Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1aeed91-7b62-4371-b8f3-245485e1bf21.roa
File: a1aeed91-7b62-4371-b8f3-245485e1bf21.roa (raw, json)
Hash identifier: ZzwbQTXSJWuVGf8s/aJcs4G6i/cU9rcOWymAiU/bKOo=
Subject key identifier: 96:D1:86:78:A0:D2:C4:5A:D4:05:A5:D5:93:B3:2A:18:05:7B:C3:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62B0E221C71C7BB292FEAAD04059B83517F47591
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1aeed91-7b62-4371-b8f3-245485e1bf21.roa
Signing time: Mon 16 Jun 2025 20:40:09 +0000
ROA not before: Mon 16 Jun 2025 20:40:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:b0:e2:21:c7:1c:7b:b2:92:fe:aa:d0:40:59:b8:35:17:f4:75:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:40:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1388e3b2d03e8dde37b1e9db29e76befb619ce1f5576d86acbb032c1eb918f85, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:08:a7:cf:9d:56:e9:83:4f:b3:dc:0e:ed:76:
a3:bb:7a:63:c9:93:27:51:fe:c7:2b:76:85:a0:6c:
63:00:03:5e:49:b5:c2:49:77:a5:7a:15:37:e9:9a:
95:6f:c9:fb:22:01:50:f8:2a:18:49:fe:d5:8f:e9:
d2:da:3a:49:67:9e:02:e9:54:1c:40:ae:f2:18:13:
2c:ae:23:80:5a:58:65:1a:95:d7:d7:c6:04:7f:d2:
f1:c9:e0:48:0a:ef:a1:b2:5d:3e:86:23:47:20:15:
af:e8:9c:3f:d8:f2:a6:75:f1:0b:81:25:c3:31:04:
9a:6c:8f:5a:44:76:f2:e9:2f:2e:aa:cf:d4:6e:7d:
af:94:ab:08:9f:75:4b:be:53:5d:1a:f9:d7:95:20:
e8:0d:bf:d5:3a:cb:a2:d6:2a:35:74:a2:13:b9:17:
1f:a5:f6:34:42:65:9e:c7:0a:cc:b1:bc:d2:02:7d:
95:00:12:a3:1a:08:d4:81:ae:b3:2b:d4:8c:4f:5c:
f4:36:56:a5:16:11:b8:20:a9:3f:1c:9c:2e:8c:61:
20:dd:15:d0:46:7a:e6:d6:ce:1d:24:80:5d:48:09:
80:1b:6f:16:f6:36:7b:03:8c:c3:a8:99:9b:56:1e:
68:5f:af:c5:bc:62:e0:f1:0b:8a:d5:90:4e:fc:ae:
f9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D1:86:78:A0:D2:C4:5A:D4:05:A5:D5:93:B3:2A:18:05:7B:C3:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1aeed91-7b62-4371-b8f3-245485e1bf21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
b9:1c:ed:83:9d:e3:96:fc:a2:f4:89:88:e9:16:c3:7f:c7:1c:
dc:80:35:10:14:4b:e6:5f:6e:50:1b:ad:a6:7d:a0:30:45:7b:
7f:6b:84:2e:cb:e4:97:9f:45:bf:d0:27:b6:25:30:07:f2:cb:
64:2d:68:63:66:08:70:97:0b:07:8d:c3:e7:3b:c2:bf:49:8a:
e3:96:e1:7c:b7:93:65:50:69:3e:fd:c6:27:ba:8f:d7:07:90:
8f:b6:ec:31:07:fb:c7:d9:67:e2:9f:8e:2a:fa:00:f3:18:95:
4c:5e:f8:35:6b:d1:44:94:4f:69:05:8c:4e:ec:17:30:43:f7:
a0:ce:50:67:a6:b1:70:23:36:ff:6b:24:66:65:8b:ac:19:35:
93:d2:ba:74:84:2e:fd:6f:a6:8a:74:6f:9c:ac:3b:a5:0f:57:
f2:5f:69:87:8d:9f:78:ff:7d:97:37:5d:da:c4:98:4d:55:92:
e9:06:90:43:6c:88:d5:e7:e1:d6:0f:6a:c6:cd:5c:c4:21:78:
96:e2:3e:64:c1:0f:b5:95:99:ba:de:4a:ab:ee:c3:0f:79:1d:
23:9a:50:11:06:a0:84:c7:df:22:b7:ab:f5:df:5e:3a:53:bb:
00:18:f2:a7:96:ab:ca:6f:d0:0f:4d:3d:56:1f:a0:cb:31:70:
37:77:cc:b8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYrDiIccce7KS/qrQQFm4NRf0dZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQwMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzODhlM2IyZDAzZThkZGUzN2IxZTlkYjI5ZTc2YmVmYjYxOWNlMWY1NTc2
ZDg2YWNiYjAzMmMxZWI5MThmODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYIp8+dVumDT7PcDu12o7t6Y8mTJ1H+xyt2haBsYwADXkm1wkl3pXoVN+ma
lW/J+yIBUPgqGEn+1Y/p0to6SWeeAulUHECu8hgTLK4jgFpYZRqV19fGBH/S8cng
SArvobJdPoYjRyAVr+icP9jypnXxC4ElwzEEmmyPWkR28ukvLqrP1G59r5SrCJ91
S75TXRr515Ug6A2/1TrLotYqNXSiE7kXH6X2NEJlnscKzLG80gJ9lQASoxoI1IGu
syvUjE9c9DZWpRYRuCCpPxycLoxhIN0V0EZ65tbOHSSAXUgJgBtvFvY2ewOMw6iZ
m1YeaF+vxbxi4PELitWQTvyu+dMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSW0YZ4
oNLEWtQFpdWTsyoYBXvDvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTFhZWVkOTEtN2I2Mi00MzcxLWI4ZjMtMjQ1NDg1ZTFiZjIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hvg
wDANBgkqhkiG9w0BAQsFAAOCAQEAuRztg53jlvyi9ImI6RbDf8cc3IA1EBRL5l9u
UButpn2gMEV7f2uELsvkl59Fv9AntiUwB/LLZC1oY2YIcJcLB43D5zvCv0mK45bh
fLeTZVBpPv3GJ7qP1weQj7bsMQf7x9ln4p+OKvoA8xiVTF74NWvRRJRPaQWMTuwX
MEP3oM5QZ6axcCM2/2skZmWLrBk1k9K6dIQu/W+minRvnKw7pQ9X8l9ph42feP99
lzdd2sSYTVWS6QaQQ2yI1efh1g9qxs1cxCF4luI+ZMEPtZWZut5Kq+7DD3kdI5pQ
EQaghMffIrer9d9eOlO7ABjyp5arym/QD009Vh+gyzFwN3fMuA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:56:40 2025 by rpki-client