Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa
File: 81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa (raw, json)
Hash identifier: eyqoULdp1WL/qZeQNiLTytUfqh0DI9Qsj2tmTNrIlu4=
Subject key identifier: 49:6E:39:E1:05:5D:DC:79:FB:4B:EC:12:72:C7:29:6E:1A:E2:B4:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 472FBA8D4BC38BE2CB4D301E9E5E2B41618A5B6B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa
Signing time: Mon 16 Jun 2025 20:30:15 +0000
ROA not before: Mon 16 Jun 2025 20:30:15 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:2f:ba:8d:4b:c3:8b:e2:cb:4d:30:1e:9e:5e:2b:41:61:8a:5b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:30:15 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=4669ad85ed6dda943e496abb6e66ce92a266097f766cf77ab77acc5d2599f21c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2f:60:2b:64:14:80:d2:1e:82:34:f3:20:25:
4c:eb:e5:70:d6:65:8c:e5:31:3c:a9:73:d4:b9:9b:
65:ab:db:dc:72:1b:56:cd:a9:7d:cd:81:ad:d7:5c:
9c:aa:42:5f:d8:c8:0b:45:ef:71:9e:09:79:93:53:
46:2d:d6:d8:38:0b:e6:82:48:8e:e4:06:f9:e4:49:
34:08:b0:4e:a5:d1:16:65:a8:f0:91:dc:56:7c:5a:
02:64:8b:24:32:6d:67:81:0a:d1:86:5d:39:32:a3:
f3:f2:8a:91:91:9e:ac:c6:77:43:37:97:4c:e7:53:
8f:5f:5f:d6:45:77:18:03:90:78:fc:8c:c4:7e:95:
b6:39:5a:be:80:15:50:10:ff:5b:1d:fa:4b:7e:fc:
c7:ab:62:ea:b1:0a:42:86:28:b8:ae:a8:bf:93:13:
64:9c:fe:2b:c8:53:41:2d:ff:42:d4:0d:ef:72:83:
92:58:0f:a2:ff:70:78:13:7d:80:0c:9a:ca:2c:84:
75:ab:ea:8f:33:17:29:0f:8f:de:c5:ee:9a:29:b1:
f7:aa:af:16:ae:0c:77:a1:be:eb:60:6d:9c:75:14:
37:b5:31:c1:a9:01:cd:55:d7:2d:ae:ab:82:41:84:
59:17:4e:c1:5a:9f:2d:89:b9:30:8b:d7:11:74:0b:
1c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:6E:39:E1:05:5D:DC:79:FB:4B:EC:12:72:C7:29:6E:1A:E2:B4:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e040::/48
Signature Algorithm: sha256WithRSAEncryption
1b:2a:fd:3c:1b:28:22:0c:43:47:91:a9:be:62:33:51:b4:14:
7c:2a:90:59:e3:46:a2:59:2f:61:3a:cb:95:6f:5d:63:7f:54:
37:0b:59:c1:45:2c:39:c8:25:d3:f3:b2:cf:f6:ee:59:ee:96:
40:6c:ca:ed:02:fc:5b:85:18:ed:3b:ce:df:b5:bb:60:bf:ec:
1b:df:b8:fc:1e:e1:22:eb:09:28:55:53:6d:97:f4:68:81:7c:
13:14:cb:1b:3e:d0:7b:3d:a5:48:00:6e:24:fa:b8:2c:2b:e4:
ab:1a:6d:1b:ab:37:f6:1b:a1:ce:b9:a2:b7:f5:fd:dc:e5:de:
9e:33:15:61:af:31:3e:02:86:b4:b8:4c:d3:6b:39:f7:7f:84:
41:68:8e:23:04:82:00:f1:6c:97:9b:10:3b:2a:e5:ff:b2:71:
b5:88:c1:c9:2c:e4:a3:d4:3b:89:04:e3:65:9f:da:c6:02:20:
af:3b:87:16:63:41:9b:99:65:eb:d8:6f:5d:0a:68:52:2e:aa:
0e:ab:92:fa:06:7a:20:dc:25:b2:3c:ad:f8:a8:40:db:e6:60:
f0:9d:fd:29:f3:fd:8f:7b:34:c9:15:44:ee:68:66:52:e7:33:
09:af:26:2d:6b:c4:b6:f1:5c:94:b9:3d:98:8b:37:c6:31:f8:
66:c6:e7:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURy+6jUvDi+LLTTAenl4rQWGKW2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMwMTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NjlhZDg1ZWQ2ZGRhOTQzZTQ5NmFiYjZlNjZjZTkyYTI2NjA5N2Y3NjZj
Zjc3YWI3N2FjYzVkMjU5OWYyMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8vYCtkFIDSHoI08yAlTOvlcNZljOUxPKlz1LmbZavb3HIbVs2pfc2Brddc
nKpCX9jIC0XvcZ4JeZNTRi3W2DgL5oJIjuQG+eRJNAiwTqXRFmWo8JHcVnxaAmSL
JDJtZ4EK0YZdOTKj8/KKkZGerMZ3QzeXTOdTj19f1kV3GAOQePyMxH6VtjlavoAV
UBD/Wx36S378x6ti6rEKQoYouK6ov5MTZJz+K8hTQS3/QtQN73KDklgPov9weBN9
gAyayiyEdavqjzMXKQ+P3sXumimx96qvFq4Md6G+62BtnHUUN7UxwakBzVXXLa6r
gkGEWRdOwVqfLYm5MIvXEXQLHA0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJbjnh
BV3ceftL7BJyxyluGuK05zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE1NTRmZjQtYTdmOS00MWU0LTkwZTktYjM3NjFkNjNjYjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
QDANBgkqhkiG9w0BAQsFAAOCAQEAGyr9PBsoIgxDR5GpvmIzUbQUfCqQWeNGolkv
YTrLlW9dY39UNwtZwUUsOcgl0/Oyz/buWe6WQGzK7QL8W4UY7TvO37W7YL/sG9+4
/B7hIusJKFVTbZf0aIF8ExTLGz7Qez2lSABuJPq4LCvkqxptG6s39huhzrmit/X9
3OXenjMVYa8xPgKGtLhM02s593+EQWiOIwSCAPFsl5sQOyrl/7JxtYjBySzko9Q7
iQTjZZ/axgIgrzuHFmNBm5ll69hvXQpoUi6qDquS+gZ6INwlsjyt+KhA2+Zg8J39
KfP9j3s0yRVE7mhmUuczCa8mLWvEtvFclLk9mIs3xjH4Zsbnwg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:29:59 2025 by rpki-client