Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
File: 7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa (raw, json)
Hash identifier: Mn0qoiMT4ckV75NDVYtZv5xseo6T3rmk2vm0pSKYA4A=
Subject key identifier: 5C:73:E5:72:AF:84:1F:27:4E:6C:09:43:63:0D:FB:78:F6:CF:40:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D04067FC87B29BB895A0FC68EA2DDE6188ED147
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
Signing time: Mon 16 Jun 2025 19:40:15 +0000
ROA not before: Mon 16 Jun 2025 19:40:15 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:04:06:7f:c8:7b:29:bb:89:5a:0f:c6:8e:a2:dd:e6:18:8e:d1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:15 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=3bc2653585f64d1b1634f81982ad08ec85e0697258127f1698f63c9e1d93644e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d5:5e:77:c7:8f:8e:63:0b:29:71:07:60:8f:
f5:c6:10:ff:ad:47:04:b5:5d:ca:2e:40:b1:d4:02:
97:82:9f:a5:4e:e1:4c:1f:ee:43:fd:f5:d8:73:3d:
91:30:23:16:69:0d:86:96:ae:73:41:11:9e:0e:67:
ba:e3:73:e5:b4:f0:3c:1b:e5:fc:c6:9e:c2:cc:7b:
40:bf:da:87:b5:58:85:bf:49:5a:99:0d:f1:77:82:
93:19:08:b5:63:e7:cf:98:18:9d:26:91:b2:0d:7e:
98:1b:df:0f:13:33:19:b2:5f:99:83:23:00:2e:ad:
fb:78:58:b1:cc:15:6d:2d:cd:0e:56:dd:19:79:95:
03:a2:03:5e:53:bb:83:cf:9d:19:61:41:d1:ff:40:
f4:7f:4b:62:d6:e2:1a:ff:79:10:df:25:03:81:ab:
58:81:ff:19:eb:a5:e6:92:fc:cd:c9:80:44:a4:f7:
62:3e:63:7c:9e:2a:6e:c2:d3:9a:42:91:f7:9b:73:
3d:f5:d0:34:05:6d:b7:3c:7e:9f:87:11:b9:86:45:
12:51:2e:07:c0:e8:58:ce:ab:21:4f:1b:16:a9:4e:
06:a1:2e:7b:84:63:f5:6a:83:e8:73:fb:74:47:56:
c1:3b:35:fc:f4:f5:54:8c:56:35:50:44:77:a9:de:
02:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:73:E5:72:AF:84:1F:27:4E:6C:09:43:63:0D:FB:78:F6:CF:40:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
57:71:3d:84:70:05:36:39:39:ea:ce:83:0a:34:4e:35:9c:10:
16:1f:c3:a1:39:01:18:45:01:8a:14:fb:c7:61:0c:4d:5f:96:
d1:fd:31:93:28:37:c6:c6:58:51:ac:1e:f3:c7:7b:15:08:a3:
e4:7f:d8:05:ad:e2:af:5d:36:20:0e:18:e5:27:96:b4:27:a9:
02:d3:12:55:5a:ed:a8:d3:30:48:82:b4:a2:f4:d2:1e:05:62:
b0:47:96:a0:97:98:79:2b:62:e4:cb:b9:a4:4e:e1:9a:9c:bf:
5c:75:df:55:19:14:b3:e2:1e:6d:19:d3:8c:c9:d0:10:7c:4a:
a4:b2:30:f5:85:36:d8:fd:38:09:06:a0:0d:7c:65:43:69:8c:
0e:1a:19:fa:2d:54:57:f8:fb:10:3f:64:45:0d:75:46:13:3a:
4f:87:4e:b5:0a:5c:f8:a7:17:e7:aa:f9:27:33:32:ce:d8:c1:
b4:63:b3:97:15:86:c2:2e:da:6a:3a:f7:91:49:50:a3:f1:29:
9f:5e:f8:8c:6a:63:52:c5:bd:e5:ce:17:7c:d2:cb:42:1c:93:
c2:4b:b3:55:e5:81:99:05:b9:f9:30:27:25:21:2d:ee:87:a0:
9a:35:b6:f3:e3:d7:e5:90:eb:0c:c0:27:ca:69:34:b9:74:eb:
e0:95:e6:f1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXQQGf8h7KbuJWg/GjqLd5hiO0UcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwMTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiYzI2NTM1ODVmNjRkMWIxNjM0ZjgxOTgyYWQwOGVjODVlMDY5NzI1ODEy
N2YxNjk4ZjYzYzllMWQ5MzY0NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvVXnfHj45jCylxB2CP9cYQ/61HBLVdyi5AsdQCl4KfpU7hTB/uQ/312HM9
kTAjFmkNhpauc0ERng5nuuNz5bTwPBvl/Maewsx7QL/ah7VYhb9JWpkN8XeCkxkI
tWPnz5gYnSaRsg1+mBvfDxMzGbJfmYMjAC6t+3hYscwVbS3NDlbdGXmVA6IDXlO7
g8+dGWFB0f9A9H9LYtbiGv95EN8lA4GrWIH/Geul5pL8zcmARKT3Yj5jfJ4qbsLT
mkKR95tzPfXQNAVttzx+n4cRuYZFElEuB8DoWM6rIU8bFqlOBqEue4Rj9WqD6HP7
dEdWwTs1/PT1VIxWNVBEd6neAsMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcc+Vy
r4QfJ05sCUNjDft49s9AxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E2ZDVjNGQtNDBkZC00NTc3LTk1MjAtYTJhYzI4NmM4MTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
wDANBgkqhkiG9w0BAQsFAAOCAQEAV3E9hHAFNjk56s6DCjRONZwQFh/DoTkBGEUB
ihT7x2EMTV+W0f0xkyg3xsZYUawe88d7FQij5H/YBa3ir102IA4Y5SeWtCepAtMS
VVrtqNMwSIK0ovTSHgVisEeWoJeYeSti5Mu5pE7hmpy/XHXfVRkUs+IebRnTjMnQ
EHxKpLIw9YU22P04CQagDXxlQ2mMDhoZ+i1UV/j7ED9kRQ11RhM6T4dOtQpc+KcX
56r5JzMyztjBtGOzlxWGwi7aajr3kUlQo/Epn174jGpjUsW95c4XfNLLQhyTwkuz
VeWBmQW5+TAnJSEt7oegmjW28+PX5ZDrDMAnymk0uXTr4JXm8Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:10 2025 by rpki-client