Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
File: c575b6fa-c023-458f-85c8-9694aa053e43.roa (raw, json)
Hash identifier: D8rIJS79Y99zypSJAkQLa2cXJhfZa1DBAsPpK+I0REg=
Subject key identifier: 08:4E:E9:8A:F6:CD:57:90:36:08:25:A1:D0:14:25:D1:FF:A6:1C:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61EEFB18D530CF6AA4D959B529A4EB8072781228
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
Signing time: Mon 16 Jun 2025 19:50:24 +0000
ROA not before: Mon 16 Jun 2025 19:50:24 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:ee:fb:18:d5:30:cf:6a:a4:d9:59:b5:29:a4:eb:80:72:78:12:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:24 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c555503fead707445c4275b8f94653ff0461a07e3e0c47c8981ce3e2ada79f77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:63:77:7f:e6:46:07:c3:b6:37:e2:e3:e8:86:
8e:01:34:18:ac:64:71:94:65:74:89:a6:6d:5d:27:
3f:53:1e:e9:13:3a:68:cc:4d:1b:05:81:de:91:70:
b7:03:22:75:cc:c3:a0:a1:22:e9:e4:94:ae:f7:d2:
1e:b0:9f:f4:56:c6:77:55:c5:86:73:1d:55:71:b0:
9c:83:bc:11:b9:3f:1d:16:7d:a7:81:fc:4c:00:93:
b3:68:c8:b1:97:5d:99:a1:f4:6d:32:fc:1a:b1:f4:
c8:95:4a:0b:c3:a6:30:c9:70:6e:d5:70:81:cc:33:
fa:6d:9f:bb:1c:66:d5:ed:a0:e1:28:7c:51:f4:fd:
f4:c2:09:a3:b8:0a:d1:33:4c:27:f0:51:dd:53:60:
03:1c:10:c2:89:9e:06:1d:59:eb:94:c8:31:2c:5f:
29:c0:e7:0e:c7:4a:e3:97:eb:19:71:bf:31:aa:c3:
30:4e:e0:1f:14:c5:27:d2:a6:d6:e2:f9:9c:7e:73:
09:73:84:18:e6:5c:15:d1:76:02:4c:8b:11:b3:41:
1a:e2:b7:e8:54:b1:29:6d:40:56:46:69:6c:09:1f:
58:17:3e:42:95:24:73:be:73:e5:0c:da:d6:57:86:
9e:c2:73:1d:35:6b:e5:d4:d1:32:d3:39:d0:10:db:
75:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4E:E9:8A:F6:CD:57:90:36:08:25:A1:D0:14:25:D1:FF:A6:1C:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4080::/48
Signature Algorithm: sha256WithRSAEncryption
2d:69:7c:1d:1f:e9:6f:ac:e9:da:99:41:0d:0a:a0:4c:cd:60:
e7:6e:52:84:67:d3:6f:f4:63:20:41:e7:f0:d4:4b:c8:4d:40:
df:f4:0e:d1:92:da:99:a3:54:73:c2:51:5b:66:a7:a8:96:c8:
da:2e:b9:e1:a0:cf:d0:52:48:3e:c5:51:be:82:54:c6:fd:b5:
01:e8:28:54:ff:8f:d1:e5:63:36:c5:5f:cc:21:3a:33:5e:dc:
bc:28:35:ed:03:d3:cb:7b:e4:75:39:38:12:4f:2e:72:c7:66:
d6:2d:ce:97:61:ef:de:5c:48:79:a8:75:32:47:0d:c7:96:98:
b4:8d:95:0e:c7:a9:a6:bf:7c:71:2a:57:13:f2:19:37:b6:5c:
19:79:43:00:06:d7:57:bd:a7:33:20:fe:16:b4:92:5e:77:28:
5a:6a:65:e1:92:7a:d3:35:e7:3c:8f:8c:2b:4c:af:a7:41:73:
73:21:f3:5a:ce:68:47:e4:63:66:c5:86:4e:8f:3a:da:c4:ac:
79:fb:f9:6c:a2:d8:1c:0c:b2:2e:10:e6:60:96:52:5f:ad:97:
71:bf:b9:78:cc:05:37:de:88:90:44:9c:6c:00:07:08:c3:8f:
f5:97:ac:ed:1c:3e:91:cf:84:50:de:d5:44:e8:5d:ac:4a:23:
85:a6:d9:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYe77GNUwz2qk2Vm1KaTrgHJ4EigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwMjRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1NTU1MDNmZWFkNzA3NDQ1YzQyNzViOGY5NDY1M2ZmMDQ2MWEwN2UzZTBj
NDdjODk4MWNlM2UyYWRhNzlmNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFjd3/mRgfDtjfi4+iGjgE0GKxkcZRldImmbV0nP1Me6RM6aMxNGwWB3pFw
twMidczDoKEi6eSUrvfSHrCf9FbGd1XFhnMdVXGwnIO8Ebk/HRZ9p4H8TACTs2jI
sZddmaH0bTL8GrH0yJVKC8OmMMlwbtVwgcwz+m2fuxxm1e2g4Sh8UfT99MIJo7gK
0TNMJ/BR3VNgAxwQwomeBh1Z65TIMSxfKcDnDsdK45frGXG/MarDME7gHxTFJ9Km
1uL5nH5zCXOEGOZcFdF2AkyLEbNBGuK36FSxKW1AVkZpbAkfWBc+QpUkc75z5Qza
1leGnsJzHTVr5dTRMtM50BDbdR0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQITumK
9s1XkDYIJaHQFCXR/6YcYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzU3NWI2ZmEtYzAyMy00NThmLTg1YzgtOTY5NGFhMDUzZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
gDANBgkqhkiG9w0BAQsFAAOCAQEALWl8HR/pb6zp2plBDQqgTM1g525ShGfTb/Rj
IEHn8NRLyE1A3/QO0ZLamaNUc8JRW2anqJbI2i654aDP0FJIPsVRvoJUxv21Aego
VP+P0eVjNsVfzCE6M17cvCg17QPTy3vkdTk4Ek8ucsdm1i3Ol2Hv3lxIeah1MkcN
x5aYtI2VDseppr98cSpXE/IZN7ZcGXlDAAbXV72nMyD+FrSSXncoWmpl4ZJ60zXn
PI+MK0yvp0FzcyHzWs5oR+RjZsWGTo862sSsefv5bKLYHAyyLhDmYJZSX62Xcb+5
eMwFN96IkEScbAAHCMOP9Zes7Rw+kc+EUN7VROhdrEojhabZaw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:18 2025 by rpki-client