Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa
File: acaa599d-041d-4181-81eb-d1fa213089e1.roa (raw, json)
Hash identifier: dsuf3nqRd1Bv9eIRjuyKmYjmVV7XZ+nReOZ88Xe4UZg=
Subject key identifier: 42:D8:07:83:52:CF:DE:19:9D:60:CC:43:8F:45:EC:3C:07:F6:E7:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59AFAC69700D4170D55AE55749F7F0683BD092FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa
Signing time: Thu 26 Jun 2025 19:37:07 +0000
ROA not before: Thu 26 Jun 2025 19:37:07 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:2080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:af:ac:69:70:0d:41:70:d5:5a:e5:57:49:f7:f0:68:3b:d0:92:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:07 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=266e12689a7da39b83958dbb4398f76654ffa8e59656167dd3f823f2d8f30900, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1e:86:5d:6a:ee:aa:c5:13:f3:06:df:57:ee:
94:60:06:de:79:d8:ac:e8:cb:88:78:8e:a9:e0:67:
5c:28:e0:ee:45:c7:91:d7:b4:65:8e:9c:ab:a0:ac:
bc:cb:76:2b:92:79:d2:21:95:7f:20:0f:35:57:92:
5b:dd:0b:1e:6b:bb:5f:c5:c1:a7:3f:e1:a3:d8:b5:
7d:77:5a:ad:16:37:03:f7:c1:c5:d7:99:a3:78:ee:
fb:93:10:9b:81:4e:a9:5f:03:c9:c5:76:91:2c:52:
25:e8:e2:af:12:cb:44:47:c6:7d:6d:da:12:f4:e5:
5d:17:b3:15:ec:7b:af:13:d2:57:9a:e9:71:2d:98:
28:93:6f:e8:db:cf:de:d4:f1:5d:70:39:3a:d8:c6:
d6:5e:4f:8d:a6:da:2b:de:8b:53:10:35:f6:7f:9b:
b4:5c:c0:70:4e:bd:e5:10:04:49:d2:0a:64:6d:a7:
24:90:a4:c4:91:da:34:90:05:70:4a:6c:b3:08:fd:
60:c1:b8:44:f6:84:be:1a:e9:5f:86:96:c8:2e:17:
e4:ad:2d:d4:6b:be:88:ea:9b:a2:5a:c3:07:83:6b:
74:89:c6:80:f5:8e:94:85:40:0b:aa:b2:c9:01:88:
7f:dc:dc:45:3f:5d:54:f1:90:ee:4e:ea:7f:b4:cc:
3a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D8:07:83:52:CF:DE:19:9D:60:CC:43:8F:45:EC:3C:07:F6:E7:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:2080::/46
Signature Algorithm: sha256WithRSAEncryption
15:ff:62:c3:54:8a:c9:c5:9d:da:5a:1b:f0:f9:b4:52:a8:31:
09:a3:98:4e:31:e6:0e:75:83:15:10:df:68:0e:75:34:bb:e6:
69:03:b0:0e:2e:f8:03:68:e4:de:50:44:93:ef:58:74:1b:af:
b6:3e:4d:e2:29:8f:23:af:d6:4d:46:24:de:2b:c1:1f:a6:9e:
98:20:09:93:45:cc:ed:87:60:60:37:6d:ed:c5:e5:04:0d:a8:
b4:19:8f:bb:59:bf:6b:21:a5:61:45:45:00:8b:52:a2:f8:85:
e5:c7:f5:65:d3:d5:86:ed:99:33:fa:7f:b7:73:ff:b8:a8:de:
26:22:04:96:75:c6:e1:6c:44:b4:f1:b1:11:15:bd:ed:ff:db:
aa:7d:e8:02:b4:c8:3a:35:7d:94:f1:fd:6a:5e:f3:db:e1:31:
a2:07:3d:cb:4e:3c:9a:9e:11:5b:6a:c8:25:bc:a4:fa:fe:52:
31:0e:10:6b:7d:41:cb:80:1f:a7:82:1d:0a:ad:0a:e8:f9:b5:
d7:09:b6:0b:4b:76:5e:4f:51:1a:79:ad:87:76:ca:1a:9d:1d:
49:33:c8:0d:d2:a5:ab:49:cc:bc:5b:f0:11:78:a4:40:93:5b:
eb:da:d1:68:02:78:b9:d2:61:f4:64:19:8d:2c:1e:25:42:b3:
f9:a1:b7:1a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWa+saXANQXDVWuVXSffwaDvQkv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MDdaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2NmUxMjY4OWE3ZGEzOWI4Mzk1OGRiYjQzOThmNzY2NTRmZmE4ZTU5NjU2
MTY3ZGQzZjgyM2YyZDhmMzA5MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIehl1q7qrFE/MG31fulGAG3nnYrOjLiHiOqeBnXCjg7kXHkde0ZY6cq6Cs
vMt2K5J50iGVfyAPNVeSW90LHmu7X8XBpz/ho9i1fXdarRY3A/fBxdeZo3ju+5MQ
m4FOqV8DycV2kSxSJejirxLLREfGfW3aEvTlXRezFex7rxPSV5rpcS2YKJNv6NvP
3tTxXXA5OtjG1l5PjabaK96LUxA19n+btFzAcE695RAESdIKZG2nJJCkxJHaNJAF
cEpsswj9YMG4RPaEvhrpX4aWyC4X5K0t1Gu+iOqbolrDB4NrdInGgPWOlIVAC6qy
yQGIf9zcRT9dVPGQ7k7qf7TMOv0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRC2AeD
Us/eGZ1gzEOPRew8B/bn2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWNhYTU5OWQtMDQxZC00MTgxLTgxZWItZDFmYTIxMzA4OWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
gDANBgkqhkiG9w0BAQsFAAOCAQEAFf9iw1SKycWd2lob8Pm0UqgxCaOYTjHmDnWD
FRDfaA51NLvmaQOwDi74A2jk3lBEk+9YdBuvtj5N4imPI6/WTUYk3ivBH6aemCAJ
k0XM7YdgYDdt7cXlBA2otBmPu1m/ayGlYUVFAItSoviF5cf1ZdPVhu2ZM/p/t3P/
uKjeJiIElnXG4WxEtPGxERW97f/bqn3oArTIOjV9lPH9al7z2+Exogc9y048mp4R
W2rIJbyk+v5SMQ4Qa31By4Afp4IdCq0K6Pm11wm2C0t2Xk9RGnmth3bKGp0dSTPI
DdKlq0nMvFvwEXikQJNb69rRaAJ4udJh9GQZjSweJUKz+aG3Gg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:21 2025 by rpki-client