:38 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f922dd040fa8520fd66500a9c98f0c3f7ef668e2ce5757137ec620d77fc2279a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:50:92:a8:58:13:e7:82:48:a6:f2:f6:d5:45:
1c:04:43:ce:a9:1b:0d:48:a7:03:d9:ff:fd:f4:e4:
80:b8:99:cb:ba:0a:33:9a:e3:f6:e9:de:68:f1:98:
74:2b:89:37:6c:78:a6:1d:80:37:a6:0b:b3:6b:45:
ec:ec:2c:1c:68:79:28:7f:fd:f3:6c:a0:e3:b7:6e:
dd:48:9c:6e:31:43:2c:02:45:ff:56:2b:39:86:53:
23:67:9b:44:5c:0c:87:92:a9:d4:d8:5f:94:b4:e7:
8c:75:2f:4d:20:af:5e:78:0c:67:c0:81:f6:66:a0:
0c:52:b6:b1:93:7e:64:28:15:b8:6c:40:56:3c:4f:
76:86:de:29:08:33:dd:a4:f3:20:d5:d0:a3:97:0b:
a0:01:e2:1f:3d:11:86:9f:45:51:38:cb:61:71:ac:
4a:a5:e9:28:be:32:2d:50:0e:a2:41:71:13:55:22:
59:ec:76:79:01:fd:78:42:f3:63:d9:95:39:ca:57:
00:be:4c:ab:f2:11:42:e0:0b:26:d0:b8:53:4b:9f:
89:9a:64:c5:69:a7:df:2a:3d:3c:90:a2:ce:a3:20:
7a:f4:39:13:c5:2c:9e:12:17:ce:e4:b0:f4:11:3a:
ce:12:7c:9a:4a:fe:dd:2b:48:a0:c1:19:e5:f4:a2:
b2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:47:54:6B:93:86:F1:47:18:AB:33:31:F1:08:9E:94:26:60:69:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/61a0530d-8d0b-4fd7-8bef-6b8c99c3df33.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:a000::/40
Signature Algorithm: sha256WithRSAEncryption
08:b3:f2:4c:ac:b4:8a:5b:3f:03:a8:19:3b:5f:99:40:cf:84:
d9:11:13:4f:96:41:66:58:c8:8d:dd:cf:c0:c9:c0:ed:f6:8d:
dc:32:d4:75:10:70:ae:a1:fe:14:77:69:98:1d:1c:63:3f:00:
cc:d1:58:e3:b9:cc:34:f8:88:f0:c5:8b:77:5b:7d:13:e2:70:
d3:35:c7:76:8b:1a:68:79:6b:09:8c:34:5e:4a:42:37:7e:1a:
9c:61:9f:b9:20:d7:96:6e:39:b2:bc:76:8c:3f:3e:77:90:70:
45:9c:ce:91:5d:22:10:79:92:d8:cd:a8:92:36:64:75:ef:65:
0d:a7:aa:bc:12:61:1c:6c:1e:5d:11:3a:14:dd:e3:c4:04:c4:
1f:8c:0f:7e:fb:11:42:e8:63:72:93:f0:a4:46:44:7c:2b:ba:
26:00:5e:84:6c:61:f7:e7:83:d7:64:c3:46:45:d5:4e:49:c6:
5b:56:d5:98:52:b6:fe:55:d1:00:3b:92:ae:2a:74:90:b1:23:
fa:2f:66:09:9d:3a:c9:1e:e4:3e:89:39:3c:29:7e:c2:f9:ac:
d7:06:8f:26:79:cf:8c:42:e4:00:3c:48:c5:ee:82:d6:0f:0c:
9a:db:c7:83:26:de:21:a9:5a:19:cc:41:d1:10:16:c2:57:56:
dc:e7:85:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUJ+mFSvptGKWdo+5uNspZw6FczIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwMzhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MjJkZDA0MGZhODUyMGZkNjY1MDBhOWM5OGYwYzNmN2VmNjY4ZTJjZTU3
NTcxMzdlYzYyMGQ3N2ZjMjI3OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBQkqhYE+eCSKby9tVFHARDzqkbDUinA9n//fTkgLiZy7oKM5rj9uneaPGY
dCuJN2x4ph2AN6YLs2tF7OwsHGh5KH/982yg47du3UicbjFDLAJF/1YrOYZTI2eb
RFwMh5Kp1NhflLTnjHUvTSCvXngMZ8CB9magDFK2sZN+ZCgVuGxAVjxPdobeKQgz
3aTzINXQo5cLoAHiHz0Rhp9FUTjLYXGsSqXpKL4yLVAOokFxE1UiWex2eQH9eELz
Y9mVOcpXAL5Mq/IRQuALJtC4U0ufiZpkxWmn3yo9PJCizqMgevQ5E8UsnhIXzuSw
9BE6zhJ8mkr+3StIoMEZ5fSist8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSXR1Rr
k4bxRxirMzHxCJ6UJmBpjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjFhMDUzMGQtOGQwYi00ZmQ3LThiZWYtNmI4Yzk5YzNkZjMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWg
MA0GCSqGSIb3DQEBCwUAA4IBAQAIs/JMrLSKWz8DqBk7X5lAz4TZERNPlkFmWMiN
3c/AycDt9o3cMtR1EHCuof4Ud2mYHRxjPwDM0Vjjucw0+IjwxYt3W30T4nDTNcd2
ixpoeWsJjDReSkI3fhqcYZ+5INeWbjmyvHaMPz53kHBFnM6RXSIQeZLYzaiSNmR1
72UNp6q8EmEcbB5dEToU3ePEBMQfjA9++xFC6GNyk/CkRkR8K7omAF6EbGH354PX
ZMNGRdVOScZbVtWYUrb+VdEAO5KuKnSQsSP6L2YJnTrJHuQ+iTk8KX7C+azXBo8m
ec+MQuQAPEjF7oLWDwya28eDJt4hqVoZzEHREBbCV1bc54WU
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:24:03 2025 by rpki-client