Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
File: 82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa (raw, json)
Hash identifier: sSB0pgIAQ8qDiq3hSgYBwMXklgzpQWgBxDYaImD3t9k=
Subject key identifier: 49:CE:7A:F1:2B:B0:D8:FA:27:39:E5:4E:C7:87:84:BB:CB:3B:F4:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71F124DDE37CCD3F0F92517A094AEB4219E2059C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
Signing time: Thu 26 Jun 2025 19:52:12 +0000
ROA not before: Thu 26 Jun 2025 19:52:12 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:f1:24:dd:e3:7c:cd:3f:0f:92:51:7a:09:4a:eb:42:19:e2:05:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:52:12 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=bda139eea920dcc91b54e61544c1810dcc58e9851a2f50222f231d9d51c4f8cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:cd:ca:d9:29:16:d5:27:36:96:d2:c0:ff:db:
38:7c:7a:05:f3:05:7e:ad:47:15:cf:2a:f1:9f:95:
51:d7:3e:a9:4d:19:3c:b2:02:80:6e:bc:4c:86:8e:
08:16:23:3a:e2:a4:ec:ea:06:7e:d9:1d:25:52:53:
68:f5:36:46:96:de:46:1a:d2:1d:3c:a2:f5:8f:03:
83:42:b6:73:49:28:20:46:00:a6:87:38:17:15:87:
41:10:10:f3:b1:5f:e7:bf:31:5d:e0:61:66:05:47:
67:15:37:97:2c:5d:4f:96:ed:40:f5:7d:0a:06:80:
01:82:a5:c5:37:24:72:6b:95:8a:c2:fc:af:36:7d:
70:99:e9:70:e9:41:b3:74:31:c3:bb:07:cb:8c:61:
e3:fd:24:e3:f3:78:f6:e3:01:59:17:bb:28:c7:1a:
0a:9c:69:c3:1f:92:3f:12:8c:db:b5:ec:39:1a:c0:
2f:2d:5f:0a:4f:de:20:bf:0e:c7:e5:c2:c8:a4:1a:
9d:fa:5b:2b:74:de:43:14:6d:d2:9d:5f:70:75:36:
fa:ec:dc:58:d0:4d:84:de:de:cc:19:ce:db:c4:34:
4e:3d:9d:94:16:4f:11:62:05:ef:99:cc:33:98:16:
5c:73:a4:8c:12:47:1c:4d:3a:7b:5b:a1:25:ad:b6:
a5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CE:7A:F1:2B:B0:D8:FA:27:39:E5:4E:C7:87:84:BB:CB:3B:F4:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c000::/40
Signature Algorithm: sha256WithRSAEncryption
c5:29:43:65:03:cf:6f:e6:80:85:f5:34:c6:fd:f0:1d:34:19:
33:6d:d7:74:2d:d2:90:30:a6:5d:84:2f:54:df:32:0c:a2:04:
d8:d7:9b:da:ac:e0:46:ea:61:5c:ee:db:a4:a5:9d:28:10:16:
f1:75:73:b1:9b:14:44:48:d3:b2:ad:17:68:66:7b:35:5c:ae:
91:df:15:1b:72:8c:cf:26:1c:74:03:db:4f:80:1f:a1:47:75:
de:47:57:27:93:2f:79:23:cb:d5:72:01:b7:23:84:4b:97:c5:
a8:22:48:98:50:25:64:cc:15:26:6c:5a:94:2d:ca:a8:78:a3:
3d:50:46:bf:a7:bf:60:73:e6:03:c0:44:b2:b0:7c:8a:1b:ed:
61:1c:00:91:f4:8c:9f:64:30:d9:c4:8f:45:a4:58:9c:7d:72:
fd:9c:e4:df:17:92:66:94:82:c1:83:87:0d:24:a4:d7:c6:3f:
48:3b:4d:3f:9e:c9:ee:1a:e9:f0:35:18:89:24:3f:95:10:e1:
f3:b1:96:6e:31:9a:8d:2c:57:4e:3d:29:d4:4b:15:9a:c8:61:
88:14:df:88:50:8a:4c:c7:0f:90:02:0a:a2:1e:e6:2c:11:8c:
bb:57:3e:e7:b2:f2:5d:0e:d7:b6:6c:0a:c8:61:79:6e:55:8e:
4e:83:19:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcfEk3eN8zT8PklF6CUrrQhniBZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTUyMTJaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkYTEzOWVlYTkyMGRjYzkxYjU0ZTYxNTQ0YzE4MTBkY2M1OGU5ODUxYTJm
NTAyMjJmMjMxZDlkNTFjNGY4Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPDNytkpFtUnNpbSwP/bOHx6BfMFfq1HFc8q8Z+VUdc+qU0ZPLICgG68TIaO
CBYjOuKk7OoGftkdJVJTaPU2RpbeRhrSHTyi9Y8Dg0K2c0koIEYApoc4FxWHQRAQ
87Ff578xXeBhZgVHZxU3lyxdT5btQPV9CgaAAYKlxTckcmuVisL8rzZ9cJnpcOlB
s3Qxw7sHy4xh4/0k4/N49uMBWRe7KMcaCpxpwx+SPxKM27XsORrALy1fCk/eIL8O
x+XCyKQanfpbK3TeQxRt0p1fcHU2+uzcWNBNhN7ezBnO28Q0Tj2dlBZPEWIF75nM
M5gWXHOkjBJHHE06e1uhJa22peUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJznrx
K7DY+ic55U7Hh4S7yzv03DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODJkOWI2MTktYTZkYy00NGM0LTk1ODktZjg5ZmVmMmU2MWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HPA
MA0GCSqGSIb3DQEBCwUAA4IBAQDFKUNlA89v5oCF9TTG/fAdNBkzbdd0LdKQMKZd
hC9U3zIMogTY15varOBG6mFc7tukpZ0oEBbxdXOxmxRESNOyrRdoZns1XK6R3xUb
cozPJhx0A9tPgB+hR3XeR1cnky95I8vVcgG3I4RLl8WoIkiYUCVkzBUmbFqULcqo
eKM9UEa/p79gc+YDwESysHyKG+1hHACR9IyfZDDZxI9FpFicfXL9nOTfF5JmlILB
g4cNJKTXxj9IO00/nsnuGunwNRiJJD+VEOHzsZZuMZqNLFdOPSnUSxWayGGIFN+I
UIpMxw+QAgqiHuYsEYy7Vz7nsvJdDte2bArIYXluVY5OgxnM
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:06 2025 by rpki-client