Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
File: 92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa (raw, json)
Hash identifier: gUvDD2eFnzVrQthKNd08ymtKopDYNEV4/0oO6d2hjcs=
Subject key identifier: 1F:BC:49:6E:A0:3B:62:A7:68:1B:16:56:AB:72:D0:0B:72:9C:71:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A98D346F276C9CB3E66566DFC075F6DA9CD4FD7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
Signing time: Thu 26 Jun 2025 19:37:10 +0000
ROA not before: Thu 26 Jun 2025 19:37:10 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:4040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:98:d3:46:f2:76:c9:cb:3e:66:56:6d:fc:07:5f:6d:a9:cd:4f:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:10 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=e0718baaa4f44c5ba85be727793c281a9a3a1554d1a490c98f6a04dc500a3015, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:82:24:20:66:8c:8d:d1:9d:fc:63:6b:b7:71:
d5:32:a5:73:90:77:65:e6:5e:b0:3a:05:9d:ce:35:
ef:c4:9c:ea:31:e4:cd:30:2d:cc:d3:8e:13:a9:42:
19:9d:f0:a5:56:01:6a:5d:7c:ed:1d:d0:48:10:7c:
c9:15:6e:ca:14:5f:cd:22:ad:45:0b:86:aa:4c:ab:
be:ec:4d:73:e5:0e:34:04:4b:18:21:7b:39:2e:ed:
47:e7:21:e3:20:0c:e0:a3:8c:59:f6:bd:ab:69:6c:
8f:d5:6e:16:11:42:43:67:66:d2:bd:8d:27:ff:b8:
3f:ff:e3:55:2c:89:38:ad:a1:47:9d:f3:9c:34:e9:
60:c6:9a:76:d5:fc:7c:d9:5c:34:be:93:40:52:5c:
c1:5e:11:b8:60:ed:a3:9b:5c:70:d3:c9:60:a3:0f:
a8:3d:42:f5:f3:c3:7a:a3:2b:f1:79:58:cc:9f:f5:
9d:50:ab:c7:b0:fb:eb:cd:f5:f2:08:9a:44:2a:eb:
ac:28:ed:21:f7:fb:89:74:f1:be:68:1e:d5:7d:6f:
08:8b:a9:5a:52:87:75:6e:ab:02:a6:d1:85:01:17:
b9:93:bb:89:09:a4:0d:66:b0:84:d9:16:96:1f:f3:
5a:9c:47:52:44:b7:b9:5a:f8:39:df:01:df:aa:0c:
e5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:BC:49:6E:A0:3B:62:A7:68:1B:16:56:AB:72:D0:0B:72:9C:71:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92b31fa2-be1a-423e-9acb-0e2168c2faa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:4040::/46
Signature Algorithm: sha256WithRSAEncryption
a6:b9:52:f2:a5:76:e2:32:6c:d8:0a:f4:52:ac:07:4c:87:af:
98:ca:4d:1e:37:a4:72:0e:57:76:76:81:4e:de:ac:44:b0:18:
47:b3:5d:33:1f:03:ad:2b:29:b6:f3:e9:1c:79:4f:53:89:ec:
b3:07:19:95:4d:0e:da:01:e8:be:3d:6d:20:4d:9f:6a:be:39:
c4:4e:22:03:2a:9a:94:50:8c:85:35:d8:ca:8c:d2:4e:91:4c:
aa:dd:ae:9f:fb:bf:06:aa:e5:1a:72:be:fe:c8:67:01:c3:e6:
85:47:19:4d:ff:e6:df:5d:87:be:26:23:93:e2:2f:51:8b:13:
50:a1:9b:43:01:64:f2:03:c7:42:b0:4f:4e:80:8d:33:b5:7a:
84:f7:cc:dd:dd:12:8e:60:02:d2:80:81:ee:08:1e:5d:e3:f0:
de:79:f9:22:a5:f0:cf:15:c9:6a:b2:eb:f9:fd:62:52:30:4a:
fd:9e:01:1d:1a:0c:d2:b1:06:a6:70:7e:ee:89:d3:bb:f0:31:
ad:02:c8:d6:9a:0d:6c:f7:4c:90:e9:12:3e:87:0e:9b:f5:a1:
a4:58:02:77:be:e6:6f:f5:5a:a9:23:b4:91:62:9d:7e:d7:8d:
bb:28:af:52:a0:d2:dd:8e:74:c8:87:1d:24:19:53:5b:c4:e7:
77:ab:2e:9c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOpjTRvJ2ycs+ZlZt/AdfbanNT9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MTBaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwNzE4YmFhYTRmNDRjNWJhODViZTcyNzc5M2MyODFhOWEzYTE1NTRkMWE0
OTBjOThmNmEwNGRjNTAwYTMwMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeCJCBmjI3Rnfxja7dx1TKlc5B3ZeZesDoFnc4178Sc6jHkzTAtzNOOE6lC
GZ3wpVYBal187R3QSBB8yRVuyhRfzSKtRQuGqkyrvuxNc+UONARLGCF7OS7tR+ch
4yAM4KOMWfa9q2lsj9VuFhFCQ2dm0r2NJ/+4P//jVSyJOK2hR53znDTpYMaadtX8
fNlcNL6TQFJcwV4RuGDto5tccNPJYKMPqD1C9fPDeqMr8XlYzJ/1nVCrx7D76831
8giaRCrrrCjtIff7iXTxvmge1X1vCIupWlKHdW6rAqbRhQEXuZO7iQmkDWawhNkW
lh/zWpxHUkS3uVr4Od8B36oM5dsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfvElu
oDtip2gbFlarctALcpxxKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTJiMzFmYTItYmUxYS00MjNlLTlhY2ItMGUyMTY4YzJmYWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
QDANBgkqhkiG9w0BAQsFAAOCAQEAprlS8qV24jJs2Ar0UqwHTIevmMpNHjekcg5X
dnaBTt6sRLAYR7NdMx8DrSsptvPpHHlPU4nsswcZlU0O2gHovj1tIE2far45xE4i
AyqalFCMhTXYyozSTpFMqt2un/u/BqrlGnK+/shnAcPmhUcZTf/m312HviYjk+Iv
UYsTUKGbQwFk8gPHQrBPToCNM7V6hPfM3d0SjmAC0oCB7ggeXePw3nn5IqXwzxXJ
arLr+f1iUjBK/Z4BHRoM0rEGpnB+7onTu/AxrQLI1poNbPdMkOkSPocOm/WhpFgC
d77mb/VaqSO0kWKdfteNuyivUqDS3Y50yIcdJBlTW8Tnd6sunA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:57 2025 by rpki-client