Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
File: 98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa (raw, json)
Hash identifier: FZQ6OU+v5rk+MtdLoalHZrAT8XVffZmpGTH3326Oens=
Subject key identifier: 4F:8F:52:1C:F8:72:82:03:DC:7F:87:F8:18:0A:71:4F:47:AA:7A:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C27F7DC0CFC496C0346C1C3984F3D7A0FC5CEDA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
Signing time: Mon 16 Jun 2025 21:41:26 +0000
ROA not before: Mon 16 Jun 2025 21:41:26 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:27:f7:dc:0c:fc:49:6c:03:46:c1:c3:98:4f:3d:7a:0f:c5:ce:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:26 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=92eb97e2f0fef067cc0901a5d6eedac6ef75557e10936f44df00acee800b1403, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:99:b0:aa:26:b4:a6:1c:78:8c:1d:69:0f:eb:
5a:ae:e7:a7:7c:55:96:66:b6:33:5a:8e:5a:6a:e3:
18:f1:90:6c:6d:2a:61:91:4d:18:ff:5d:af:1e:d7:
0f:ec:07:95:23:ed:f3:05:25:9e:56:12:67:ed:77:
98:f5:ad:82:64:17:11:42:ef:55:7f:14:83:4c:00:
b1:4b:ad:f1:af:ac:2d:8d:e1:ba:42:43:c6:4f:80:
0c:93:37:af:f1:a3:b8:54:21:91:9f:a0:1e:a7:18:
a9:09:e4:1d:1e:73:cf:8d:72:ad:82:4c:08:60:6f:
55:52:fd:ed:c5:d3:db:2a:4d:48:9f:78:ca:58:c1:
61:ef:90:3d:0a:16:aa:90:49:76:d6:f5:16:bb:bb:
d0:f8:38:42:81:43:3e:14:c5:ff:5c:4a:d7:6a:a8:
f0:d7:98:22:f2:e1:bd:2d:7d:21:e0:07:1b:61:fd:
cc:a0:30:c0:46:28:85:a9:ac:da:50:f2:b9:7f:bc:
66:d4:a1:98:05:ee:4f:d6:d3:37:e9:f6:cc:e9:bd:
d9:8c:44:29:56:67:2a:49:2f:41:55:ec:aa:da:72:
01:7e:11:62:f6:06:21:c1:b1:ef:60:a3:c6:d2:65:
af:e7:c6:1c:bd:6b:2a:5c:ca:22:00:3c:65:dd:9a:
66:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8F:52:1C:F8:72:82:03:DC:7F:87:F8:18:0A:71:4F:47:AA:7A:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/36
Signature Algorithm: sha256WithRSAEncryption
79:cd:1b:6a:1c:3b:aa:6c:7d:75:98:75:28:4f:c4:24:19:dd:
0d:a2:cb:aa:0b:57:70:a3:80:89:86:dd:ee:80:b8:a3:2d:36:
52:bc:42:89:8d:94:fb:5b:70:b2:36:89:48:23:d9:2b:e2:c5:
0f:b5:67:19:f5:e8:af:b7:90:89:44:32:57:eb:2b:35:71:9b:
d6:2a:44:00:f5:fd:fa:46:b5:b2:f9:54:64:b4:8b:38:00:d3:
53:f3:14:d6:46:a0:dd:e6:cb:f3:53:bc:36:5a:43:34:5d:32:
21:e8:91:c1:f1:6e:4d:d8:39:55:95:c0:bf:4b:7a:f2:c5:65:
ed:e2:82:2e:42:63:f2:64:86:f6:df:4f:61:4a:0b:36:2c:ef:
6b:91:3d:de:c8:8c:95:81:ed:64:25:27:fb:97:c1:0b:e3:11:
58:0e:21:70:5a:70:da:bc:74:e6:20:d3:6c:57:30:41:0b:aa:
dc:24:d1:84:6a:54:1c:56:a5:13:4a:06:30:ee:36:7b:9b:b1:
32:0c:97:bc:0e:3b:d0:41:d5:48:1a:ec:82:e2:f4:31:a3:de:
3b:e0:b6:26:3c:a7:14:18:34:94:04:eb:99:06:4d:5e:71:27:
50:27:28:a5:24:2b:ab:6e:ff:e1:73:f4:25:4b:60:84:5e:d9:
55:0e:0e:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPCf33Az8SWwDRsHDmE89eg/FztowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMjZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyZWI5N2UyZjBmZWYwNjdjYzA5MDFhNWQ2ZWVkYWM2ZWY3NTU1N2UxMDkz
NmY0NGRmMDBhY2VlODAwYjE0MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGZsKomtKYceIwdaQ/rWq7np3xVlma2M1qOWmrjGPGQbG0qYZFNGP9drx7X
D+wHlSPt8wUlnlYSZ+13mPWtgmQXEULvVX8Ug0wAsUut8a+sLY3hukJDxk+ADJM3
r/GjuFQhkZ+gHqcYqQnkHR5zz41yrYJMCGBvVVL97cXT2ypNSJ94yljBYe+QPQoW
qpBJdtb1Fru70Pg4QoFDPhTF/1xK12qo8NeYIvLhvS19IeAHG2H9zKAwwEYohams
2lDyuX+8ZtShmAXuT9bTN+n2zOm92YxEKVZnKkkvQVXsqtpyAX4RYvYGIcGx72Cj
xtJlr+fGHL1rKlzKIgA8Zd2aZnUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRPj1Ic
+HKCA9x/h/gYCnFPR6p6cDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThjZjU1YzUtYmI0YS00NmE1LWE2NjctOTAxYjFhMmZmYjRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQB5zRtqHDuqbH11mHUoT8QkGd0NosuqC1dwo4CJ
ht3ugLijLTZSvEKJjZT7W3CyNolII9kr4sUPtWcZ9eivt5CJRDJX6ys1cZvWKkQA
9f36RrWy+VRktIs4ANNT8xTWRqDd5svzU7w2WkM0XTIh6JHB8W5N2DlVlcC/S3ry
xWXt4oIuQmPyZIb2309hSgs2LO9rkT3eyIyVge1kJSf7l8EL4xFYDiFwWnDavHTm
INNsVzBBC6rcJNGEalQcVqUTSgYw7jZ7m7EyDJe8DjvQQdVIGuyC4vQxo9474LYm
PKcUGDSUBOuZBk1ecSdQJyilJCurbv/hc/QlS2CEXtlVDg4U
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:21 2025 by rpki-client