Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa
File: 94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa (raw, json)
Hash identifier: iZ92E2mK/324rwvvCBVtCEGzC4uBPOhBxwFXDNCsLu4=
Subject key identifier: 17:F5:A7:B5:33:1F:99:1C:CA:5A:CC:F0:8B:CF:8C:3E:11:1E:3A:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 798A28DF33EB519D86559F0D2307C1398315BE6F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa
Signing time: Mon 16 Jun 2025 20:41:01 +0000
ROA not before: Mon 16 Jun 2025 20:41:01 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:8a:28:df:33:eb:51:9d:86:55:9f:0d:23:07:c1:39:83:15:be:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:41:01 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=424d7954c774a3984a2b086d85b993abb28211aff07f4715de384dc85d34eafc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fc:a5:73:cc:63:00:20:9c:59:18:98:48:9e:
e2:bc:06:7d:0b:87:e7:b6:ba:99:a0:88:a7:c1:27:
1e:56:d1:f7:14:03:cb:fd:9f:98:39:b2:ab:09:fb:
20:37:5b:bd:97:ec:13:14:8a:e9:13:2c:3b:aa:89:
9f:81:0e:f2:12:db:e1:83:ae:d7:7e:9e:5d:0b:7a:
e5:04:d1:27:04:9c:eb:3b:17:51:aa:7c:66:ff:3c:
cc:18:53:ed:4c:48:46:31:0e:28:d8:91:f0:a0:39:
4e:3e:e2:be:6c:d9:48:dd:11:9e:f0:64:35:bf:25:
b1:37:81:90:ab:1a:a1:b1:d5:92:30:f0:a4:6b:fe:
71:11:db:56:2e:4b:b6:0e:9c:5e:be:b8:1c:12:92:
c2:96:dd:af:2b:86:d7:7b:50:a6:e2:6d:62:0a:fe:
72:55:49:9a:e4:d1:19:4b:99:89:58:74:76:45:12:
48:85:e2:b1:41:66:9d:79:87:db:d3:dd:b8:10:1b:
37:ff:54:21:8e:8a:5a:3a:3b:45:49:6c:77:89:a3:
55:d8:bb:5b:20:26:25:be:36:1c:59:c4:15:c3:3d:
62:9b:c9:65:38:78:c5:54:d0:55:9d:c4:0a:6d:3c:
84:aa:20:d8:07:88:4a:2b:5e:e7:f5:fc:24:f7:f6:
a8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F5:A7:B5:33:1F:99:1C:CA:5A:CC:F0:8B:CF:8C:3E:11:1E:3A:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a080::/46
Signature Algorithm: sha256WithRSAEncryption
3f:29:26:f1:cd:8c:9d:5f:01:38:a1:e8:ae:9d:af:65:b5:53:
cb:2f:dc:f5:c5:c6:9b:99:ec:7a:b9:8a:c7:1d:a9:cf:b0:69:
a2:6e:c2:f6:6e:d1:17:81:3b:0c:5f:6c:03:d8:18:3f:77:23:
2a:b6:5e:92:0d:67:84:6c:3a:47:cd:c6:c8:d0:73:b0:31:5e:
38:23:99:d1:7e:42:db:35:9d:03:4e:f0:99:ea:e2:88:19:1e:
3c:3c:a8:72:c3:51:ac:7f:ce:8b:2e:51:89:8d:f1:b4:38:46:
0b:37:31:1b:20:1d:e3:55:e3:ee:aa:36:f4:29:3e:a6:ba:9b:
a3:b1:c4:07:bd:26:02:89:ec:db:52:89:c9:5f:24:f8:9c:26:
fe:88:4e:f7:ca:b9:19:c9:3e:89:c4:5a:ba:a6:be:16:a5:ee:
fc:75:c5:ff:f2:3c:73:62:17:ed:84:90:6d:7a:72:21:b8:26:
9a:05:81:28:fa:b0:54:70:1c:c9:2f:d7:e5:fe:4a:f0:9f:09:
6a:e8:3a:66:c2:c3:93:a2:82:91:75:c3:ad:7d:cb:3b:eb:c8:
90:cb:cf:81:44:70:82:5f:04:ae:32:6a:de:5f:eb:fa:79:9f:
e6:69:1a:e2:48:39:b4:c3:ea:47:c8:e4:70:f5:63:70:cb:05:
1f:e4:ef:60
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeYoo3zPrUZ2GVZ8NIwfBOYMVvm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQxMDFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNGQ3OTU0Yzc3NGEzOTg0YTJiMDg2ZDg1Yjk5M2FiYjI4MjExYWZmMDdm
NDcxNWRlMzg0ZGM4NWQzNGVhZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANr8pXPMYwAgnFkYmEie4rwGfQuH57a6maCIp8EnHlbR9xQDy/2fmDmyqwn7
IDdbvZfsExSK6RMsO6qJn4EO8hLb4YOu136eXQt65QTRJwSc6zsXUap8Zv88zBhT
7UxIRjEOKNiR8KA5Tj7ivmzZSN0RnvBkNb8lsTeBkKsaobHVkjDwpGv+cRHbVi5L
tg6cXr64HBKSwpbdryuG13tQpuJtYgr+clVJmuTRGUuZiVh0dkUSSIXisUFmnXmH
29PduBAbN/9UIY6KWjo7RUlsd4mjVdi7WyAmJb42HFnEFcM9YpvJZTh4xVTQVZ3E
Cm08hKog2AeISite5/X8JPf2qJkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQX9ae1
Mx+ZHMpazPCLz4w+ER469DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRiNzNkZjItMDBmMy00YWRjLWEyYTEtYzhiNDFlNTMxY2YyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWg
gDANBgkqhkiG9w0BAQsFAAOCAQEAPykm8c2MnV8BOKHorp2vZbVTyy/c9cXGm5ns
ermKxx2pz7Bpom7C9m7RF4E7DF9sA9gYP3cjKrZekg1nhGw6R83GyNBzsDFeOCOZ
0X5C2zWdA07wmeriiBkePDyocsNRrH/Oiy5RiY3xtDhGCzcxGyAd41Xj7qo29Ck+
prqbo7HEB70mAons21KJyV8k+Jwm/ohO98q5Gck+icRauqa+FqXu/HXF//I8c2IX
7YSQbXpyIbgmmgWBKPqwVHAcyS/X5f5K8J8Jaug6ZsLDk6KCkXXDrX3LO+vIkMvP
gURwgl8ErjJq3l/r+nmf5mka4kg5tMPqR8jkcPVjcMsFH+TvYA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:04 2025 by rpki-client