Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
File: 92652652-28d6-49c1-8ea6-f5079f374345.roa (raw, json)
Hash identifier: 2WZemMI4Q8UeC0svOwN1756PdtPXr8b2mNFVJlf5JLc=
Subject key identifier: 96:37:06:01:36:9D:0C:86:A4:74:11:A4:5D:F7:08:E1:26:7B:84:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4433AD3A2708F0EFC6F4D36E64CD19A5D5D17029
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
Signing time: Mon 16 Jun 2025 20:11:29 +0000
ROA not before: Mon 16 Jun 2025 20:11:29 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:33:ad:3a:27:08:f0:ef:c6:f4:d3:6e:64:cd:19:a5:d5:d1:70:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:29 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=6c85815d928bbe7c0b3bf7fdd7235b89541dec9c6a0abea61fd82b3f1cbff49f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:31:d7:2c:ef:20:f1:16:eb:75:3c:21:f3:7c:
1d:7e:43:87:f6:19:56:31:30:39:91:c5:7d:00:62:
85:33:e9:75:13:f5:61:ea:48:d0:82:ca:5e:90:a5:
04:e7:d8:55:34:e0:ed:73:4f:26:87:4e:63:c2:d4:
2d:17:a0:60:c4:18:88:60:25:69:ca:c0:83:05:8e:
88:8f:43:64:a3:1a:ff:f0:dc:ad:f2:fe:89:48:05:
0a:53:d0:89:10:d4:4e:11:52:cc:ff:4f:8c:d1:ec:
3e:c6:ab:f0:86:29:b3:c7:20:80:09:f7:84:0d:2f:
00:66:e4:a2:4f:93:c2:d5:4b:bf:af:bf:5c:88:88:
ea:60:f1:3c:e5:4d:01:a9:82:a9:59:99:28:65:e8:
95:85:66:e1:2e:bc:f9:48:e3:ea:a6:76:dc:55:63:
c3:7e:1d:0b:95:e1:ae:10:25:d6:d6:a2:d4:79:60:
43:f2:25:eb:ab:f1:e8:2f:e8:e7:fa:12:9c:60:58:
b8:db:06:e1:12:30:fb:83:4d:87:43:2a:d9:32:08:
9b:a9:df:24:bc:f1:43:5a:ff:a3:2d:ea:70:d0:d2:
bf:57:11:3e:e4:3f:e3:7c:71:29:9a:74:f5:06:12:
f5:02:11:a6:ce:d8:4e:97:a3:c3:e5:fc:e8:b1:e2:
6f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:37:06:01:36:9D:0C:86:A4:74:11:A4:5D:F7:08:E1:26:7B:84:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4060::/48
Signature Algorithm: sha256WithRSAEncryption
2d:48:45:23:5b:5e:ce:59:aa:3e:08:51:85:da:03:89:4c:72:
f7:eb:2b:61:74:c3:68:71:39:1e:27:ad:78:81:e5:06:c1:34:
1f:ea:d9:42:40:21:c2:44:b4:9f:75:13:67:3c:38:2f:6d:72:
f4:61:9b:06:41:76:da:d6:8c:3f:b7:47:6a:67:94:97:cf:39:
aa:51:16:22:29:65:bb:60:d3:c7:eb:81:4e:a4:a9:a1:82:94:
82:25:b5:a9:f6:d6:6c:55:fc:c2:89:86:e9:c3:c3:36:69:a0:
d5:b5:5d:fd:2f:48:20:0b:07:ff:c0:79:45:f9:67:45:47:5f:
ef:a1:be:5e:55:66:51:ab:90:cc:2c:7f:9b:eb:b1:c4:1e:fc:
f5:4d:01:ab:40:da:26:95:8e:11:04:fd:48:50:c7:bd:6b:1c:
eb:ef:f1:ce:77:b5:3f:08:00:07:f5:a5:16:87:43:98:5d:69:
28:ca:6b:b7:95:22:7d:4d:b1:b2:46:20:8f:15:d9:5b:4f:52:
a0:bd:bb:81:bb:d3:62:ac:12:4a:35:04:cc:81:b3:24:73:76:
be:3d:24:72:6b:26:d3:bf:8e:b2:d9:e7:a5:21:92:2f:48:63:
a6:85:b8:8c:d9:53:8d:1f:fe:4c:00:39:ac:d3:e1:ee:da:a0:
8c:91:a3:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURDOtOicI8O/G9NNuZM0ZpdXRcCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMjlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjODU4MTVkOTI4YmJlN2MwYjNiZjdmZGQ3MjM1Yjg5NTQxZGVjOWM2YTBh
YmVhNjFmZDgyYjNmMWNiZmY0OWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0x1yzvIPEW63U8IfN8HX5Dh/YZVjEwOZHFfQBihTPpdRP1YepI0ILKXpCl
BOfYVTTg7XNPJodOY8LULRegYMQYiGAlacrAgwWOiI9DZKMa//DcrfL+iUgFClPQ
iRDUThFSzP9PjNHsPsar8IYps8cggAn3hA0vAGbkok+TwtVLv6+/XIiI6mDxPOVN
AamCqVmZKGXolYVm4S68+Ujj6qZ23FVjw34dC5XhrhAl1tai1HlgQ/Il66vx6C/o
5/oSnGBYuNsG4RIw+4NNh0Mq2TIIm6nfJLzxQ1r/oy3qcNDSv1cRPuQ/43xxKZp0
9QYS9QIRps7YTpejw+X86LHibxkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSWNwYB
Np0MhqR0EaRd9wjhJnuE0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI2NTI2NTItMjhkNi00OWMxLThlYTYtZjUwNzlmMzc0MzQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
YDANBgkqhkiG9w0BAQsFAAOCAQEALUhFI1tezlmqPghRhdoDiUxy9+srYXTDaHE5
HieteIHlBsE0H+rZQkAhwkS0n3UTZzw4L21y9GGbBkF22taMP7dHameUl885qlEW
Iillu2DTx+uBTqSpoYKUgiW1qfbWbFX8womG6cPDNmmg1bVd/S9IIAsH/8B5Rfln
RUdf76G+XlVmUauQzCx/m+uxxB789U0Bq0DaJpWOEQT9SFDHvWsc6+/xzne1PwgA
B/WlFodDmF1pKMprt5UifU2xskYgjxXZW09SoL27gbvTYqwSSjUEzIGzJHN2vj0k
cmsm07+OstnnpSGSL0hjpoW4jNlTjR/+TAA5rNPh7tqgjJGjhQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:10:51 2025 by rpki-client