Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
File: 96632b04-b91d-4e29-8e82-14fddf17bed9.roa (raw, json)
Hash identifier: 2sPiizXNjgZkh780qBT8amh5qJCMvQ0pKVo+srpkaFQ=
Subject key identifier: 01:C4:3E:36:C0:51:EA:11:A3:A2:DF:A9:30:F7:35:AF:EA:7A:D1:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A810972353A5BE897A2D5BBEBEA63D50184C19C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
Signing time: Mon 16 Jun 2025 20:21:20 +0000
ROA not before: Mon 16 Jun 2025 20:21:20 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:81:09:72:35:3a:5b:e8:97:a2:d5:bb:eb:ea:63:d5:01:84:c1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:21:20 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=592afa38a2edfd5c68a6cf3805a4197c2298059a236a7df83b04df758f6a7b36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:47:c6:d0:3c:f8:22:af:bd:1b:92:a2:c9:b5:
88:5c:06:a0:96:91:9a:46:90:49:1b:9e:0c:09:3f:
e5:dc:40:c5:85:86:23:60:d3:39:1d:9a:82:3b:16:
1c:91:bd:74:fb:8b:de:88:5f:28:77:14:5c:de:03:
a7:63:bd:ab:55:71:70:87:5b:fe:a8:b5:df:b8:70:
dc:7a:7e:e2:f5:46:df:04:61:ca:ba:8e:ee:26:67:
c7:1d:e8:27:90:49:d1:53:b0:8c:2c:9d:8a:20:a5:
78:5b:d3:9b:ad:93:91:96:c5:98:88:6e:4f:8d:4a:
2b:03:6d:49:e8:7e:a0:0f:d8:15:89:f9:bc:c3:64:
12:a9:dc:5b:76:e8:a5:8f:e9:71:fb:ef:46:a0:76:
e2:e4:9b:91:34:7b:d7:03:55:31:de:cf:2e:68:c8:
82:6e:10:30:ef:aa:59:60:24:bc:04:cb:59:75:ce:
4c:7e:57:15:22:14:7a:dd:35:f5:9a:7e:78:55:f7:
44:0c:3d:47:ad:98:a1:a8:ec:7d:44:8b:cd:ae:cb:
69:51:91:38:2c:4c:9f:73:41:d4:f3:1e:10:16:5a:
be:72:03:3b:1f:c6:56:6b:91:51:52:bc:b0:b7:ee:
f4:25:37:cc:c5:db:e4:f1:8e:02:93:ab:21:1f:d5:
64:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C4:3E:36:C0:51:EA:11:A3:A2:DF:A9:30:F7:35:AF:EA:7A:D1:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8060::/48
Signature Algorithm: sha256WithRSAEncryption
33:b0:a9:74:65:75:11:8a:f7:aa:9a:fe:36:f7:fc:97:21:0f:
a0:93:89:62:0d:f2:08:e2:06:9a:3c:ab:6c:54:04:ce:d0:09:
d4:67:5c:dd:5e:fb:1a:c4:bb:c5:f8:96:ba:ef:27:76:c0:23:
21:d2:78:b0:de:b3:9d:5b:08:13:5d:9c:0c:22:8e:26:fd:72:
7b:b5:ac:5c:bc:3d:70:91:9d:22:62:e2:a4:2d:d1:02:d3:dc:
ed:62:22:b0:76:bd:ba:de:f9:c1:5b:b8:3b:bf:7b:94:68:c7:
0e:f7:39:3f:1c:e2:96:9f:3c:03:5a:a0:15:08:11:16:74:73:
3f:f2:4b:fe:50:47:9f:b5:ce:9a:4e:8a:bb:4f:54:26:56:86:
88:34:41:80:ce:b7:48:af:93:bd:3c:71:ca:63:d9:0a:11:a7:
0b:30:b3:e6:50:f1:40:0f:10:6e:38:77:ec:53:8a:df:27:c6:
73:9d:06:8b:69:0a:8a:14:79:55:6e:b6:1f:8a:62:03:69:3c:
6b:da:a1:6c:ea:7f:13:a7:54:56:71:fb:fd:62:82:46:98:6d:
6d:a2:7f:a4:9e:c3:b9:f5:e0:76:6b:59:be:f2:be:cc:5a:d9:
a4:85:56:27:13:81:5e:74:2a:4a:ee:98:24:8e:d2:b3:0b:1d:
3a:42:06:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWoEJcjU6W+iXotW76+pj1QGEwZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIxMjBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5MmFmYTM4YTJlZGZkNWM2OGE2Y2YzODA1YTQxOTdjMjI5ODA1OWEyMzZh
N2RmODNiMDRkZjc1OGY2YTdiMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1HxtA8+CKvvRuSosm1iFwGoJaRmkaQSRueDAk/5dxAxYWGI2DTOR2agjsW
HJG9dPuL3ohfKHcUXN4Dp2O9q1VxcIdb/qi137hw3Hp+4vVG3wRhyrqO7iZnxx3o
J5BJ0VOwjCydiiCleFvTm62TkZbFmIhuT41KKwNtSeh+oA/YFYn5vMNkEqncW3bo
pY/pcfvvRqB24uSbkTR71wNVMd7PLmjIgm4QMO+qWWAkvATLWXXOTH5XFSIUet01
9Zp+eFX3RAw9R62YoajsfUSLza7LaVGROCxMn3NB1PMeEBZavnIDOx/GVmuRUVK8
sLfu9CU3zMXb5PGOApOrIR/VZGkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQBxD42
wFHqEaOi36kw9zWv6nrRIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY2MzJiMDQtYjkxZC00ZTI5LThlODItMTRmZGRmMTdiZWQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
YDANBgkqhkiG9w0BAQsFAAOCAQEAM7CpdGV1EYr3qpr+Nvf8lyEPoJOJYg3yCOIG
mjyrbFQEztAJ1Gdc3V77GsS7xfiWuu8ndsAjIdJ4sN6znVsIE12cDCKOJv1ye7Ws
XLw9cJGdImLipC3RAtPc7WIisHa9ut75wVu4O797lGjHDvc5Pxzilp88A1qgFQgR
FnRzP/JL/lBHn7XOmk6Ku09UJlaGiDRBgM63SK+TvTxxymPZChGnCzCz5lDxQA8Q
bjh37FOK3yfGc50Gi2kKihR5VW62H4piA2k8a9qhbOp/E6dUVnH7/WKCRphtbaJ/
pJ7DufXgdmtZvvK+zFrZpIVWJxOBXnQqSu6YJI7SswsdOkIGzg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:43 2025 by rpki-client