Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
File: c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa (raw, json)
Hash identifier: Nor6ZgKLJ00nHByYgOnTnMY1L0r9xF2TNJ4W0OrShWs=
Subject key identifier: 49:C3:0F:1D:68:C2:B4:D3:31:6A:87:2C:38:81:9D:A5:C4:B0:F9:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EC258788902FE8E7CEE268347746F3D785045F1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
Signing time: Mon 16 Jun 2025 21:10:20 +0000
ROA not before: Mon 16 Jun 2025 21:10:20 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:c2:58:78:89:02:fe:8e:7c:ee:26:83:47:74:6f:3d:78:50:45:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:20 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f06cf8c1cac9a52c79daf18791231d1b00e6b2ab93de60d10f1ace9c0315c6b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1c:e3:eb:c5:0b:67:cf:e5:74:74:49:af:f9:
7e:fb:7a:fb:15:e3:6a:18:27:12:f1:ef:8b:6e:fb:
da:0e:10:71:3f:e3:6f:25:a4:cb:3f:1d:0e:91:6c:
61:b5:3d:0d:d4:fa:4d:71:9d:63:2c:6a:42:e6:8c:
26:66:e1:d3:d9:0d:f8:94:bd:13:b5:d4:cd:53:4b:
aa:9c:c3:78:af:6a:f3:4b:60:23:89:e3:48:5e:9c:
25:52:0b:19:5a:e3:83:fd:61:a4:31:8f:28:ed:28:
ec:7c:b1:78:6c:3e:bd:19:a6:54:e8:b0:7b:b7:68:
28:1f:60:a6:3d:d9:31:12:73:a5:d4:a0:ef:02:67:
f8:2a:fd:e7:3c:cc:4d:88:2d:ed:f6:d2:b5:9e:35:
55:0e:75:fd:79:43:87:6d:b0:2a:2d:83:5f:6e:c0:
bb:db:a6:db:ff:07:33:b5:86:73:c0:9c:03:70:a2:
81:e9:ed:e4:5e:7c:7d:43:da:4e:ee:32:d9:70:f0:
bd:aa:5b:35:b6:78:14:94:21:e5:a8:5e:a3:14:cf:
fe:c4:9b:70:15:ef:51:86:9f:95:09:14:b4:50:35:
7b:0b:67:36:67:96:1f:7a:9d:52:06:9d:e1:1a:c8:
fb:ca:62:bb:75:f6:e0:0f:68:8e:2c:8c:aa:1f:39:
90:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:C3:0F:1D:68:C2:B4:D3:31:6A:87:2C:38:81:9D:A5:C4:B0:F9:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:a000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:f1:11:ea:c6:c7:14:50:1a:c4:eb:26:de:d3:53:67:15:05:
75:83:bf:ef:42:8b:7d:a2:72:d8:6a:08:de:3c:82:c6:f3:07:
37:98:04:29:3a:53:36:c0:49:3b:2d:67:51:f0:95:96:a4:c5:
dc:69:74:86:b3:6b:fa:a4:bf:c9:04:71:33:f4:ec:92:11:77:
cd:f1:a6:16:8c:a0:fe:e2:30:26:cf:70:e4:0f:d4:ae:1b:e8:
ca:93:23:55:0d:1e:98:38:77:ea:b1:cf:d8:1e:05:4b:ed:da:
48:5d:aa:32:e0:b9:4f:87:00:e8:1f:46:60:cb:a7:01:e7:1f:
df:c5:a6:82:fb:96:7a:cc:5c:52:10:96:69:d1:0b:48:9f:a3:
39:6a:73:1d:61:a9:63:b9:88:c5:e5:72:e8:ce:f2:97:4f:c9:
6e:64:3d:32:33:67:33:21:b5:79:a0:64:aa:c1:00:4f:01:73:
a6:36:ec:72:ec:53:71:b2:e8:a2:52:a2:6e:2a:c5:84:b9:56:
90:c6:31:37:30:d7:68:e6:57:d5:82:b4:67:84:af:93:21:05:
d9:f4:ac:9a:5a:73:44:3f:40:7f:e2:4c:d8:a3:28:4f:6b:31:
6e:74:0c:8f:03:84:36:d8:e1:31:e9:30:78:6d:c3:1e:42:f3:
08:5c:29:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXsJYeIkC/o587iaDR3RvPXhQRfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwMjBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwNmNmOGMxY2FjOWE1MmM3OWRhZjE4NzkxMjMxZDFiMDBlNmIyYWI5M2Rl
NjBkMTBmMWFjZTljMDMxNWM2YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcc4+vFC2fP5XR0Sa/5fvt6+xXjahgnEvHvi2772g4QcT/jbyWkyz8dDpFs
YbU9DdT6TXGdYyxqQuaMJmbh09kN+JS9E7XUzVNLqpzDeK9q80tgI4njSF6cJVIL
GVrjg/1hpDGPKO0o7HyxeGw+vRmmVOiwe7doKB9gpj3ZMRJzpdSg7wJn+Cr95zzM
TYgt7fbStZ41VQ51/XlDh22wKi2DX27Au9um2/8HM7WGc8CcA3Cigent5F58fUPa
Tu4y2XDwvapbNbZ4FJQh5aheoxTP/sSbcBXvUYaflQkUtFA1ewtnNmeWH3qdUgad
4RrI+8piu3X24A9ojiyMqh85kIECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJww8d
aMK00zFqhyw4gZ2lxLD5FzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM5ZGQ3MWMtZjIyYy00YmI0LTljNmYtZGZjOGM2YTAyZmZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6g
MA0GCSqGSIb3DQEBCwUAA4IBAQCa8RHqxscUUBrE6ybe01NnFQV1g7/vQot9onLY
agjePILG8wc3mAQpOlM2wEk7LWdR8JWWpMXcaXSGs2v6pL/JBHEz9OySEXfN8aYW
jKD+4jAmz3DkD9SuG+jKkyNVDR6YOHfqsc/YHgVL7dpIXaoy4LlPhwDoH0Zgy6cB
5x/fxaaC+5Z6zFxSEJZp0QtIn6M5anMdYaljuYjF5XLozvKXT8luZD0yM2czIbV5
oGSqwQBPAXOmNuxy7FNxsuiiUqJuKsWEuVaQxjE3MNdo5lfVgrRnhK+TIQXZ9Kya
WnNEP0B/4kzYoyhPazFudAyPA4Q22OEx6TB4bcMeQvMIXClv
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:18 2025 by rpki-client