Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84f9d9fa-59fe-4651-a60a-2561da098ccb.roa
File: 84f9d9fa-59fe-4651-a60a-2561da098ccb.roa (raw, json)
Hash identifier: p0ikdD8kfyG1cHRrWD6V81e1j4Y5H9Lk2KqZOATKQgc=
Subject key identifier: DC:8B:03:77:6B:BD:D6:BE:35:6C:8C:6E:D0:9C:3D:DF:5D:73:2E:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5969F38DB17945080F79DAF8A72C855DF0A65774
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84f9d9fa-59fe-4651-a60a-2561da098ccb.roa
Signing time: Mon 16 Jun 2025 20:50:10 +0000
ROA not before: Mon 16 Jun 2025 20:50:10 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:69:f3:8d:b1:79:45:08:0f:79:da:f8:a7:2c:85:5d:f0:a6:57:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:50:10 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e3ec4da002b6563587369c83c562c4ba7daacf22d3bffe52028e263b06d40c7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:95:91:e5:14:28:36:06:d7:ed:35:7a:5f:65:
98:6c:c8:4e:63:06:69:53:87:ca:16:b1:94:97:44:
2d:44:51:89:b4:ab:eb:ea:27:8b:aa:58:b9:ed:a1:
13:81:6f:c8:81:b6:88:d3:d5:58:4f:39:a5:f7:b6:
92:58:01:0c:8e:ef:7e:c2:a7:d5:5d:cd:56:97:38:
d7:74:ca:8d:50:d9:13:36:2e:11:b8:26:65:ce:21:
79:f7:ad:36:59:d1:c2:73:28:dd:82:d4:ad:fb:24:
1a:41:36:49:96:3b:c1:98:db:af:6f:f5:97:7a:17:
12:48:b8:99:42:26:26:81:9a:b9:e4:a5:27:60:f2:
f9:f0:5c:88:15:20:00:da:6d:c3:92:b8:da:95:f6:
38:0f:ac:6a:ae:53:cc:e1:fe:fb:0d:e3:9d:e0:ed:
cd:a7:6f:5b:41:c3:ea:cc:a4:d6:e6:c1:99:f9:6c:
b7:7c:59:09:66:7f:60:64:4f:19:8c:cd:54:17:97:
ec:08:1e:36:73:eb:52:d3:6f:4a:25:58:50:bc:88:
39:d5:bc:7a:21:a9:76:64:cb:60:a1:2e:f2:da:f1:
c1:cf:a9:d9:d3:66:fc:66:0e:27:a9:8c:0c:91:d3:
37:4a:3a:32:be:db:69:52:11:e2:be:2a:26:65:45:
13:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8B:03:77:6B:BD:D6:BE:35:6C:8C:6E:D0:9C:3D:DF:5D:73:2E:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84f9d9fa-59fe-4651-a60a-2561da098ccb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8080::/46
Signature Algorithm: sha256WithRSAEncryption
9e:8e:60:1b:93:5e:67:7b:ec:39:5f:18:3a:97:3d:91:fd:4e:
e2:e2:9f:45:a3:3e:d0:8f:80:42:e2:ca:b2:82:5a:c2:67:9e:
38:dd:d6:67:c6:79:3f:19:a7:e4:ce:9f:3d:72:33:a6:d5:02:
96:bb:2b:75:5d:ba:f7:06:37:fd:4c:d5:10:4b:fa:58:94:72:
c0:20:25:9c:e3:13:34:b6:e5:ae:ca:c6:ea:a3:89:7e:a6:cd:
96:76:b0:85:7c:09:49:3e:ea:61:d4:78:59:4d:1e:9b:00:2f:
e3:a3:d6:4b:b4:34:dc:5e:c1:53:f6:60:53:96:ea:2e:5c:46:
50:91:52:b3:1d:ec:37:97:44:d2:03:5d:16:38:c6:7e:64:87:
df:54:b2:25:2a:e8:65:cc:16:7e:ab:26:83:14:87:4c:b8:84:
83:b3:51:06:6c:fe:a5:7f:f4:2b:ac:fc:fd:85:98:16:b6:a3:
34:aa:3c:ce:d2:1b:ea:92:b4:c9:86:8f:1b:ef:f4:c3:6f:b4:
50:00:23:71:ee:ae:ea:7a:ae:d8:83:62:0b:be:29:91:fc:01:
9f:ee:c4:07:b2:d0:b4:53:bc:f9:bd:ae:b9:5f:b9:ad:9b:04:
fc:47:ef:5d:2e:e0:2e:85:a1:6e:5e:1d:e8:9d:2b:73:16:92:
bf:35:30:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWWnzjbF5RQgPedr4pyyFXfCmV3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUwMTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzZWM0ZGEwMDJiNjU2MzU4NzM2OWM4M2M1NjJjNGJhN2RhYWNmMjJkM2Jm
ZmU1MjAyOGUyNjNiMDZkNDBjN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGVkeUUKDYG1+01el9lmGzITmMGaVOHyhaxlJdELURRibSr6+oni6pYue2h
E4FvyIG2iNPVWE85pfe2klgBDI7vfsKn1V3NVpc413TKjVDZEzYuEbgmZc4hefet
NlnRwnMo3YLUrfskGkE2SZY7wZjbr2/1l3oXEki4mUImJoGaueSlJ2Dy+fBciBUg
ANptw5K42pX2OA+saq5TzOH++w3jneDtzadvW0HD6syk1ubBmflst3xZCWZ/YGRP
GYzNVBeX7AgeNnPrUtNvSiVYULyIOdW8eiGpdmTLYKEu8trxwc+p2dNm/GYOJ6mM
DJHTN0o6Mr7baVIR4r4qJmVFE6sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTciwN3
a73WvjVsjG7QnD3fXXMuEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODRmOWQ5ZmEtNTlmZS00NjUxLWE2MGEtMjU2MWRhMDk4Y2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
gDANBgkqhkiG9w0BAQsFAAOCAQEAno5gG5NeZ3vsOV8YOpc9kf1O4uKfRaM+0I+A
QuLKsoJawmeeON3WZ8Z5Pxmn5M6fPXIzptUClrsrdV269wY3/UzVEEv6WJRywCAl
nOMTNLblrsrG6qOJfqbNlnawhXwJST7qYdR4WU0emwAv46PWS7Q03F7BU/ZgU5bq
LlxGUJFSsx3sN5dE0gNdFjjGfmSH31SyJSroZcwWfqsmgxSHTLiEg7NRBmz+pX/0
K6z8/YWYFrajNKo8ztIb6pK0yYaPG+/0w2+0UAAjce6u6nqu2INiC74pkfwBn+7E
B7LQtFO8+b2uuV+5rZsE/EfvXS7gLoWhbl4d6J0rcxaSvzUw+Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:42 2025 by rpki-client