Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
File: c02bd597-170b-4eec-b8d1-18d678b065fa.roa (raw, json)
Hash identifier: 5evsXsmKZ8BVTpisaH+9rAVu8e5TMMzha+LGEuAyhsA=
Subject key identifier: A1:CF:4C:7C:1C:94:F8:1D:8D:B3:6D:50:2A:6A:7E:20:E0:3F:FF:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78C18891360A214A5E414113E4FD74DB9BB7BAB4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
Signing time: Mon 16 Jun 2025 20:00:59 +0000
ROA not before: Mon 16 Jun 2025 20:00:59 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:c1:88:91:36:0a:21:4a:5e:41:41:13:e4:fd:74:db:9b:b7:ba:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:59 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=cf5a73a47eda51f6baa46727ecaec7c648f6c811503e4157dcd601c908984c38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b9:98:82:05:b7:cd:78:af:7f:d8:c4:59:04:
5d:ce:0c:19:58:66:d2:78:09:a8:c9:ee:a8:47:ae:
34:2f:e6:73:3f:bc:a0:30:2c:f0:8e:92:e1:84:12:
ef:d7:99:c3:d7:26:45:52:6d:8e:bd:73:2b:a0:20:
59:f2:9a:0e:90:67:b9:02:d2:03:6d:ae:f2:65:c2:
d8:df:0d:e8:3c:09:fa:ad:3b:90:4d:3f:75:db:a5:
96:ff:1f:1e:3a:df:0f:87:fc:d4:2f:90:f0:17:28:
4e:ed:6e:f7:e2:6c:eb:b5:7c:75:7a:41:3b:f7:9c:
3c:69:f2:ff:d1:ee:2e:22:59:eb:9c:ef:9b:86:3b:
42:6c:7b:23:36:1a:ad:99:11:ce:fc:b1:9d:2e:61:
80:e3:d2:0e:fe:d9:b8:3e:d6:06:00:06:ed:98:4b:
02:f6:32:f4:eb:f8:00:53:e5:7d:7b:a6:6b:6a:ed:
5b:9c:ac:fc:0e:b7:d4:77:06:c9:11:f4:28:44:74:
0e:42:dc:95:a3:3e:8c:c6:6a:3f:93:d8:10:40:ba:
ed:4c:a9:c4:1b:8d:e6:12:14:a2:fb:90:ab:f4:a3:
5b:ad:c0:6b:a8:c8:ac:15:0f:f8:e4:61:99:72:bd:
94:bd:2a:0c:b8:43:88:05:58:84:07:b6:69:fb:8b:
3d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CF:4C:7C:1C:94:F8:1D:8D:B3:6D:50:2A:6A:7E:20:E0:3F:FF:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8010::/48
Signature Algorithm: sha256WithRSAEncryption
6e:96:ae:a3:c4:c2:f6:1d:e1:0c:f5:02:e8:19:b6:96:03:56:
1c:9a:26:6e:09:6e:35:7d:55:35:23:3d:98:c4:51:5b:79:c2:
69:61:75:77:fd:a6:7a:90:dd:48:9c:2d:d5:b7:b3:ea:1e:55:
15:d6:ee:e1:06:c1:8a:4f:be:2c:3a:17:87:15:3b:23:3e:70:
b4:c2:10:33:5a:b6:60:cf:54:0e:5e:8a:67:7a:4a:07:7e:79:
88:c7:13:23:22:23:56:1d:57:7d:3f:ce:73:6b:99:d6:52:33:
23:c8:b1:45:3c:d4:c8:88:de:82:df:0f:f7:5d:be:fe:6f:ce:
02:ac:33:8d:98:6c:87:a6:79:ed:9c:64:9b:e6:d9:f7:47:1f:
70:af:34:83:e6:65:37:c4:51:bd:50:8d:1e:46:ab:9f:12:dd:
0d:7a:12:22:8e:15:63:a9:58:4c:ca:33:6d:fc:34:56:cd:40:
b5:6f:ca:ef:af:56:30:42:17:b5:49:33:da:c9:db:50:e4:40:
7e:7f:ad:49:41:23:8d:4d:dc:3f:c4:15:d8:24:d1:b0:6d:35:
2c:98:58:51:80:d7:a7:86:96:b0:f9:0a:a4:0a:96:9f:07:15:
d1:10:09:5b:28:9b:e4:b0:1a:bb:a2:6a:f0:6b:ee:d4:c7:38:
a9:87:c0:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeMGIkTYKIUpeQUET5P1025u3urQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNWE3M2E0N2VkYTUxZjZiYWE0NjcyN2VjYWVjN2M2NDhmNmM4MTE1MDNl
NDE1N2RjZDYwMWM5MDg5ODRjMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANG5mIIFt814r3/YxFkEXc4MGVhm0ngJqMnuqEeuNC/mcz+8oDAs8I6S4YQS
79eZw9cmRVJtjr1zK6AgWfKaDpBnuQLSA22u8mXC2N8N6DwJ+q07kE0/ddullv8f
HjrfD4f81C+Q8BcoTu1u9+Js67V8dXpBO/ecPGny/9HuLiJZ65zvm4Y7Qmx7IzYa
rZkRzvyxnS5hgOPSDv7ZuD7WBgAG7ZhLAvYy9Ov4AFPlfXuma2rtW5ys/A631HcG
yRH0KER0DkLclaM+jMZqP5PYEEC67UypxBuN5hIUovuQq/SjW63Aa6jIrBUP+ORh
mXK9lL0qDLhDiAVYhAe2afuLPa8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBShz0x8
HJT4HY2zbVAqan4g4D//+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAyYmQ1OTctMTcwYi00ZWVjLWI4ZDEtMThkNjc4YjA2NWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
EDANBgkqhkiG9w0BAQsFAAOCAQEAbpauo8TC9h3hDPUC6Bm2lgNWHJombgluNX1V
NSM9mMRRW3nCaWF1d/2mepDdSJwt1bez6h5VFdbu4QbBik++LDoXhxU7Iz5wtMIQ
M1q2YM9UDl6KZ3pKB355iMcTIyIjVh1XfT/Oc2uZ1lIzI8ixRTzUyIjegt8P912+
/m/OAqwzjZhsh6Z57Zxkm+bZ90cfcK80g+ZlN8RRvVCNHkarnxLdDXoSIo4VY6lY
TMozbfw0Vs1AtW/K769WMEIXtUkz2snbUORAfn+tSUEjjU3cP8QV2CTRsG01LJhY
UYDXp4aWsPkKpAqWnwcV0RAJWyib5LAau6Jq8Gvu1Mc4qYfAyw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:35:33 2025 by rpki-client