Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a082d12-70e1-4005-8dd1-52b78c0c75af.roa
File: 6a082d12-70e1-4005-8dd1-52b78c0c75af.roa (raw, json)
Hash identifier: lyf8m6FWHP3zE5KlMHbNXI2OhZ0MnhYYv4s6QSAvQAE=
Subject key identifier: 9E:91:4B:06:02:F9:7B:A2:94:1C:37:D9:58:CC:E2:53:59:25:27:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50AA147EE1F3D6B3CACD65CE8312C558E3AFC8F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a082d12-70e1-4005-8dd1-52b78c0c75af.roa
Signing time: Thu 26 Jun 2025 19:38:52 +0000
ROA not before: Thu 26 Jun 2025 19:38:52 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:aa:14:7e:e1:f3:d6:b3:ca:cd:65:ce:83:12:c5:58:e3:af:c8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:52 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=e84c717fc66bdfcbe35a4b2c3f2caacf1473305b1ed48c495f4f52d66918c89a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5b:ba:fd:cf:77:22:c0:fc:27:99:b8:72:6c:
29:6f:f0:96:0f:17:ab:33:1f:97:33:a3:20:01:fb:
c8:9c:53:91:2e:53:08:56:12:48:ef:91:b5:0d:b5:
c1:3d:dd:b6:60:b3:39:99:26:d8:2a:6b:a9:ad:b8:
69:4f:14:87:99:be:98:fe:55:97:a6:53:7d:b4:93:
e1:d3:fa:bf:cd:22:9e:82:67:39:0e:b7:c0:40:c3:
66:55:17:6e:22:7c:67:56:3d:47:ed:e4:a3:ae:ae:
a9:22:ac:d4:19:8a:c8:07:0a:5d:59:90:f1:4e:f4:
b7:a8:17:fc:37:4c:6e:46:85:83:a4:6a:61:ec:ab:
10:07:4b:18:a1:fc:86:cc:57:bb:7b:95:25:87:4c:
38:91:a7:98:be:8d:b0:b2:63:06:45:e6:04:d7:cb:
cf:ea:ee:fc:3d:81:1f:4e:a0:18:8a:35:ee:40:c0:
46:7f:ba:98:42:de:af:dd:e9:8a:dc:68:9f:c9:4c:
57:08:3f:b0:c3:33:2a:34:c2:14:39:10:aa:c9:b9:
fb:c2:df:c3:bd:fe:d4:87:08:06:90:41:28:14:7e:
33:27:02:a6:fe:e7:c4:6d:5e:69:8d:fd:d4:a9:d8:
26:2e:0b:c2:4a:46:c3:25:80:ba:80:05:d1:85:9c:
99:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:91:4B:06:02:F9:7B:A2:94:1C:37:D9:58:CC:E2:53:59:25:27:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a082d12-70e1-4005-8dd1-52b78c0c75af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a080::/46
Signature Algorithm: sha256WithRSAEncryption
6e:f4:47:64:1f:5c:1d:6e:e0:c1:e6:13:1a:31:e7:ab:1c:43:
bb:9e:50:0c:3a:9d:3e:ef:7d:52:fe:da:9e:f3:4d:d5:88:1a:
00:86:33:1d:04:40:81:f5:2b:89:a9:09:4e:63:64:99:ec:4d:
9d:bf:29:57:de:ca:8f:85:b6:e1:e8:25:3b:88:76:29:d9:7c:
9d:0e:63:c3:38:ed:db:78:ab:ee:d5:66:82:ed:eb:61:89:61:
ec:ce:6c:25:f6:7c:15:68:b3:1c:9c:ac:52:c7:a5:48:0f:f0:
25:17:74:c2:a7:10:51:93:25:b2:94:ae:54:d7:4a:c4:b9:42:
c1:2e:de:93:55:a0:a8:67:2a:3f:21:26:4f:10:f2:90:96:8a:
e4:8a:e9:1c:12:d5:b0:8c:ef:01:db:27:bc:b8:2c:77:b9:ab:
92:e2:d2:89:88:bc:b2:85:67:71:ca:13:fb:3e:c7:a5:18:4a:
da:bb:1f:7d:74:13:89:0a:c0:67:5f:67:92:ee:51:55:9a:b2:
1d:3d:84:51:24:8f:30:28:09:a4:f4:44:f7:c7:89:98:c1:0e:
df:db:58:92:8e:88:37:7f:e7:17:d8:9e:7a:c6:63:0f:27:55:
52:f3:34:93:0d:eb:dc:8e:a8:cb:62:29:3a:ea:ab:56:90:e4:
3e:b7:3e:32
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUKoUfuHz1rPKzWXOgxLFWOOvyPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NTJaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4NGM3MTdmYzY2YmRmY2JlMzVhNGIyYzNmMmNhYWNmMTQ3MzMwNWIxZWQ0
OGM0OTVmNGY1MmQ2NjkxOGM4OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOFbuv3PdyLA/CeZuHJsKW/wlg8XqzMflzOjIAH7yJxTkS5TCFYSSO+RtQ21
wT3dtmCzOZkm2Cprqa24aU8Uh5m+mP5Vl6ZTfbST4dP6v80inoJnOQ63wEDDZlUX
biJ8Z1Y9R+3ko66uqSKs1BmKyAcKXVmQ8U70t6gX/DdMbkaFg6RqYeyrEAdLGKH8
hsxXu3uVJYdMOJGnmL6NsLJjBkXmBNfLz+ru/D2BH06gGIo17kDARn+6mELer93p
itxon8lMVwg/sMMzKjTCFDkQqsm5+8Lfw73+1IcIBpBBKBR+MycCpv7nxG1eaY39
1KnYJi4LwkpGwyWAuoAF0YWcmdcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSekUsG
Avl7opQcN9lYzOJTWSUnozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEwODJkMTItNzBlMS00MDA1LThkZDEtNTJiNzhjMGM3NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOg
gDANBgkqhkiG9w0BAQsFAAOCAQEAbvRHZB9cHW7gweYTGjHnqxxDu55QDDqdPu99
Uv7anvNN1YgaAIYzHQRAgfUriakJTmNkmexNnb8pV97Kj4W24eglO4h2Kdl8nQ5j
wzjt23ir7tVmgu3rYYlh7M5sJfZ8FWizHJysUselSA/wJRd0wqcQUZMlspSuVNdK
xLlCwS7ek1WgqGcqPyEmTxDykJaK5IrpHBLVsIzvAdsnvLgsd7mrkuLSiYi8soVn
ccoT+z7HpRhK2rsffXQTiQrAZ19nku5RVZqyHT2EUSSPMCgJpPRE98eJmMEO39tY
ko6IN3/nF9ieesZjDydVUvM0kw3r3I6oy2IpOuqrVpDkPrc+Mg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:15 2025 by rpki-client