Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa
File: af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa (raw, json)
Hash identifier: 95ngmh+OF4g280M+yCwoEHUDc9WujmZ6BDYW5LDAsyc=
Subject key identifier: 5B:E9:9D:54:83:16:6F:6A:76:2B:EA:87:27:0F:2E:06:E6:EF:C2:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FD9330379DA5B36599C3228AC8BF17A1CBAF5E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa
Signing time: Mon 16 Jun 2025 20:31:38 +0000
ROA not before: Mon 16 Jun 2025 20:31:38 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:d9:33:03:79:da:5b:36:59:9c:32:28:ac:8b:f1:7a:1c:ba:f5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:31:38 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=39b93629c1202c1cdb432406b6bd62a45fbe4d8c6486dc2bd2e4d65b181f97ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:b3:0f:10:40:e0:dd:13:7c:9d:5a:b2:93:e1:
1a:c4:e3:50:c0:2e:3a:29:ba:f2:b2:e5:93:ad:8b:
6f:84:61:df:75:a6:40:87:75:72:11:ea:f3:7d:27:
e1:7b:b7:08:a1:52:ba:55:53:4b:77:7f:cc:d3:2d:
f3:4b:eb:5e:e6:29:31:c2:7c:e3:2d:f1:4b:53:b9:
90:8e:77:88:1d:3d:ac:f5:e2:9a:5b:9a:07:eb:6d:
5d:dd:84:78:ed:77:ef:5e:f9:ed:5e:f4:d4:10:7c:
b3:59:59:4f:f9:27:7f:cb:85:6c:17:68:e2:98:d9:
f9:e0:32:88:d2:8d:b5:55:59:3a:7a:35:56:8c:54:
24:57:1d:e0:36:53:40:50:ef:66:28:b3:91:c3:64:
ff:58:2d:72:29:f5:d0:6f:85:64:c0:95:d9:6f:96:
b4:b2:59:39:cc:bc:3a:52:0f:0e:80:64:88:f5:fb:
81:9c:4c:73:ad:dd:da:33:92:80:21:96:43:d5:42:
34:c1:7f:34:a3:84:50:45:8c:7d:0e:18:f1:14:f7:
07:a7:87:99:87:08:fe:34:72:b5:94:24:cb:3f:90:
94:1b:4b:47:5a:04:18:1f:21:e4:b7:cd:24:96:50:
66:dc:27:46:05:4e:ec:96:ff:29:e7:97:3f:ef:1b:
1a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E9:9D:54:83:16:6F:6A:76:2B:EA:87:27:0F:2E:06:E6:EF:C2:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c0c0::/46
Signature Algorithm: sha256WithRSAEncryption
29:d0:23:97:ef:54:e1:d3:74:58:ff:e5:7a:62:77:35:1e:90:
36:44:16:0f:04:5b:4c:65:fa:79:18:0b:f2:b3:78:d3:cb:a6:
66:0d:73:65:22:48:1f:21:b6:aa:36:f9:a2:2b:2c:47:47:cf:
4f:da:92:ce:8b:ef:ed:c0:9a:82:df:bb:3c:b4:66:97:b1:b5:
c2:bd:c1:b3:f1:08:c7:89:a7:b0:8e:7b:d9:74:93:c1:3f:31:
86:62:63:e9:0d:a7:03:05:c7:8f:7e:c4:d4:65:40:57:e7:ff:
fb:a7:91:af:65:f4:41:28:3e:83:6e:06:3b:b0:85:b5:74:16:
69:ce:5e:dc:64:36:d1:fb:59:37:9e:cb:f4:cb:8e:f6:fa:2d:
75:c2:1d:bf:66:6a:92:21:cc:cc:89:94:19:d7:67:4e:52:16:
38:70:99:9c:ae:bb:ea:70:31:c1:98:2a:f6:38:a1:9c:60:17:
62:0b:0c:18:1a:e8:fb:a6:7b:3f:2a:e8:91:cf:db:8d:82:45:
04:b8:ae:c7:50:78:c2:e9:42:7e:2d:94:2b:44:14:f6:7f:41:
a8:63:d8:18:48:cf:6a:d0:b8:1f:b1:d4:8e:37:85:1a:4c:6a:
0a:82:07:df:79:3a:06:e5:93:33:06:e0:a5:7b:3f:40:d9:da:
c3:32:03:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb9kzA3naWzZZnDIorIvxehy69egwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMxMzhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5YjkzNjI5YzEyMDJjMWNkYjQzMjQwNmI2YmQ2MmE0NWZiZTRkOGM2NDg2
ZGMyYmQyZTRkNjViMTgxZjk3YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOezDxBA4N0TfJ1aspPhGsTjUMAuOim68rLlk62Lb4Rh33WmQId1chHq830n
4Xu3CKFSulVTS3d/zNMt80vrXuYpMcJ84y3xS1O5kI53iB09rPXimluaB+ttXd2E
eO1371757V701BB8s1lZT/knf8uFbBdo4pjZ+eAyiNKNtVVZOno1VoxUJFcd4DZT
QFDvZiizkcNk/1gtcin10G+FZMCV2W+WtLJZOcy8OlIPDoBkiPX7gZxMc63d2jOS
gCGWQ9VCNMF/NKOEUEWMfQ4Y8RT3B6eHmYcI/jRytZQkyz+QlBtLR1oEGB8h5LfN
JJZQZtwnRgVO7Jb/KeeXP+8bGhMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRb6Z1U
gxZvanYr6ocnDy4G5u/CHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWY0NGI5OGMtZmNkYy00YTBkLWI5YWMtZGJjYmM3Njg1YzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXA
wDANBgkqhkiG9w0BAQsFAAOCAQEAKdAjl+9U4dN0WP/lemJ3NR6QNkQWDwRbTGX6
eRgL8rN408umZg1zZSJIHyG2qjb5oissR0fPT9qSzovv7cCagt+7PLRml7G1wr3B
s/EIx4mnsI572XSTwT8xhmJj6Q2nAwXHj37E1GVAV+f/+6eRr2X0QSg+g24GO7CF
tXQWac5e3GQ20ftZN57L9MuO9votdcIdv2ZqkiHMzImUGddnTlIWOHCZnK676nAx
wZgq9jihnGAXYgsMGBro+6Z7Pyrokc/bjYJFBLiux1B4wulCfi2UK0QU9n9BqGPY
GEjPatC4H7HUjjeFGkxqCoIH33k6BuWTMwbgpXs/QNnawzIDyw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:11 2025 by rpki-client