Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
File: 9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa (raw, json)
Hash identifier: 7D2WffL3tomTfBj1oyhrXHhtVrSQigvOrKBDov6D6s4=
Subject key identifier: D8:5C:AC:BC:A3:4A:55:3C:51:70:F9:A6:E9:6F:B7:1F:6D:5B:7F:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2059B4C8921022ABE52A546DE2C71E8CDD62220C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
Signing time: Mon 16 Jun 2025 21:50:16 +0000
ROA not before: Mon 16 Jun 2025 21:50:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:59:b4:c8:92:10:22:ab:e5:2a:54:6d:e2:c7:1e:8c:dd:62:22:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:50:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e979535d4e4cd886d50a8726f51f70ff8fda1c2ffc7c2f2a93ac8b893ad9bd63, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:57:1d:60:30:02:25:ab:f4:59:b7:ed:56:06:
b3:48:88:41:eb:44:22:b6:6c:62:b2:87:35:ab:4d:
d5:1e:c7:1f:7f:4e:f5:b0:e6:5d:71:85:ee:ed:aa:
e4:b1:3c:11:d4:9c:b8:82:dc:bc:d4:b6:93:9a:6b:
3b:60:58:25:37:74:cf:1f:23:d9:35:da:fd:4a:21:
14:b9:55:fb:21:85:29:84:59:d9:35:67:11:d5:c8:
13:6d:05:74:01:28:bb:00:1f:53:a6:08:71:36:f3:
60:c1:73:17:40:ea:6c:93:33:ce:d8:52:65:45:9e:
63:4a:53:c5:cb:d5:ac:a6:6e:6d:94:c7:c2:28:4f:
02:e0:ec:76:48:db:c5:d4:f2:ea:0c:01:bf:ac:bd:
94:e6:4e:a0:fd:86:c6:f0:b1:d7:d0:6b:23:18:69:
e8:a5:36:8f:d5:2a:07:53:67:a9:6c:f9:75:e6:d1:
e8:e5:59:c3:f6:c0:8b:9a:5a:e4:cf:42:ff:b6:16:
f7:41:29:03:5c:49:b3:c5:b6:21:30:ff:c4:19:72:
76:7c:98:81:ac:94:0a:29:33:09:27:bf:f7:98:68:
c7:07:af:53:35:5c:86:bb:b6:9d:7e:e0:07:a9:a4:
be:37:30:c4:6e:fd:56:3f:6c:0d:11:f6:d2:f3:c2:
19:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5C:AC:BC:A3:4A:55:3C:51:70:F9:A6:E9:6F:B7:1F:6D:5B:7F:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070::/32
Signature Algorithm: sha256WithRSAEncryption
79:13:bd:e5:33:1a:f4:d9:d6:7a:e8:71:63:4a:40:8d:d4:7b:
2c:08:49:b4:13:db:41:c6:4d:f8:c2:68:f3:36:70:37:63:6b:
de:39:30:ce:3d:b7:ce:f9:1c:a7:b6:74:21:39:80:74:d2:a8:
e6:51:c8:c5:b5:36:ff:61:fc:d8:d7:ef:1a:bf:8f:0d:bf:f2:
87:b0:ef:f8:d1:3c:08:98:86:84:91:f0:ed:b2:cb:cb:c8:40:
c5:7f:1b:fd:3d:b1:3c:d4:dc:c8:48:34:2e:4a:b2:36:cc:ab:
98:9f:c5:63:f9:28:fe:a2:66:a7:eb:80:f4:ba:75:5d:8e:51:
d6:1d:e7:b7:d3:a0:7e:e6:10:ba:b4:7b:8d:64:17:58:d6:d0:
a8:fa:e5:c9:f4:0c:f6:04:53:97:f1:ca:a9:a0:1f:a8:11:6f:
ae:11:5d:e9:1b:4d:0c:94:0b:e8:7a:42:cc:6f:ef:1c:9e:ee:
84:ec:bc:c5:11:1b:cb:df:90:c5:77:e1:c7:32:73:d2:c7:9d:
28:d2:3f:cf:87:d2:41:b7:0f:34:c3:b7:0b:c1:80:f3:24:44:
df:83:aa:95:24:de:19:9a:78:1d:4e:fe:c3:eb:26:3f:cb:55:
58:b8:a6:c3:c6:9e:2e:3c:1e:88:c5:0d:22:f8:da:ef:80:11:
82:1c:8c:52
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUIFm0yJIQIqvlKlRt4scejN1iIgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTUwMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5Nzk1MzVkNGU0Y2Q4ODZkNTBhODcyNmY1MWY3MGZmOGZkYTFjMmZmYzdj
MmYyYTkzYWM4Yjg5M2FkOWJkNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZXHWAwAiWr9Fm37VYGs0iIQetEIrZsYrKHNatN1R7HH39O9bDmXXGF7u2q
5LE8EdScuILcvNS2k5prO2BYJTd0zx8j2TXa/UohFLlV+yGFKYRZ2TVnEdXIE20F
dAEouwAfU6YIcTbzYMFzF0DqbJMzzthSZUWeY0pTxcvVrKZubZTHwihPAuDsdkjb
xdTy6gwBv6y9lOZOoP2GxvCx19BrIxhp6KU2j9UqB1NnqWz5debR6OVZw/bAi5pa
5M9C/7YW90EpA1xJs8W2ITD/xBlydnyYgayUCikzCSe/95hoxwevUzVchru2nX7g
B6mkvjcwxG79Vj9sDRH20vPCGSECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTYXKy8
o0pVPFFw+abpb7cfbVt/6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTExOWEwMWUtMmJiNC00ZDY5LTkzMjUtNWY0YWE4ZmI4YmU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HAw
DQYJKoZIhvcNAQELBQADggEBAHkTveUzGvTZ1nrocWNKQI3UeywISbQT20HGTfjC
aPM2cDdja945MM49t875HKe2dCE5gHTSqOZRyMW1Nv9h/NjX7xq/jw2/8oew7/jR
PAiYhoSR8O2yy8vIQMV/G/09sTzU3MhINC5KsjbMq5ifxWP5KP6iZqfrgPS6dV2O
UdYd57fToH7mELq0e41kF1jW0Kj65cn0DPYEU5fxyqmgH6gRb64RXekbTQyUC+h6
Qsxv7xye7oTsvMURG8vfkMV34ccyc9LHnSjSP8+H0kG3DzTDtwvBgPMkRN+DqpUk
3hmaeB1O/sPrJj/LVVi4psPGni48HojFDSL42u+AEYIcjFI=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:10 2025 by rpki-client