Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
File: a1796bea-01c9-41b7-b13d-6932c4f36a42.roa (raw, json)
Hash identifier: tB4xCMYlYjvmBZ7XZIrI9ogs5ulkuNmwMybnkb9al3w=
Subject key identifier: C0:53:3B:6F:E7:D3:35:89:28:DC:CA:20:5B:85:E7:DB:36:33:28:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B14ECD06C175531755FD90624656D8E2DD2B678
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
Signing time: Mon 16 Jun 2025 20:00:24 +0000
ROA not before: Mon 16 Jun 2025 20:00:24 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:14:ec:d0:6c:17:55:31:75:5f:d9:06:24:65:6d:8e:2d:d2:b6:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:24 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a9ffb619428096e8b333e49cdee48f6dc5a447d6f51a00749f86714a9fa9f2b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:66:28:0c:77:72:e8:25:89:67:29:7a:ca:78:
00:9c:c0:4f:a4:41:f6:98:be:3f:84:49:43:e2:1a:
c1:9b:93:d6:ea:a0:91:95:73:65:2a:72:71:61:3b:
50:cf:59:f4:2f:72:64:db:86:ed:a0:29:d8:9d:ac:
31:05:e1:82:af:11:89:bf:29:11:94:32:d6:81:92:
9b:99:52:37:4e:da:57:d4:da:3b:c0:a9:1d:cc:4f:
44:b6:7f:95:c8:d6:e6:1f:98:03:b8:20:4e:24:a9:
fa:db:25:f4:d5:fb:65:5f:0f:a5:c7:64:3a:70:2c:
20:e2:03:c1:8d:3c:bc:cd:6b:9a:82:62:2a:83:30:
c5:c3:d8:4b:5b:e5:57:27:48:44:a0:8e:3c:fb:95:
3f:1e:3c:95:00:ac:46:ad:b8:73:50:3f:25:56:15:
58:d9:9d:b5:dd:e2:0a:92:64:f0:41:11:c5:a9:de:
83:39:71:d8:c9:49:d7:44:3e:96:a2:35:69:86:35:
d6:4f:02:4a:63:93:c0:d2:1c:d7:55:01:31:ae:55:
82:d8:58:4b:d2:03:f0:27:35:ac:62:3c:84:f7:4a:
a4:e6:38:35:dc:f0:b5:3f:b8:5f:5d:70:85:5f:9a:
c6:13:51:2d:6b:e4:da:77:88:21:ab:86:32:f9:43:
07:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:53:3B:6F:E7:D3:35:89:28:DC:CA:20:5B:85:E7:DB:36:33:28:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a000::/40
Signature Algorithm: sha256WithRSAEncryption
4f:fd:57:ea:6f:63:b4:8c:3b:7e:4d:45:26:20:24:83:10:c8:
ae:d5:4c:37:89:29:81:77:8a:ed:8e:75:fa:d4:a4:a8:ae:27:
bf:4b:b1:21:29:79:92:50:49:d0:bc:4e:f4:eb:f3:58:a8:ca:
37:a3:35:1c:38:07:97:1c:0e:af:47:e1:e9:f8:1b:8a:ce:ca:
f0:c1:90:6b:d4:33:76:db:1f:f4:a8:22:97:36:65:8e:5a:7e:
6c:5a:7f:b3:09:ff:68:f6:b5:8c:bc:4d:d5:8d:ad:46:c8:ca:
2b:7f:ad:2a:cc:22:0f:22:76:56:e0:17:22:a0:56:8a:b1:25:
6e:d2:05:37:35:e6:12:98:14:cc:de:67:0a:d2:12:3c:3c:e6:
d2:b3:8e:ba:5e:e1:66:44:80:2c:e9:20:22:5c:02:54:ca:53:
e2:44:fb:de:4d:8f:d1:30:f8:b5:1f:a9:bb:d4:1b:71:1d:80:
19:df:92:f5:cf:75:db:b1:7c:7e:25:40:9a:a4:d0:2d:38:8f:
ee:db:ef:75:2b:2c:e8:5b:d1:e4:92:87:f3:b7:ce:a7:72:1f:
b0:b6:eb:db:8d:1a:90:67:1e:c1:4f:66:02:45:b0:e1:97:61:
fa:57:a1:7d:33:9e:d2:39:e9:23:19:e8:fe:cd:a3:21:d2:6b:
ac:b0:96:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWxTs0GwXVTF1X9kGJGVtji3StngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMjRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5ZmZiNjE5NDI4MDk2ZThiMzMzZTQ5Y2RlZTQ4ZjZkYzVhNDQ3ZDZmNTFh
MDA3NDlmODY3MTRhOWZhOWYyYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9mKAx3cugliWcpesp4AJzAT6RB9pi+P4RJQ+IawZuT1uqgkZVzZSpycWE7
UM9Z9C9yZNuG7aAp2J2sMQXhgq8Rib8pEZQy1oGSm5lSN07aV9TaO8CpHcxPRLZ/
lcjW5h+YA7ggTiSp+tsl9NX7ZV8PpcdkOnAsIOIDwY08vM1rmoJiKoMwxcPYS1vl
VydIRKCOPPuVPx48lQCsRq24c1A/JVYVWNmdtd3iCpJk8EERxanegzlx2MlJ10Q+
lqI1aYY11k8CSmOTwNIc11UBMa5VgthYS9ID8Cc1rGI8hPdKpOY4NdzwtT+4X11w
hV+axhNRLWvk2neIIauGMvlDB2kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTAUztv
59M1iSjcyiBbhefbNjMoHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTE3OTZiZWEtMDFjOS00MWI3LWIxM2QtNjkzMmM0ZjM2YTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGg
MA0GCSqGSIb3DQEBCwUAA4IBAQBP/Vfqb2O0jDt+TUUmICSDEMiu1Uw3iSmBd4rt
jnX61KSorie/S7EhKXmSUEnQvE706/NYqMo3ozUcOAeXHA6vR+Hp+BuKzsrwwZBr
1DN22x/0qCKXNmWOWn5sWn+zCf9o9rWMvE3Vja1GyMorf60qzCIPInZW4BcioFaK
sSVu0gU3NeYSmBTM3mcK0hI8PObSs466XuFmRIAs6SAiXAJUylPiRPveTY/RMPi1
H6m71BtxHYAZ35L1z3XbsXx+JUCapNAtOI/u2+91KyzoW9Hkkofzt86nch+wtuvb
jRqQZx7BT2YCRbDhl2H6V6F9M57SOekjGej+zaMh0mussJYc
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:24 2025 by rpki-client