Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
File: 91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa (raw, json)
Hash identifier: b0JkprlDCWUmgknwZy+ZKMfTPLe8DkB/sB/MAF3PMBA=
Subject key identifier: B5:52:69:2A:99:74:5A:7F:48:AF:2B:57:69:B4:63:0C:4F:4E:AE:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6495DC3B53E99A6072AB198DA5A09018DC6DC171
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
Signing time: Mon 16 Jun 2025 19:41:17 +0000
ROA not before: Mon 16 Jun 2025 19:41:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:95:dc:3b:53:e9:9a:60:72:ab:19:8d:a5:a0:90:18:dc:6d:c1:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:41:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c232dc6ae30f80c19a341a092eac1d2f9f5cef882b50ee561d6c84663e3e479b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:84:37:16:f2:03:68:fb:52:38:41:4c:e3:ed:
ff:c9:68:53:42:28:0b:8f:f7:65:d9:5c:66:d2:82:
47:17:9d:1a:23:39:db:68:06:af:42:23:0c:f5:0c:
97:96:e8:5d:9f:84:26:0d:69:fd:0d:b1:df:90:fa:
e2:a7:72:65:38:15:5a:5d:8b:91:95:2d:0e:0d:c7:
9b:ca:f5:1c:bc:9d:fd:ac:f9:6f:a0:19:ba:64:8a:
0f:88:8b:ae:d5:69:4f:9c:74:d6:00:2c:75:ec:32:
82:28:4c:9f:e9:3a:5b:71:fb:20:da:3d:17:f2:53:
0a:78:81:e4:c6:b3:75:fc:2b:b2:18:a4:7b:67:68:
c3:3d:68:e5:40:09:a0:bd:61:49:4c:0a:ac:a5:bc:
44:0d:36:75:f4:f8:9d:b4:ab:3a:92:f6:d0:c5:7f:
a4:c0:61:5a:a5:66:0e:9d:a9:5e:ae:55:47:1a:ca:
3c:f2:6b:bc:d0:1b:f0:22:29:d6:df:7f:8e:b7:e6:
64:cc:4e:b3:40:e0:84:92:45:f9:f4:43:4a:6f:ef:
4d:e1:c6:93:f1:a1:ec:02:32:0f:d8:d7:ce:5e:f4:
73:91:a9:39:d2:98:25:65:b8:61:c1:9c:89:1d:14:
24:d5:e5:81:0d:d7:61:46:6e:07:80:b5:4d:20:d4:
45:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:52:69:2A:99:74:5A:7F:48:AF:2B:57:69:B4:63:0C:4F:4E:AE:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8080::/48
Signature Algorithm: sha256WithRSAEncryption
6b:11:6f:68:09:cf:54:89:47:f5:27:0e:0f:90:5e:e3:db:f9:
98:10:dc:43:ef:6c:83:e7:be:6b:f6:96:bd:16:48:6a:c5:0a:
88:60:1a:e2:50:06:40:a0:f1:73:62:68:f4:13:81:d0:72:ee:
01:10:e4:86:f2:5a:ff:35:bf:12:3a:61:03:b2:65:be:e9:16:
16:55:c8:7f:6b:ed:1a:cd:c0:e8:1f:2f:30:fd:d5:d4:06:ef:
0b:0e:5d:12:14:fa:c3:3e:9d:1f:1a:63:f6:f7:8f:3f:8e:c5:
66:64:18:c5:84:49:71:5c:ab:bd:92:4a:4a:5b:70:3e:10:13:
93:9a:56:0d:cd:62:57:a1:db:66:a9:c2:0b:ab:78:5a:85:a1:
67:f8:32:6c:25:88:61:b3:8f:79:3d:12:00:1c:c4:16:1e:50:
51:ee:55:78:d2:e0:4f:7c:8e:f9:6b:51:06:51:af:d6:05:97:
fc:ac:30:36:43:e4:e8:df:2f:ab:9d:01:ec:d4:6a:c1:83:e1:
99:b0:9b:57:fa:cf:f2:ae:da:73:7b:33:59:3b:de:d9:a3:da:
31:51:da:31:64:a0:da:0f:53:32:f1:be:57:26:a3:6d:21:e6:
9e:23:67:86:31:70:5f:0c:1e:28:12:61:3b:fe:f6:5b:9f:62:
6b:78:39:3a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZJXcO1PpmmByqxmNpaCQGNxtwXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQxMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMzJkYzZhZTMwZjgwYzE5YTM0MWEwOTJlYWMxZDJmOWY1Y2VmODgyYjUw
ZWU1NjFkNmM4NDY2M2UzZTQ3OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyENxbyA2j7UjhBTOPt/8loU0IoC4/3ZdlcZtKCRxedGiM522gGr0IjDPUM
l5boXZ+EJg1p/Q2x35D64qdyZTgVWl2LkZUtDg3Hm8r1HLyd/az5b6AZumSKD4iL
rtVpT5x01gAsdewygihMn+k6W3H7INo9F/JTCniB5Mazdfwrshike2dowz1o5UAJ
oL1hSUwKrKW8RA02dfT4nbSrOpL20MV/pMBhWqVmDp2pXq5VRxrKPPJrvNAb8CIp
1t9/jrfmZMxOs0DghJJF+fRDSm/vTeHGk/Gh7AIyD9jXzl70c5GpOdKYJWW4YcGc
iR0UJNXlgQ3XYUZuB4C1TSDURVUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS1Umkq
mXRaf0ivK1dptGMMT06uKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFlZTM2NTUtZGNiNC00MWM2LWI0YTQtMjcwY2E1Y2FjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
gDANBgkqhkiG9w0BAQsFAAOCAQEAaxFvaAnPVIlH9ScOD5Be49v5mBDcQ+9sg+e+
a/aWvRZIasUKiGAa4lAGQKDxc2Jo9BOB0HLuARDkhvJa/zW/EjphA7JlvukWFlXI
f2vtGs3A6B8vMP3V1AbvCw5dEhT6wz6dHxpj9vePP47FZmQYxYRJcVyrvZJKSltw
PhATk5pWDc1iV6HbZqnCC6t4WoWhZ/gybCWIYbOPeT0SABzEFh5QUe5VeNLgT3yO
+WtRBlGv1gWX/KwwNkPk6N8vq50B7NRqwYPhmbCbV/rP8q7ac3szWTve2aPaMVHa
MWSg2g9TMvG+VyajbSHmniNnhjFwXwweKBJhO/72W59ia3g5Og==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:50 2025 by rpki-client