Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
File: c7743543-1a04-47c2-8128-1b90de9136a9.roa (raw, json)
Hash identifier: KJCiV6DvxLzU+inwgTmgmWKqZ95Nl4/KQ1/Sna4X1tQ=
Subject key identifier: 89:21:C5:EA:F5:3B:06:D7:84:13:84:E8:F8:FC:D1:AE:C7:BB:26:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EA13919AA4CD8E3BFEF0FD74FFC4B9AF4E9FE85
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
Signing time: Mon 16 Jun 2025 20:00:55 +0000
ROA not before: Mon 16 Jun 2025 20:00:55 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:a1:39:19:aa:4c:d8:e3:bf:ef:0f:d7:4f:fc:4b:9a:f4:e9:fe:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:55 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=478df37af41e0af291371822af434c89f21e9b35d98b8799dcdc5e7ae1a50d4a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ca:ad:0b:05:08:b3:71:2f:ad:23:a3:5e:46:
a1:1f:a7:7f:c6:17:4e:4b:af:17:3f:b1:a3:69:ee:
13:57:f7:45:ca:6b:28:5a:5f:bf:0e:82:01:bb:39:
95:71:5e:ba:80:7d:fc:38:84:42:55:52:b1:17:57:
92:c7:c3:20:d4:48:03:cf:af:c2:36:f5:3e:81:ec:
1f:8e:a6:b6:ea:24:a9:78:de:45:0a:24:e4:a0:57:
05:0f:d8:e0:29:25:0b:2d:20:40:8f:7c:73:ae:96:
7b:18:26:ab:0d:02:0c:01:3f:a9:c5:58:86:49:15:
e0:19:3d:d7:df:cb:be:98:2e:09:a2:6e:82:b4:f5:
4a:b7:28:63:04:81:ce:34:bc:c6:f6:38:c0:7d:44:
48:35:49:48:86:02:0f:32:69:0f:67:6a:85:34:5b:
90:1b:46:4f:fc:d7:a7:53:56:dd:cf:8c:a9:ce:e2:
c0:b5:49:31:01:e8:e6:c3:4f:87:fd:3a:f0:68:02:
44:24:4e:b8:87:9d:91:64:c5:49:a3:6c:cc:f7:65:
30:cf:04:70:8c:cf:ed:90:ce:aa:92:02:30:53:cb:
3d:97:5e:e5:52:fd:de:83:bf:f4:91:8f:c8:73:3e:
f7:50:f6:40:54:3a:dc:0d:1e:62:e5:82:ee:bb:2c:
0a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:21:C5:EA:F5:3B:06:D7:84:13:84:E8:F8:FC:D1:AE:C7:BB:26:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8090::/48
Signature Algorithm: sha256WithRSAEncryption
c2:9f:e9:7a:87:07:c3:00:a6:7c:eb:31:64:c4:34:a2:3f:be:
fd:83:23:8f:0f:84:2a:33:01:f2:ec:1e:ee:0a:95:1b:81:b2:
d0:ff:91:33:0c:35:49:2e:55:63:df:9b:f9:72:48:07:a7:aa:
6a:b2:0a:c8:57:20:5b:ab:f3:6a:1c:17:ce:da:eb:c9:d0:83:
8b:8a:e0:23:ca:39:e2:fa:b3:5e:d5:f4:da:87:a1:69:9b:87:
0d:ec:9a:42:b8:32:40:8e:89:ac:66:a2:b5:d8:6c:b5:53:c2:
12:48:e3:6c:79:a6:d6:98:75:24:bc:70:48:ff:97:f5:c9:53:
24:6a:38:65:ae:ee:9c:e0:09:93:ef:36:76:ae:8a:80:a9:a8:
69:43:df:b2:6e:83:c3:8a:28:66:b3:65:52:e9:50:23:b3:06:
4f:58:19:42:26:d6:b6:7e:42:7a:35:7e:db:d2:b2:cf:e9:36:
72:ae:cb:71:ff:22:05:7c:5a:7b:14:de:ad:29:f4:c5:7b:aa:
45:11:5d:79:cb:b8:f5:7c:a8:5e:f1:b9:96:a2:ce:e0:bf:31:
42:4b:4a:56:12:d0:3b:b2:df:30:10:43:c3:af:c3:db:05:f4:
cd:a5:bd:4d:48:c0:b7:49:3d:0e:97:f7:6d:75:13:b7:47:d1:
f6:97:d0:e7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHqE5GapM2OO/7w/XT/xLmvTp/oUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3OGRmMzdhZjQxZTBhZjI5MTM3MTgyMmFmNDM0Yzg5ZjIxZTliMzVkOThi
ODc5OWRjZGM1ZTdhZTFhNTBkNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJLKrQsFCLNxL60jo15GoR+nf8YXTkuvFz+xo2nuE1f3RcprKFpfvw6CAbs5
lXFeuoB9/DiEQlVSsRdXksfDINRIA8+vwjb1PoHsH46mtuokqXjeRQok5KBXBQ/Y
4CklCy0gQI98c66Wexgmqw0CDAE/qcVYhkkV4Bk919/LvpguCaJugrT1SrcoYwSB
zjS8xvY4wH1ESDVJSIYCDzJpD2dqhTRbkBtGT/zXp1NW3c+Mqc7iwLVJMQHo5sNP
h/068GgCRCROuIedkWTFSaNszPdlMM8EcIzP7ZDOqpICMFPLPZde5VL93oO/9JGP
yHM+91D2QFQ63A0eYuWC7rssCqUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSJIcXq
9TsG14QThOj4/NGux7smozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3NDM1NDMtMWEwNC00N2MyLTgxMjgtMWI5MGRlOTEzNmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
kDANBgkqhkiG9w0BAQsFAAOCAQEAwp/peocHwwCmfOsxZMQ0oj++/YMjjw+EKjMB
8uwe7gqVG4Gy0P+RMww1SS5VY9+b+XJIB6eqarIKyFcgW6vzahwXztrrydCDi4rg
I8o54vqzXtX02oehaZuHDeyaQrgyQI6JrGaitdhstVPCEkjjbHmm1ph1JLxwSP+X
9clTJGo4Za7unOAJk+82dq6KgKmoaUPfsm6Dw4ooZrNlUulQI7MGT1gZQibWtn5C
ejV+29Kyz+k2cq7Lcf8iBXxaexTerSn0xXuqRRFdecu49XyoXvG5lqLO4L8xQktK
VhLQO7LfMBBDw6/D2wX0zaW9TUjAt0k9Dpf3bXUTt0fR9pfQ5w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:47 2025 by rpki-client