Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90397a9d-b89a-4b45-b519-625f69fe173f.roa
File: 90397a9d-b89a-4b45-b519-625f69fe173f.roa (raw, json)
Hash identifier: H7uLOWXnityIXvoQdHxPxr4Pfx49CrW9Ntxn2iGf2i8=
Subject key identifier: 23:50:1B:EE:16:C9:86:5B:A3:CD:3B:10:8B:F0:92:1E:35:D2:0D:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51F3C6CD23FF1E8B60AD51A354013673803C3268
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90397a9d-b89a-4b45-b519-625f69fe173f.roa
Signing time: Mon 16 Jun 2025 20:40:23 +0000
ROA not before: Mon 16 Jun 2025 20:40:23 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:10c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:f3:c6:cd:23:ff:1e:8b:60:ad:51:a3:54:01:36:73:80:3c:32:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:40:23 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=373bd24b0e0aa3871ea424283cc0f6d86c3f1586c419db5e2a3bc94ed549d558, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:52:48:d7:28:1e:4f:20:99:64:81:a2:c1:83:
47:bf:bf:a2:df:ad:1e:3c:69:a0:7e:8d:1b:55:31:
da:5a:fb:ef:34:46:e6:ea:42:4f:b8:dc:e4:2b:58:
38:43:15:00:61:8f:7c:04:d1:3f:45:5c:12:39:19:
94:ef:4b:ec:68:57:57:fd:f3:90:25:1a:26:7d:37:
43:80:b7:96:78:dc:1d:7d:6b:d2:a3:8d:3a:ef:b8:
90:ea:f8:d6:c3:e6:68:90:9a:6d:77:d2:d7:51:29:
87:26:a2:4f:d7:e9:01:d9:42:b5:a0:59:a7:37:0f:
63:0a:85:65:fe:ae:85:76:b3:f4:b4:d0:33:c8:9d:
5e:24:98:08:f3:9c:7c:48:46:3e:1b:53:de:a2:3d:
fd:1b:4d:f4:32:ee:d1:4d:6a:cf:0a:4d:7f:b6:fd:
fe:f5:39:cc:54:1e:4e:b7:ce:1e:de:a2:cf:2d:89:
85:c8:55:fd:97:59:c1:39:98:84:0a:c5:a7:95:02:
6b:33:98:5a:6d:75:fe:1e:53:8d:c4:26:fd:f9:dd:
30:4f:fe:f3:1d:12:11:45:a0:dd:1a:3d:53:8b:dc:
bf:35:52:7e:1a:44:1d:16:7c:98:72:ea:87:fe:14:
88:5d:a7:82:10:4e:30:80:b0:f3:25:35:b4:1a:c0:
de:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:50:1B:EE:16:C9:86:5B:A3:CD:3B:10:8B:F0:92:1E:35:D2:0D:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90397a9d-b89a-4b45-b519-625f69fe173f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:10c0::/46
Signature Algorithm: sha256WithRSAEncryption
09:2b:f8:a7:d5:1c:9b:c6:cd:e2:31:28:d0:4a:45:c6:3a:00:
e2:a0:f8:fc:3a:41:a6:57:20:6e:51:ea:e2:c1:8f:c8:f2:36:
69:73:d2:f2:cb:4f:f8:08:f7:3c:68:bd:d3:f7:9e:2a:be:1d:
cc:d0:eb:82:b6:1c:ad:a9:b4:c5:48:ef:6b:0f:bc:b8:ea:80:
4d:4e:14:2c:da:5d:7a:3d:5e:ca:3b:69:28:a2:50:87:ca:b8:
06:1a:c8:8d:27:25:57:ec:01:55:71:e7:c3:75:73:f9:7c:c2:
0a:3a:4f:a1:74:44:ff:a1:aa:3c:2e:51:2e:31:55:59:20:1f:
3a:e2:c3:5f:30:eb:d9:af:9c:40:3d:5e:22:d6:c7:ed:9d:ce:
48:27:28:6c:57:30:7a:6f:d7:b1:b5:51:02:f9:3c:02:79:e5:
a0:21:a2:b5:14:6b:e1:ac:f5:16:5c:0e:38:51:a2:9e:a7:62:
f7:4a:f1:a8:ae:c4:1f:b8:11:ed:25:5d:00:56:a6:0f:60:d5:
17:85:67:22:9a:83:be:1a:50:37:97:d3:dd:2e:05:e9:71:9e:
2c:fc:39:e8:74:6c:16:5c:95:67:38:0f:df:49:49:08:41:96:
43:9b:9a:b9:fc:03:dc:e4:fc:f9:50:01:8a:84:f5:0c:71:6a:
89:cb:ba:4c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUfPGzSP/HotgrVGjVAE2c4A8MmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQwMjNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3M2JkMjRiMGUwYWEzODcxZWE0MjQyODNjYzBmNmQ4NmMzZjE1ODZjNDE5
ZGI1ZTJhM2JjOTRlZDU0OWQ1NTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRSSNcoHk8gmWSBosGDR7+/ot+tHjxpoH6NG1Ux2lr77zRG5upCT7jc5CtY
OEMVAGGPfATRP0VcEjkZlO9L7GhXV/3zkCUaJn03Q4C3lnjcHX1r0qONOu+4kOr4
1sPmaJCabXfS11EphyaiT9fpAdlCtaBZpzcPYwqFZf6uhXaz9LTQM8idXiSYCPOc
fEhGPhtT3qI9/RtN9DLu0U1qzwpNf7b9/vU5zFQeTrfOHt6izy2JhchV/ZdZwTmY
hArFp5UCazOYWm11/h5TjcQm/fndME/+8x0SEUWg3Ro9U4vcvzVSfhpEHRZ8mHLq
h/4UiF2nghBOMICw8yU1tBrA3m8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQjUBvu
FsmGW6PNOxCL8JIeNdIN1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTAzOTdhOWQtYjg5YS00YjQ1LWI1MTktNjI1ZjY5ZmUxNzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUQ
wDANBgkqhkiG9w0BAQsFAAOCAQEACSv4p9Ucm8bN4jEo0EpFxjoA4qD4/DpBplcg
blHq4sGPyPI2aXPS8stP+Aj3PGi90/eeKr4dzNDrgrYcram0xUjvaw+8uOqATU4U
LNpdej1eyjtpKKJQh8q4BhrIjSclV+wBVXHnw3Vz+XzCCjpPoXRE/6GqPC5RLjFV
WSAfOuLDXzDr2a+cQD1eItbH7Z3OSCcobFcwem/XsbVRAvk8AnnloCGitRRr4az1
FlwOOFGinqdi90rxqK7EH7gR7SVdAFamD2DVF4VnIpqDvhpQN5fT3S4F6XGeLPw5
6HRsFlyVZzgP30lJCEGWQ5uaufwD3OT8+VABioT1DHFqicu6TA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:25 2025 by rpki-client