Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
File: 7109e934-b803-4bd3-8dfc-cfe0c2222824.roa (raw, json)
Hash identifier: 6UsfkaLZy1rZ0oq6fHQAfeLbZKK3L2fAKAJFQLl1OTQ=
Subject key identifier: AA:75:B3:55:C9:62:7B:DC:26:EA:B4:FF:CA:87:08:98:FE:79:42:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4983E5043F878252093443DE5CDECFA23F0AE929
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
Signing time: Thu 26 Jun 2025 19:37:13 +0000
ROA not before: Thu 26 Jun 2025 19:37:13 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:83:e5:04:3f:87:82:52:09:34:43:de:5c:de:cf:a2:3f:0a:e9:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:13 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=541b15e4b8818fdeb75bbfacd1e1c6dabb658311e6b328d82b60eb3edba45fa3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:74:3f:ee:90:6f:bc:2c:bc:8c:d7:4d:6e:ac:
83:f6:ba:51:59:84:75:25:4d:e3:1f:11:b7:b0:7b:
88:43:55:71:6e:a2:d0:ae:8d:b4:1d:53:f1:2d:ec:
86:f6:73:5f:05:06:8e:39:be:01:f9:58:0c:f9:5a:
5c:0a:c8:c4:f8:dc:de:1b:5c:ef:3f:3d:eb:ce:22:
22:4a:21:cf:36:39:f2:d8:b7:f5:11:90:88:e5:d3:
0a:50:b7:c9:e1:c5:0c:8a:04:6d:70:b0:f1:56:dd:
e2:75:e6:96:c9:8b:77:49:6d:6f:b0:1b:7a:b1:08:
0d:d0:2f:56:b2:35:05:db:6f:09:70:a9:ca:29:1d:
60:d5:97:1c:29:1a:8c:3f:1e:aa:7c:76:d0:ac:6d:
05:fb:40:db:56:61:55:6b:26:60:d4:9f:4e:07:ea:
2b:ff:05:4f:83:71:70:b5:93:59:e6:56:24:78:c4:
d5:a0:47:49:f0:7f:e0:62:dc:bb:0e:65:7d:18:88:
c0:bd:e9:d5:2f:e4:25:3a:40:fc:ea:ef:6a:16:33:
66:b9:be:eb:9d:54:56:55:43:a0:05:ad:da:2c:ea:
0a:da:bd:9f:64:6e:7b:32:fd:1e:93:5a:5a:05:e0:
75:73:ec:20:7b:42:25:e5:77:e3:3a:af:20:5e:6f:
8a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:75:B3:55:C9:62:7B:DC:26:EA:B4:FF:CA:87:08:98:FE:79:42:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:5040::/46
Signature Algorithm: sha256WithRSAEncryption
14:1c:c8:1d:a8:94:7a:ec:cd:fd:14:d7:fd:f2:f8:ab:2e:58:
9a:2c:33:d3:06:d1:93:3e:86:f9:d2:7a:1f:51:d2:e8:ec:58:
d8:ce:c9:ca:95:57:e6:86:db:8c:7b:5e:ba:72:6a:17:3e:c3:
9b:6f:1b:df:a7:01:f0:06:89:d8:8d:b7:a7:da:88:3b:52:2d:
77:ef:bd:67:2b:f4:82:d8:c5:07:2c:ba:e1:17:59:61:f8:1b:
8b:35:b8:6a:46:0a:ff:15:79:cb:f4:60:5a:7d:35:47:53:8e:
91:ee:72:f4:0e:a6:24:3e:84:59:73:e8:cb:fc:ac:8e:61:41:
c9:00:de:99:be:a7:27:0f:4c:53:9b:f5:d3:f4:8a:44:9e:f5:
62:91:10:f6:4a:fd:54:ba:91:57:57:c9:11:b9:ad:e2:96:e1:
a7:6d:d2:18:12:83:85:1d:6a:be:48:ff:f8:b4:9c:7a:c5:b4:
2e:b2:d1:0a:96:13:c1:43:36:33:55:e1:00:78:f8:2f:a0:1e:
05:a7:b8:92:de:aa:6f:ae:04:98:d6:ac:a2:ba:8a:b4:63:4e:
9a:ee:6d:a9:f8:75:29:7e:be:5c:73:2f:64:02:92:29:75:5a:
8d:b8:ed:db:5e:14:32:ec:75:51:e8:ce:57:77:c8:eb:f3:9e:
3d:cb:98:46
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSYPlBD+HglIJNEPeXN7Poj8K6SkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MTNaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MWIxNWU0Yjg4MThmZGViNzViYmZhY2QxZTFjNmRhYmI2NTgzMTFlNmIz
MjhkODJiNjBlYjNlZGJhNDVmYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALN0P+6Qb7wsvIzXTW6sg/a6UVmEdSVN4x8Rt7B7iENVcW6i0K6NtB1T8S3s
hvZzXwUGjjm+AflYDPlaXArIxPjc3htc7z89684iIkohzzY58ti39RGQiOXTClC3
yeHFDIoEbXCw8Vbd4nXmlsmLd0ltb7AberEIDdAvVrI1BdtvCXCpyikdYNWXHCka
jD8eqnx20KxtBftA21ZhVWsmYNSfTgfqK/8FT4NxcLWTWeZWJHjE1aBHSfB/4GLc
uw5lfRiIwL3p1S/kJTpA/OrvahYzZrm+651UVlVDoAWt2izqCtq9n2RuezL9HpNa
WgXgdXPsIHtCJeV34zqvIF5vigcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSqdbNV
yWJ73CbqtP/KhwiY/nlCoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzEwOWU5MzQtYjgwMy00YmQzLThkZmMtY2ZlMGMyMjIyODI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAFBzIHaiUeuzN/RTX/fL4qy5Ymiwz0wbRkz6G
+dJ6H1HS6OxY2M7JypVX5obbjHteunJqFz7Dm28b36cB8AaJ2I23p9qIO1Itd++9
Zyv0gtjFByy64RdZYfgbizW4akYK/xV5y/RgWn01R1OOke5y9A6mJD6EWXPoy/ys
jmFByQDemb6nJw9MU5v10/SKRJ71YpEQ9kr9VLqRV1fJEbmt4pbhp23SGBKDhR1q
vkj/+LScesW0LrLRCpYTwUM2M1XhAHj4L6AeBae4kt6qb64EmNasorqKtGNOmu5t
qfh1KX6+XHMvZAKSKXVajbjt214UMux1UejOV3fI6/OePcuYRg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:32 2025 by rpki-client