Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
File: af189eff-34de-4652-a029-d682c90d1fc5.roa (raw, json)
Hash identifier: u19V5XwNNlZWGziqvqEVCFZVVcmiF0GkU/ti5Em4IoI=
Subject key identifier: 49:D6:91:67:E3:8D:F7:7C:A1:CA:3A:B9:E4:91:A9:48:B8:83:82:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BECB32A5D86E7C3AA9B6DDDA945208830B9E9B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
Signing time: Mon 16 Jun 2025 20:30:11 +0000
ROA not before: Mon 16 Jun 2025 20:30:11 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:ec:b3:2a:5d:86:e7:c3:aa:9b:6d:dd:a9:45:20:88:30:b9:e9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:30:11 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0749b803e9a1c51bb19fa303c9f08880f591c891f5478109f771c9938fd187d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9f:f0:77:8e:ef:a2:8d:fc:d5:58:7a:a0:e4:
be:ad:06:32:d1:39:02:f1:3a:10:c1:e8:52:be:c5:
8d:58:46:c8:af:bb:78:f7:ec:a0:01:0e:0b:57:ca:
9f:34:4b:c0:6a:11:2d:70:8d:6d:de:4d:e4:53:36:
24:1a:b7:af:c8:8b:30:54:1f:cc:8d:e6:3c:00:e2:
15:ca:7d:22:0c:48:60:19:ac:71:51:e6:6b:f4:cb:
fd:24:54:9c:9b:d0:8b:0a:f8:db:93:f0:21:7a:c0:
99:4e:84:fc:f8:66:92:ce:cf:0f:12:fd:30:9b:45:
0f:05:7c:cf:7c:44:88:12:c6:ca:5e:b8:bf:f5:44:
bd:ee:f6:9d:b6:3e:85:9f:3f:91:81:82:3a:af:e3:
ae:82:df:1c:b8:6a:cd:31:c4:d6:76:48:67:a2:4d:
00:9d:da:f7:cc:ea:2a:42:80:66:a5:96:20:b4:7d:
e0:df:4d:0f:c1:13:1f:f4:ae:3e:5f:a2:e7:5d:76:
78:8a:e1:f1:58:35:49:60:b3:60:92:72:9f:b9:2b:
56:b5:c4:67:2b:3d:ab:95:d0:f5:e3:a0:bc:f0:49:
a8:1e:49:6a:7c:e4:5b:85:51:7c:c7:59:03:8f:64:
8b:c5:37:da:f3:4a:98:eb:63:4f:58:ad:e1:16:bc:
2a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D6:91:67:E3:8D:F7:7C:A1:CA:3A:B9:E4:91:A9:48:B8:83:82:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:aa:79:f8:e0:79:3e:7d:3a:6c:53:76:7d:06:db:e5:4b:ca:
45:9e:f9:0f:ab:a7:12:34:20:36:2c:df:ae:c7:d7:e6:4c:35:
36:cb:cc:4a:73:2d:24:a1:f8:e9:a4:52:b1:9a:27:8a:f3:a4:
6c:c2:56:61:7f:a0:89:31:b2:cb:3c:21:e6:39:27:61:79:6c:
00:37:23:4d:62:25:81:46:e3:f2:d0:4f:f6:38:d8:15:37:f7:
0a:f0:1f:15:8e:61:13:a3:27:be:1a:0e:9e:f3:0d:08:ae:81:
6d:4b:da:a2:50:e3:ff:69:f8:81:dd:2b:54:dd:54:a4:31:49:
04:c9:b7:8a:47:50:6a:f8:9e:f3:e1:98:a4:cf:be:e7:61:df:
61:ee:34:fc:8c:25:b6:ed:44:a4:33:21:88:b6:a4:ce:a9:83:
43:20:e0:3c:a2:50:d8:6a:fa:ec:0b:c9:56:77:2e:29:26:00:
16:64:87:26:a2:96:ef:69:bd:b7:d1:2d:aa:77:b9:3b:1b:b9:
00:b5:00:ea:d1:39:38:68:66:4d:71:ed:28:6b:1e:a0:4f:2f:
e4:ac:c1:6d:4b:e4:c7:ac:dd:29:c6:af:a5:50:4b:e3:e0:d3:
67:a5:5f:70:27:46:b5:9a:af:a0:0b:de:94:f8:9a:d9:c1:fb:
64:bd:83:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe+yzKl2G58Oqm23dqUUgiDC56bkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMwMTFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3NDliODAzZTlhMWM1MWJiMTlmYTMwM2M5ZjA4ODgwZjU5MWM4OTFmNTQ3
ODEwOWY3NzFjOTkzOGZkMTg3ZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGf8HeO76KN/NVYeqDkvq0GMtE5AvE6EMHoUr7FjVhGyK+7ePfsoAEOC1fK
nzRLwGoRLXCNbd5N5FM2JBq3r8iLMFQfzI3mPADiFcp9IgxIYBmscVHma/TL/SRU
nJvQiwr425PwIXrAmU6E/Phmks7PDxL9MJtFDwV8z3xEiBLGyl64v/VEve72nbY+
hZ8/kYGCOq/jroLfHLhqzTHE1nZIZ6JNAJ3a98zqKkKAZqWWILR94N9ND8ETH/Su
Pl+i5112eIrh8Vg1SWCzYJJyn7krVrXEZys9q5XQ9eOgvPBJqB5JanzkW4VRfMdZ
A49ki8U32vNKmOtjT1it4Ra8KiMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJ1pFn
4433fKHKOrnkkalIuIOC0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWYxODllZmYtMzRkZS00NjUyLWEwMjktZDY4MmM5MGQxZmM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
wDANBgkqhkiG9w0BAQsFAAOCAQEAtap5+OB5Pn06bFN2fQbb5UvKRZ75D6unEjQg
NizfrsfX5kw1NsvMSnMtJKH46aRSsZonivOkbMJWYX+giTGyyzwh5jknYXlsADcj
TWIlgUbj8tBP9jjYFTf3CvAfFY5hE6MnvhoOnvMNCK6BbUvaolDj/2n4gd0rVN1U
pDFJBMm3ikdQavie8+GYpM++52HfYe40/Iwltu1EpDMhiLakzqmDQyDgPKJQ2Gr6
7AvJVncuKSYAFmSHJqKW72m9t9Etqne5Oxu5ALUA6tE5OGhmTXHtKGseoE8v5KzB
bUvkx6zdKcavpVBL4+DTZ6VfcCdGtZqvoAvelPia2cH7ZL2DAg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:20 2025 by rpki-client