Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa
File: ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa (raw, json)
Hash identifier: pwjroQKN0AkGKQiroXbnRjdKDtU3ReWAnHaVUyKpZgo=
Subject key identifier: C9:8D:6A:28:2A:6D:B2:BA:FE:A4:FC:F8:D1:36:FF:07:EF:A9:C8:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0462141FD9C3C6190E785A56A01A37D0FA1794F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa
Signing time: Tue 17 Jun 2025 00:41:10 +0000
ROA not before: Tue 17 Jun 2025 00:41:10 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:62:14:1f:d9:c3:c6:19:0e:78:5a:56:a0:1a:37:d0:fa:17:94:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:10 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=698adaa30fe9f241a4eb8afcb4d0ebc6983c80189fb2eb998da224571eddd0bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:72:c3:47:31:7d:22:e5:a4:c2:ff:91:5d:fa:
72:d1:0e:0f:01:2f:08:79:49:fc:9c:d7:d4:47:66:
49:a7:39:ba:78:25:58:e3:f4:9b:52:0e:50:d8:44:
e7:41:95:14:af:2e:d2:1f:b7:6b:5c:51:82:12:2c:
ba:76:5c:ff:4a:6e:63:3f:06:89:33:9d:c2:23:b2:
f5:24:4b:f1:1b:bf:f5:e7:54:56:d8:5c:18:93:00:
b8:ce:b0:dd:e3:b2:cb:a7:10:07:60:ac:41:1d:69:
68:c0:30:e9:eb:dc:b1:af:57:7e:52:27:0d:a2:20:
47:de:1e:86:1f:69:3f:b5:9c:3a:f7:45:51:ea:1a:
62:5f:56:cb:95:88:a9:a1:d2:c2:1f:90:a1:ff:b7:
19:26:b0:4b:bd:9d:b1:ba:22:72:f9:dc:25:67:43:
f7:a8:d9:c8:56:64:69:2e:32:bb:60:02:54:e0:a9:
4b:6c:7c:f6:1a:2f:ca:87:e8:c4:74:3d:7f:09:16:
d9:8e:2f:6d:0d:c4:c1:7a:05:32:7f:9d:e5:8a:d5:
79:14:9c:87:e5:5f:90:4a:43:08:ad:26:47:1f:d9:
c8:da:c6:4c:7a:ed:9f:bb:0f:d5:27:8f:c1:1f:f9:
de:94:5c:89:42:26:97:a3:88:c3:6f:54:41:7b:9e:
6d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:8D:6A:28:2A:6D:B2:BA:FE:A4:FC:F8:D1:36:FF:07:EF:A9:C8:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
75:6e:6b:15:46:a2:ce:cc:b3:41:bf:2e:ea:ee:1f:2d:1a:f5:
cc:1e:db:43:a1:68:68:83:0a:e7:77:07:fd:4b:69:a6:07:e3:
b9:13:f3:e4:53:c4:14:3d:5c:25:da:2b:f4:fe:e2:96:73:c7:
7f:8a:ed:b3:8f:ba:c1:9c:7f:3d:22:0b:16:e6:10:2b:87:87:
19:72:d2:28:d9:f8:45:8b:f3:28:68:91:3c:fd:cb:d6:12:14:
f5:5c:18:a0:af:b1:dc:99:8f:9b:fc:13:8c:e3:3e:1d:24:78:
f3:66:c8:93:24:53:ed:53:04:e9:ff:59:9d:d8:2b:56:10:3a:
fc:41:7c:8e:ab:9c:9d:d3:cb:16:3d:01:3a:4f:ec:8e:d4:b2:
18:4e:3b:33:52:86:01:0b:05:44:a5:00:ef:a1:3f:40:18:b8:
9c:93:e6:56:0e:48:e9:ce:32:72:04:8e:c8:b6:96:62:3e:e5:
cb:c3:6a:c7:95:0f:bd:47:a0:97:0a:a3:26:76:5a:fc:8d:9b:
64:cd:d0:d4:dc:11:5e:1a:c5:d0:af:4c:0c:11:4c:6a:8c:1a:
34:ce:9e:72:d7:53:4c:22:ab:05:0a:33:42:8e:d7:39:6b:4d:
02:0a:35:d5:31:eb:6e:73:f5:64:3b:1b:fe:40:f8:58:e7:e2:
87:65:4c:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBGIUH9nDxhkOeFpWoBo30PoXlPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMTBaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5OGFkYWEzMGZlOWYyNDFhNGViOGFmY2I0ZDBlYmM2OTgzYzgwMTg5ZmIy
ZWI5OThkYTIyNDU3MWVkZGQwYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPVyw0cxfSLlpML/kV36ctEODwEvCHlJ/JzX1EdmSac5unglWOP0m1IOUNhE
50GVFK8u0h+3a1xRghIsunZc/0puYz8GiTOdwiOy9SRL8Ru/9edUVthcGJMAuM6w
3eOyy6cQB2CsQR1paMAw6evcsa9XflInDaIgR94ehh9pP7WcOvdFUeoaYl9Wy5WI
qaHSwh+Qof+3GSawS72dsboicvncJWdD96jZyFZkaS4yu2ACVOCpS2x89hovyofo
xHQ9fwkW2Y4vbQ3EwXoFMn+d5YrVeRSch+VfkEpDCK0mRx/ZyNrGTHrtn7sP1SeP
wR/53pRciUIml6OIw29UQXuebfUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJjWoo
Km2yuv6k/PjRNv8H76nIBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEyZDVhMDEtZmExNy00ZmIzLTk3ZTctYzIxYzZlODlmOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQB1bmsVRqLOzLNBvy7q7h8tGvXMHttDoWhogwrn
dwf9S2mmB+O5E/PkU8QUPVwl2iv0/uKWc8d/iu2zj7rBnH89IgsW5hArh4cZctIo
2fhFi/MoaJE8/cvWEhT1XBigr7HcmY+b/BOM4z4dJHjzZsiTJFPtUwTp/1md2CtW
EDr8QXyOq5yd08sWPQE6T+yO1LIYTjszUoYBCwVEpQDvoT9AGLick+ZWDkjpzjJy
BI7ItpZiPuXLw2rHlQ+9R6CXCqMmdlr8jZtkzdDU3BFeGsXQr0wMEUxqjBo0zp5y
11NMIqsFCjNCjtc5a00CCjXVMetuc/VkOxv+QPhY5+KHZUxw
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:02 2025 by rpki-client