Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
File: b5baa4ff-ac5d-476f-a428-fb66fb294867.roa (raw, json)
Hash identifier: XVgBTcUmxLt/T1gS8ZpDdqAhOy1c0YFka8cdtIi76Ck=
Subject key identifier: BB:0F:4B:B6:35:F7:73:6F:7D:3D:3A:DA:4F:D8:45:FE:2F:A1:46:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CFCEA060122A09E99D9FB1AE3E1FB4BEA4C582E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
Signing time: Mon 16 Jun 2025 20:51:11 +0000
ROA not before: Mon 16 Jun 2025 20:51:11 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:fc:ea:06:01:22:a0:9e:99:d9:fb:1a:e3:e1:fb:4b:ea:4c:58:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:51:11 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=52672537151ebbce19848c36986ff28d87c42d0adcb1cf6abcd7d90d98e6240c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d5:e8:78:6d:63:9b:10:fd:9e:2b:6e:9d:be:
c7:7a:cc:16:c2:6c:f4:77:76:ad:6f:72:0e:66:a7:
1b:4f:fe:0a:d2:f3:0f:b6:27:9d:1f:f2:e5:dd:19:
b2:86:1c:d9:df:1b:27:b0:4a:19:9d:4b:05:bf:3b:
20:3a:e0:70:15:e1:ec:f3:b8:1c:7c:86:fb:f7:1d:
7c:c9:d7:ab:4c:75:81:4f:9f:1d:31:9e:56:6e:b8:
77:f8:36:d5:ff:d9:65:8a:26:99:9a:88:e7:0c:3c:
99:74:39:4b:a3:28:4b:ba:f4:a2:c0:bd:2d:46:59:
5b:f5:35:4d:ee:4e:89:92:21:73:ec:4f:65:1f:9b:
29:12:2e:73:18:79:a1:f2:09:ed:43:40:95:e8:0b:
56:dc:b7:d1:19:53:6b:d3:ad:81:d7:7e:45:30:d0:
11:03:8f:2f:fd:24:cd:c7:03:3b:80:71:7e:6c:91:
29:92:16:3f:b0:bb:00:03:64:63:e0:e3:33:09:0e:
23:d5:b1:2c:9a:9a:bf:ec:94:fb:17:95:ba:fa:9f:
92:0e:66:93:45:b2:8b:2d:f3:3f:08:ae:dc:eb:a2:
f5:fe:1b:43:25:07:d8:8e:97:a7:03:bc:1c:fe:ed:
32:e0:d7:e7:c5:14:91:7d:08:64:07:7f:fe:86:b2:
58:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0F:4B:B6:35:F7:73:6F:7D:3D:3A:DA:4F:D8:45:FE:2F:A1:46:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:4000::/40
Signature Algorithm: sha256WithRSAEncryption
5b:5d:bc:f0:84:c9:50:75:33:21:08:2e:c0:b6:2f:b5:a8:84:
fb:3d:dd:25:c7:e6:98:1e:de:0c:0f:39:d9:7f:58:4a:d6:f1:
7b:d4:45:7d:2d:94:50:bc:fd:77:43:c2:bd:80:01:69:ad:16:
be:9c:53:62:25:aa:2a:ab:27:2a:37:52:89:7d:9a:65:67:9b:
58:b2:72:40:6e:76:08:78:3b:8a:e6:41:91:89:23:6d:6a:b0:
7e:f7:91:b6:a8:2b:66:36:b7:63:bb:e0:93:1c:87:56:d5:87:
6a:bb:82:93:1f:b1:2d:76:43:44:4b:0d:2f:bd:a4:ea:81:b4:
5c:46:61:66:53:f9:1f:6a:c7:9d:a4:0d:99:a4:cb:28:95:0b:
b8:5d:80:89:82:5a:9e:d1:1f:d4:3d:11:90:db:1b:af:87:af:
37:81:43:f9:23:39:b6:6c:d0:ee:24:5d:e1:24:3a:84:ae:47:
d8:21:3c:fd:7b:45:ce:f9:e0:12:9f:c5:f6:3a:70:14:c3:67:
a5:0d:9d:02:38:7f:5b:96:d4:2c:b2:4a:19:7e:13:63:f5:b8:
2f:5a:53:49:1b:eb:de:09:e0:d6:da:17:92:87:7b:9f:22:d3:
f9:e8:62:24:01:ef:61:0a:09:a6:bc:c0:7d:8f:7c:ff:d3:94:
39:a8:e3:e5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfPzqBgEioJ6Z2fsa4+H7S+pMWC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUxMTFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyNjcyNTM3MTUxZWJiY2UxOTg0OGMzNjk4NmZmMjhkODdjNDJkMGFkY2Ix
Y2Y2YWJjZDdkOTBkOThlNjI0MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLV6HhtY5sQ/Z4rbp2+x3rMFsJs9Hd2rW9yDmanG0/+CtLzD7YnnR/y5d0Z
soYc2d8bJ7BKGZ1LBb87IDrgcBXh7PO4HHyG+/cdfMnXq0x1gU+fHTGeVm64d/g2
1f/ZZYommZqI5ww8mXQ5S6MoS7r0osC9LUZZW/U1Te5OiZIhc+xPZR+bKRIucxh5
ofIJ7UNAlegLVty30RlTa9Otgdd+RTDQEQOPL/0kzccDO4BxfmyRKZIWP7C7AANk
Y+DjMwkOI9WxLJqav+yU+xeVuvqfkg5mk0Wyiy3zPwiu3Oui9f4bQyUH2I6XpwO8
HP7tMuDX58UUkX0IZAd//oayWLcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7D0u2
Nfdzb309OtpP2EX+L6FGDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjViYWE0ZmYtYWM1ZC00NzZmLWE0MjgtZmI2NmZiMjk0ODY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HdA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbXbzwhMlQdTMhCC7Ati+1qIT7Pd0lx+aYHt4M
DznZf1hK1vF71EV9LZRQvP13Q8K9gAFprRa+nFNiJaoqqycqN1KJfZplZ5tYsnJA
bnYIeDuK5kGRiSNtarB+95G2qCtmNrdju+CTHIdW1Ydqu4KTH7EtdkNESw0vvaTq
gbRcRmFmU/kfasedpA2ZpMsolQu4XYCJglqe0R/UPRGQ2xuvh683gUP5Izm2bNDu
JF3hJDqErkfYITz9e0XO+eASn8X2OnAUw2elDZ0COH9bltQsskoZfhNj9bgvWlNJ
G+veCeDW2heSh3ufItP56GIkAe9hCgmmvMB9j3z/05Q5qOPl
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:15:40 2025 by rpki-client